Vice President, Chief Information Security Officer (CISO)

Salary : Depends on Qualifications

Location : Remote

Job Type : Full-Time

Remote Employment : Remote Optional

Job Number : 00691

Department : R&D Ops

Division : General

Opening Date : 08 / 29 / 2025

About

NEOGOV is a fast-growing SaaS leader in the Public Sector with a mission to serve the people who serve the people. Our clients use our software to manage their employee lifecycle from hire to retire by streamlining processes in our centralized platform. We are passionate about technology, focused on customer success, and have an entrepreneurial environment where innovation is encouraged and rewarded.

NEOGOV is one of the top 50 fastest growing private software companies in the U.S. - Sound like a company you'd like to join? We are looking for top talent to make significant contributions to our products, technology, and customers.

We are looking to hire a visionary yet hands-on Chief Information Security Officer (CISO) at the VP level , to drive security maturity, enable product innovation, and ensure trust in our platform - especially as we expand into AI, analytics, and deeper public sector compliance. Reporting to our CTO you will own our IT Security team, guided by FedRAMP standards.

What You Will do

• Lead the entire Information Security program for our award winning SaaS company.
• Lead the strategy, planning, and implementation of a secure digital ecosystem, including innovations like AI and ML, that connect all components of the organization, enabling scalable products and trusted customer experiences.
• Act as a strategic partner to product, engineering, and data teams to embed security into the software development lifecycle and ensure our SaaS products are secure-by-design.
• Provide guidance on the secure and responsible adoption of AI / ML capabilities, including data privacy, model governance, and infrastructure controls that enable innovation with confidence.
• Lead the ongoing maturity and evolution of NEOGOV's FedRAMP Moderate program in close partnership with compliance, engineering, and external assessors.
• Champion security as a key product differentiator for NEOGOV, ensuring public sector customers view our platform as trusted, resilient, and aligned to their compliance needs
• Maintain and continuously improve security policies, standards, and procedures to align with evolving business needs, compliance requirements (e.g., SOC 2, NIST 800-53, FedRAMP), and product innovation initiatives..
• Manage the business continuity, incident response, and disaster recovery programs. Conduct regular exercises and report results to senior management, auditors, and regulators.
• Conduct regular information security risk assessments to provide security posture and areas for improvement.
• Collect and report information security metrics to senior management.
• Partner and manage various Security and IT vendors; third party risk management, new services, contracts, and renewals.
• Collaborate cross-functionally with DevOps, R&D, Compliance, HR, and Legal to embed security practices into cloud infrastructure, development workflows, and organizational operations, ensuring alignment across audits, product delivery, and regulatory requirements.

Who You Are

What You Have

What NEOGOV Offers

NEOGOV does not discriminate in employment on the basis of race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, military service, or other non-merit factors.

#LI_REMOTE

01

Will you now, or in the future, require sponsorship for employment visa status (e.g. H-1B visa status)?

02

In addition to setting security strategy, this role will occasionally require direct execution. Are you open to balancing both strategic and hands-on responsibilities?

03

Do you have direct experience working with FedRAMP Moderate, SOC 2, and NIST 800-53 frameworks?

04

How many years of experience do you have leading security programs in SaaS and cloud-native environments (e.g., AWS, Azure, Okta, DevOps workflows)?

Required Question