Apply Now

Please mention DailyRemote when applying

AI Summary

Develop and lead the enterprise cybersecurity, information risk management, and compliance strategy across a multi-site manufacturing organization. Protect intellectual property, OT/ICS environments, and cloud infrastructure while overseeing security operations and AI governance.

Company Description

Mission Critical Group (MCG) is an end-to-end power solutions and services provider that accelerates time-to-power and delivers scalable, resilient infrastructure for mission critical environments. By integrating engineering, manufacturing, modular deployment, and lifecycle services under one platform, we streamline execution and bring complex projects online faster - without compromising performance. With more than 1.5 million square feet of U.S. manufacturing capacity, MCG supports data centers, power generation, healthcare, oil & gas, pharmaceuticals, semiconductors, and industrial facilities where uptime is non-negotiable.  

Job Description

The Chief Information Security Officer (CISO) is responsible for developing, implementing, and leading the enterprise cybersecurity, information risk management, and compliance strategy across a multi-site manufacturing organization.  CISO partners with business leaders, engineering, operations, legal, HR, and executive leadership to protect intellectual property, manufacturing systems, operational technology (OT), industrial control systems (ICS), cloud infrastructure, and enterprise applications while enabling business growth and digital transformation.

CISO provides strategic leadership over cybersecurity governance, regulatory compliance, cyber risk, incident response, disaster recovery, identity management, and secure adoption of emerging technologies including AI and cloud platforms.

The ideal candidate has extensive experience securing both Information Technology (IT) and Operational Technology (OT) environments within manufacturing.

Key Responsibilities

Executive Leadership

  • Develop and execute the enterprise cybersecurity strategy aligned with business objectives.
  • Present cybersecurity risks, metrics, investment strategies, and emerging threats to executive leadership.
  • Build a security-first culture throughout the organization.
  • Develop long-term cybersecurity roadmaps supporting mergers, acquisitions, and business growth.

Cybersecurity Governance

Lead the enterprise security program including:

  • Information Security Governance
  • Cyber Risk Management
  • Security Policies and Standards
  • Enterprise Security Architecture
  • Third-Party Risk Management
  • Data Governance
  • AI Governance
  • Security Awareness Program
  • Enterprise Vulnerability Management

Develop security scorecards and executive dashboards to measure organizational risk.

Manufacturing & Operational Technology (OT) Security

Lead security initiatives protecting:

  • Industrial Control Systems (ICS)
  • SCADA Environments
  • PLC Networks
  • Manufacturing Execution Systems (MES)
  • Robotics
  • IoT Devices
  • Plant Networks
  • Building Automation Systems

Responsibilities include:

  • Network segmentation
  • Zero Trust architecture
  • Secure remote vendor access
  • Asset inventory
  • Patch management
  • OT vulnerability assessments
  • ICS incident response
  • Plant cyber resiliency

IT Infrastructure Security

Provide oversight for:

  • Microsoft 365
  • Azure
  • Active Directory / Entra ID
  • Identity Governance
  • Privileged Access Management (PAM)
  • Endpoint Detection & Response (EDR)
  • SIEM / SOAR
  • Email Security
  • Secure Cloud Architecture
  • Data Loss Prevention (DLP)
  • Network Security
  • VPN
  • Firewalls
  • Secure Remote Access

Compliance & Regulatory Leadership

Ensure compliance with:

  • NIST Cybersecurity Framework (CSF)
  • NIST SP 800-53
  • NIST SP 800-171
  • CMMC Level 2 (if applicable)
  • ISO 27001
  • SOC 2 Type II
  • CIS Controls
  • ITAR
  • DFARS
  • GDPR
  • CCPA
  • PCI-DSS (where applicable)
  • HIPAA (where applicable)

Lead internal and external security audits.

Risk Management

Establish enterprise processes for:

  • Cyber Risk Assessments
  • Business Impact Analysis
  • Risk Register Management
  • Vendor Security Reviews
  • Penetration Testing
  • Security Architecture Reviews
  • Application Security
  • Secure Software Development
  • M&A Security Due Diligence

Security Operations

Oversee:

  • Security Operations Center (SOC)
  • Incident Response
  • Threat Hunting
  • Threat Intelligence
  • Digital Forensics
  • Vulnerability Management
  • Patch Governance
  • Security Monitoring
  • Identity Monitoring
  • Endpoint Protection

Develop and test the Cyber Incident Response Plan.

Business Continuity & Disaster Recovery

Lead enterprise resiliency programs including:

  • Disaster Recovery
  • Business Continuity
  • Cyber Recovery
  • Ransomware Recovery
  • Crisis Management
  • Tabletop Exercises
  • Executive Incident Simulations

Data Protection

Develop enterprise data protection strategies covering:

  • Intellectual Property
  • Engineering Designs
  • CAD Files
  • ERP Data
  • Manufacturing Data
  • Customer Information
  • Financial Information
  • Supplier Information

Implement:

  • Data Classification
  • Encryption
  • Rights Management
  • Data Loss Prevention
  • Secure Collaboration

Artificial Intelligence Governance

Provide executive oversight for:

  • AI Governance Program
  • Secure AI Adoption
  • LLM Risk Management
  • AI Vendor Assessments
  • Responsible AI Policies
  • AI Data Protection
  • AI Security Controls
  • Shadow AI Prevention
  • AI Risk Assessments

Vendor & Third-Party Security

Develop a mature vendor security program including:

  • Security Assessments
  • Contract Security Requirements
  • Continuous Monitoring
  • Supply Chain Risk Management
  • Software Risk Reviews
  • Cloud Vendor Governance

Leadership Responsibilities

Lead and mentor teams responsible for:

  • Security Engineering
  • Security Operations
  • Governance, Risk & Compliance (GRC)
  • Identity & Access Management
  • OT Security
  • Cloud Security
  • Security Architecture
  • Security Awareness
  • Disaster Recovery

Manage cybersecurity budgets, staffing, strategic planning, and technology investments.

Qualifications

Required

  • Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Engineering, or related field.
  • 15+ years of progressive IT and cybersecurity leadership experience.
  • 8+ years leading enterprise cybersecurity organizations.
  • Experience in securing manufacturing environments.
  • Experience securing Operational Technology (OT).
  • Experience presenting to executive leadership and Boards.
  • Experience leading enterprise incident response.
  • Experience managing cybersecurity budgets exceeding $5M.
  • Strong knowledge of Microsoft enterprise security technologies.

Certifications

Preferred certifications include:

  • CISSP
  • CISM
  • CRISC
  • CGEIT
  • CCSP
  • GIAC (GICSP, GRID, GCIA, GREM)
  • Certified Information Systems Auditor (CISA)
  • Microsoft Cybersecurity Architect Expert (SC-100)
  • Azure Security Engineer (AZ-500)
  • Certified Ethical Hacker (CEH)

Key Competencies

  • Leadership
  • Strategic planning
  • Cyber risk management
  • Board communication
  • Manufacturing cybersecurity
  • OT/ICS security
  • Crisis leadership
  • Regulatory compliance
  • Enterprise architecture
  • Cloud security
  • AI governance
  • Vendor negotiations
  • Team development
  • Financial management
  • Change leadership

Key Performance Indicators (KPIs)

  • Mean Time to Detect (MTTD)
  • Mean Time to Respond (MTTR)
  • Enterprise cyber risk score
  • Critical vulnerability remediation SLA
  • Phishing susceptibility rate
  • Multi-factor authentication adoption
  • Security awareness completion
  • Third-party risk assessment completion
  • Audit findings closed on time
  • Compliance score (NIST/ISO/CMMC)
  • OT security maturity score
  • Incident reduction year over year
  • Disaster recovery testing success rate
  • Ransomware recovery readiness
  • Security budget performance

Additional Information

A Note to our Recruitment Partners: We really appreciate the interest, but MCG currently manages hiring through our internal team. We love getting to know our candidates directly! Because of this, we don’t accept unsolicited resumes from agencies at this time. If we ever need an extra hand, we’ll be sure to reach out to the community. Thanks for understanding!

 

MCG is an equal opportunity employer prohibiting discrimination based on race, color, creed, religion, sex, marital status, physical or mental disability, and any other protected classes stated by applicable federal and state laws. MCG is committed to providing equal employment opportunities to qualified individuals with disabilities and to act in accordance with regulations and guidance issued by the Equal Employment Opportunity Commission (EEOC).

  • Department: Information Technology
  • Job Site: Any MCG Location
  • FLSA Status: Exempt
  • Similar Jobs

    See all Remote Software Development jobs →

    Personalize your Remote Job Search in 3 Easy Steps!

    Discover remote opportunities in Software Development

    Answer easy questions

    Answer easy questions

    200,000+ jobs across 15+ categories

    Get your best job matches

    Get your best job matches

    Only hand-screened, legit jobs

    Find a remote job faster

    Find a remote job faster

    No ads, scams, or junk

    I was the first applicant for a remote marketing position that got listed on the company website the same day I applied. Had an interview within 48 hours!

    Sarah J. — Sarah J. · Marketing Manager ★★★★★ Verified