Chief Information Security Officer (CISO)

About 1Kosmos

1Kosmos is a growing startup revolutionizing identity and authentication solutions. We're seeking a hands-on security leader who thrives in a technical, fast-paced environment and is ready to build and scale our security operations from the ground up.

About the Role

We're looking for a hands-on security leader to serve as CISO. The candidate must be a highly technical, operationally focused security leader who can roll up their sleeves and directly implement security solutions while building our security posture. This role is ideal for a senior security operations professional ready to transition into strategic leadership while maintaining a deep technical involvement.

Key Responsibilities

Security Operations Leadership (Primary Focus)

• Design, implement, and manage a comprehensive security operations infrastructure

• Personally configure and deploy security tools, including endpoint protection, SIEM, and cloud security solutions

• Build and optimize security monitoring, incident response, and threat detection capabilities

• Drive automation initiatives to eliminate manual inefficiencies in security processes

Compliance and Risk Management

• Lead compliance initiatives including FedRAMP, SOC 2, and other regulatory frameworks

• Partner with business analysts to navigate regulatory requirements and audits

• Develop and maintain security policies, procedures, and documentation

• Manage security risk assessments and remediation programs

Technical Security Architecture

• Secure cloud infrastructure across AWS, Google Cloud, and other platforms

• Integrate security into CI/CD pipelines, working closely with DevOps teams

• Implement and manage security tools (CrowdStrike, etc.) across the organization

• Conduct hands-on security reviews of architecture and code

Cross-functional Collaboration

• Partner directly with development and engineering teams on secure software development

• Oversee internal IT security (smaller component of role)

• Communicate security initiatives and status to leadership and stakeholders

• Coordinate with global teams to ensure consistent security practices

Requirements:
Required Qualifications

Technical Expertise

• Minimum 7+ years in security operations with demonstrated hands-on experience

• Deep expertise in cloud security (AWS, Google Cloud, Azure)

• Proven ability to personally deploy and configure enterprise security tools

• Strong understanding of modern DevOps practices and CI/CD security integration

• Experience with security automation and orchestration

Compliance and Governance

• Hands-on experience with FedRAMP certification processes

• Track record of achieving and maintaining SOC 2, ISO 27001, or similar certifications

• Understanding of regulatory compliance requirements and audit processes

Leadership and Communication

• Experience leading security initiatives in fast-growing organizations

• Strong communication skills for collaborating with global, distributed teams

• Ability to translate technical security concepts for various stakeholders

• Comfortable working in a startup environment with evolving requirements

Preferred Qualifications

• Currently in a similar-sized company CISO role, or a Deputy CISO, Director of Security Operations, or similar "CISO minus one" role at a larger organization

• Experience in identity management or authentication technologies

• Background in both security operations and security engineering

• Previous startup or scale-up experience

• Located in or willing to work EST hours (strong preference for NY/NJ area)

• Public-facing CISO experience (client communications) is a plus but not required

What We're NOT Looking For

• Pure policy/governance executives without hands-on technical skills

• Traditional "big company" CISOs focused only on strategy and presentations

• Candidates who expect to delegate all technical work from day one

• Security leaders who haven't maintained current technical skills

Benefits:
What We Offer

• Opportunity to build and shape security at a growing startup

• Direct impact on product and company security posture

• Collaborative environment with talented engineering teams

• Competitive compensation and equity package

• Flexible work arrangements with preference for hybrid in NY/NJ area