Federal Chief Information Security Officer (Ciso)

Who We Are:

Exiger transforms supply chains into a strategic advantage-advancing our mission to make the world a safer and more transparent place to succeed. Our AI platform, 1Exiger, delivers instant visibility into complex supplier ecosystems, leveraging proprietary data and advanced AI to surface risk, automate compliance, and unlock efficiencies and cost savings to strengthen long-term resilience. Trusted by 550+ global customers-including Fortune 500 companies and U.S. government agencies-Exiger is a recognized, award-winning leader in supply chain AI and a FedRAMP authorized provider to the federal government.

Federal Chief Information Security Officer (CISO)

Location: McLean, VA of Richmond, VA

Work Environment: Hybrid 

Role summary

Exiger is seeking a mission-driven Federal Chief Information Security Officer (CISO) to lead the security, accreditation, and regulatory strategy supporting our U.S. Public Sector business. This role will serve as the executive authority for federal security compliance, government authorizations, and secure cloud architecture enablement across civilian and defense customers.

This is a strategic leadership role responsible for strengthening Exiger's credibility and scalability within the federal marketplace while ensuring operational excellence across all government compliance programs.

What You'll Do: 

• Serve as the executive owner of Exiger's federal information security and authorization strategy across civilian and defense environments.
• Lead all aspects of federal accreditation programs, including FedRAMP High, DoD CC SRG IL5 and IL6, and agency-specific Authority to Operate initiatives.
• Establish and mature a scalable compliance operating model that supports continuous monitoring, audit readiness, and regulatory reporting.
• Build customer-ready assurance packages that support federal procurement and oversight that helps agencies assess capability, limitations, vendor lock-in risk, and ongoing monitoring needs for AI systems.
• Act as the primary interface with federal security stakeholders, including Authorizing Officials, agency security teams, third-party assessment organizations, and oversight bodies.
• Translate evolving federal cybersecurity mandates such as NIST frameworks, FISMA, and CMMC into actionable technical and operational requirements.
• Partner cross-functionally with Engineering, Cloud Infrastructure, Product, Legal, and Public Sector Sales to ensure security controls are embedded into architecture and delivery models.
• Design automation strategies that streamline compliance evidence collection, reporting, and risk management processes.
• Provide executive-level guidance to support federal sales pursuits, including security briefings and customer assurance discussions.
• Build and lead a high-performing federal security and compliance function aligned to business growth objectives.

What You Need:

• 10+ years of progressive leadership experience in federal cybersecurity, information assurance, or cloud compliance.
• Experience leading security for federal programs, regulated cloud or SaaS platforms, or technology delivery environments that must satisfy FAR, NIST, RMF, and customer audit requirements
• Demonstrated ownership of FedRAMP and DoD IL5 or IL6 authorization processes within a SaaS or cloud-based technology company.
• Deep expertise in federal security standards and controls, including NIST 800-53, NIST 800-171, FISMA, CMMC, and Authority to Operate lifecycle management.
• Experience operating within AWS GovCloud and/or Azure Government environments.
• Demonstrated ability to work with engineering, data science, product, privacy, legal contracts, capture, and delivery teams to insert security gates into the AI development lifecycle rather than treating AI risk as a post-build review.
• Proven success leading audit engagements and managing continuous monitoring programs.
• Strong understanding of cloud-native security architecture, identity and access management, encryption standards, vulnerability management, and security monitoring platforms.
• Executive presence with the ability to communicate effectively with both technical and non-technical stakeholders.
• Experience building or scaling compliance teams in growth-oriented organizations.
• Ability to obtain and maintain a U.S. security clearance.

Why You'll Love Working at Exiger:

At Exiger, we empower our teams to solve complex global challenges in partnership with some of the world's most critical institutions. We offer:

• High-performance culture rooted in accountability, collaboration, and a shared commitment to excellence
• Competitive base salary and performance-based incentives
• Equity participation opportunities
• Comprehensive medical, dental, and vision coverage
• 401(k) with company match
• Generous paid time off and company holidays
• Parental leave and family support programs
• Hybrid work environment fostering collaboration and flexibility

We operate with urgency, accountability, and a commitment to excellence while building a culture grounded in integrity, transparency, and shared mission.

#Li-Hybrid

Exiger is named a Leader in the Gartner Magic Quadrant for Supplier Risk Management, twice selected as one of Fast Company's 'Brands That Matter,' and recipient of the Third Party Risk Association's Innovator Award, Exiger's technology has been recognized by leading analyst evaluations and 50+ awards. Learn more at Exiger.com and follow Exiger on LinkedIn.

At Exiger, our values define how we work and why we lead. We are mission-inspired, imagination-driven, trust-anchored, and compassion-focused-committed to building technology that makes the world safer, more transparent, and more resilient.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Exiger's hybrid work policy is periodically reviewed and adjusted to align with evolving business needs.