Job description
Start Date: Immediate
EXPANSIA is a service-disabled veteran-owned company that empowers organizations to be mission ready now with data, people, and ecosystems. As experts in continuous-delivery methods that drive digital adoption, we are dedicated to innovation, efficiency, and technology that benefit the warfighter. EXPANSIA specializes in integration, automation, and sustainment modernization through technology-enabled delivery models, digital engineering, and cloud-ready solutions.
OVERVIEW
Full-time/Permanent Employee
Location: Remote, United States
A Director of IT and Cyber oversees a multifaceted team responsible for providing technical support to computer system and network users while also contributing to the management and execution of cybersecurity operations, both internally and as well as customer facing. This role involves managing a team of internal and contract support personnel, implementing policies and procedures for CMMC 2.0 and ISO 27001:2022 compliance, evaluating new information systems and cybersecurity suppliers, and coordinating procurement activities. A Director of IT and Cyber must possess comprehensive knowledge and expertise in cybersecurity principles, practices, and technologies, with a strong understanding of the DOD’s cybersecurity requirements and the Risk Management Framework (DoDI 8510.01). This position is ideal for a seasoned IT leader who can bridge the gap between cybersecurity, cloud-native infrastructure, and modern software engineering practices. The ideal candidate brings both strategic leadership and deep technical expertise in architecting secure, scalable systems across cloud environments.Β Additionally, the Director plays a crucial role in threat intelligence collection, incident response, and cybersecurity investigations.
The proposed salary range for this position is $158,900-$188,900. There are a host of factors that can influence final salary including, but not limited to, relevant prior work experience, specific skills and competencies, geographic location, education, and certifications. Our employees value the flexibility EXPANSIA allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our unique mix of benefits options is designed to support and protect employees and their families. Employment benefits include health and wellness programs, income protection, paid leave and retirement and savings.
RESPONSIBILITIES
- Serve as the DOD RMF SME for EXPANSIA including:
Provide guidance and oversight on the design and implementation of secure architectures for DOD projects
Provide hands-on support and project guidance for DevSecOps pipeline security, including integration of static and dynamic analysis tools (SAST/DAST), container scanning, and artifact signing
Lead the development and maintenance of Authority to Operate (ATO) packages, ensuring compliance with DOD cybersecurity standards
Oversee the preparation of documentation, such as System Security Plans (SSPs) and Risk Assessment Reports (RARs), to support ATO processes
Coordinate with government representatives and internal teams to facilitate ATO artifact creation, reviews and approvals
Evaluate and recommend cybersecurity technologies and controls to enhance system security
Collaborate with engineering teams to integrate security requirements throughout the system development lifecycle
Advise on Software Bill of Materials (SBOM) generation and software supply chain risk management practices
Develop and maintain a robust security awareness and training program for DOD project personnel
Collaborate with technical teams to identify and mitigate vulnerabilities in IT systems and networks
Assist planning and development teams by removing roadblocks, mentoring, training, and advocating for resources
Contribute to proposal efforts as required
- Serve as the Director of IT Operations including:
Lead and implement IT and cybersecurity initiatives to optimize processes, improve productivity, and ensure operational quality
Identify, assess, and mitigate portfolio and project risks to maintain integrity and success
Oversee external contractors supporting EXPANSIA networks and IT functions
Recommend and implement IT improvements with a focus on continuous optimization
Develop and maintain technical solutions and SOPs for incident response, network security, and analytic tools
Conduct regular risk assessments and security audits to drive prioritized remediation
Ensure compliance with DoD cybersecurity regulations, including NIST SP 800-171 and DFARS 252.204-7012
Monitor emerging technology trends to strengthen cybersecurity posture
Support employee professional development and career growth
Partner with HR for talent acquisition, onboarding, and offboarding
Provide day-to-day personnel and performance management for assigned staff
Build and maintain strong relationships with internal teams and external clients, including leadership
Develop staffing plans to ensure the right mix of skills and labor for contract execution
Manage assigned budgets efficiently, optimizing resource allocation and cost control
Ensure all contract requirements are executed per labor category and contract terms
Perform additional duties as needed to support organizational and project success
KEY QUALIFICATIONS
Clearance: Eligible to obtain a Top-Secret clearance (or contract required clearance level)
Travel Requirements: Willingness to travel to user locations within the US periodically
Experience and Education: Bachelor’s (or equivalent) in Computer Science, Information Technology or a related field with 12+ years of relevant experience or a Master’s with 10+ years of relevant experience. At least 4 years in a management capacity.
Minimum of 8 years’ experience in IT and cybersecurity roles, with at least 5 years of experience in the DOD contracting space
Extensive knowledge of DOD cybersecurity regulations, standards, and frameworks, including NIST, DFARS, and CMMC.
Proven experience leading ATO development processes and preparing ATO documentation for DOD contracted systems.
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Governance, Risk and Compliance (CGRC) or similar certification for a senior cybersecurity manager
Agile Certifications (Scrum Master, Product Owner, Release Train Engineer, etc)
Strong understanding of cybersecurity operations, incident response, security architecture, and risk management principles
Experience with modern software development practices, including Agile/SAFe methodologies, CI/CD, containerization (Docker, Kubernetes), and automated testing
Familiarity with DevSecOps toolchains, including tools like GitLab/GitHub, SonarQube, Nessus, and AWS Inspector
Demonstrates strong leadership, integrity, and accountability
Excellent communication, interpersonal, and oral briefing skills
Proven ability to mentor teams and set high technical standards across IT, software, and cybersecurity domains
Mission-focused and committed to supporting our nationβs warfighters
Results-driven with a passion for transformative outcomes
Courageous in decision-making and proactive in problem-solving
Dedicated to continuous learning, growth, and collaboration across all levels of the organization
Security+ Certification
PREFERRED ADDITIONAL QUALIFICATIONS
- Proficiency with at least one scripting or programming language (e.g., Python, PowerShell, JavaScript) for automation, orchestration, or tooling integration
- Hands-on experience designing or managing cloud infrastructure (AWS, Azure, or GCP), especially in GovCloud, Cloud One, or IL5/IL6-classified environments
- Β Relevant certifications such as CISSP, CISM, or CEH.
EXPANSIA is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.
