Chief Information Security Officer (CISO)

About 1Kosmos 

1Kosmos is a growing startup revolutionizing identity and authentication solutions. We're seeking a hands-on security leader who thrives in a technical, fast-paced environment and is ready to build and scale our security operations from the ground up. 

About the Role 

We're looking for a hands-on security leader to serve as CISO.  The candidate must be a highly technical, operationally focused security leader who can roll up their sleeves and directly implement security solutions while building our security posture. This role is ideal for a senior security operations professional ready to transition into strategic leadership while maintaining a deep technical involvement. 

Key Responsibilities 

Security Operations Leadership (Primary Focus) 

• Design, implement, and manage a comprehensive security operations infrastructure 

• Personally configure and deploy security tools, including endpoint protection, SIEM, and cloud security solutions 

• Build and optimize security monitoring, incident response, and threat detection capabilities 

• Drive automation initiatives to eliminate manual inefficiencies in security processes 

Compliance and Risk Management 

• Lead compliance initiatives including FedRAMP, SOC 2, and other regulatory frameworks 

• Partner with business analysts to navigate regulatory requirements and audits 

• Develop and maintain security policies, procedures, and documentation 

• Manage security risk assessments and remediation programs 

Technical Security Architecture 

• Secure cloud infrastructure across AWS, Google Cloud, and other platforms 

• Integrate security into CI/CD pipelines, working closely with DevOps teams 

• Implement and manage security tools (CrowdStrike, etc.) across the organization 

• Conduct hands-on security reviews of architecture and code 

Cross-functional Collaboration 

• Partner directly with development and engineering teams on secure software development 

• Oversee internal IT security (smaller component of role) 

• Communicate security initiatives and status to leadership and stakeholders 

• Coordinate with global teams to ensure consistent security practices

Required Qualifications 

Technical Expertise 

• Minimum 7+ years in security operations with demonstrated hands-on experience 

• Deep expertise in cloud security (AWS, Google Cloud, Azure) 

• Proven ability to personally deploy and configure enterprise security tools 

• Strong understanding of modern DevOps practices and CI/CD security integration 

• Experience with security automation and orchestration 

Compliance and Governance 

• Hands-on experience with FedRAMP certification processes 

• Track record of achieving and maintaining SOC 2, ISO 27001, or similar certifications 

• Understanding of regulatory compliance requirements and audit processes 

Leadership and Communication 

• Experience leading security initiatives in fast-growing organizations 

• Strong communication skills for collaborating with global, distributed teams 

• Ability to translate technical security concepts for various stakeholders 

• Comfortable working in a startup environment with evolving requirements 

Preferred Qualifications 

• Currently in a similar-sized company CISO role, or a Deputy CISO, Director of Security Operations, or similar "CISO minus one" role at a larger organization 

• Experience in identity management or authentication technologies 

• Background in both security operations and security engineering 

• Previous startup or scale-up experience 

• Located in or willing to work EST hours (strong preference for NY/NJ area) 

• Public-facing CISO experience (client communications) is a plus but not required 

What We're NOT Looking For 

• Pure policy/governance executives without hands-on technical skills 

• Traditional "big company" CISOs focused only on strategy and presentations 

• Candidates who expect to delegate all technical work from day one 

• Security leaders who haven't maintained current technical skills 

What We Offer 

• Opportunity to build and shape security at a growing startup 

• Direct impact on product and company security posture 

• Collaborative environment with talented engineering teams 

• Competitive compensation and equity package 

• Flexible work arrangements with preference for hybrid in NY/NJ area