Job Title: Director of Cybersecurity
Job Description
The Director of Cybersecurity leads enterprise-wide cybersecurity and compliance efforts across multiple sites, with a primary focus on achieving and sustaining NIST SP 800-171 and CMMC Level 2 readiness for Department of Defense (DoD) contracts. This role owns the assessment, documentation, and remediation of security controls, including System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), audit responses, and the implementation of core technical safeguards. The Director provides oversight to local IT leadership across subsidiaries while directly supporting high-priority entities facing near-term audits and mock assessments. The successful candidate rapidly elevates the organization's cybersecurity posture, reduces risk, and ensures audit-ready compliance ahead of government assessments in a growing, contract-secure, and innovation-focused environment.
Responsibilities
Lead the organization's overall cybersecurity and compliance program across multiple sites, with primary responsibility for NIST SP 800-171 and CMMC Level 2 readiness tied to DoD contracts.
Own and maintain the company's security and compliance posture, including mapping, implementing, documenting, and sustaining all 110 controls associated with applicable DoD FAR flowdowns.
Develop, manage, and continuously update System Security Plans (SSPs) and Plans of Action and Milestones (POA&Ms) to reflect current control implementation status, remediation activities, and risk mitigation strategies.
Serve as the primary point of contact for external auditors, assessors, and third-party reviewers, coordinating responses, evidence collection, and audit communications.
Plan, coordinate, and support formal audits and mock assessments, ensuring all required documentation, technical safeguards, and processes are in place and audit-ready.
Assess the current cybersecurity health of the organization across subsidiaries, identify gaps and risks, and prioritize remediation activities to address vulnerabilities and non-compliant controls.
Lead remediation initiatives by working closely with local IT leadership and technical teams to implement required changes, track progress, and verify the effectiveness of corrective actions.
Design, guide, and oversee the implementation of security architecture and technical controls, including multi-factor authentication (MFA), FIPS-validated encryption, vulnerability management, audit logging, and boundary protection in a multi-site environment.
Provide oversight and direction to local IT teams through dotted-line relationships, ensuring consistent application of security policies, standards, and procedures across all operating companies.
Standardize cybersecurity and IT controls in a small to mid-sized, federated environment by addressing inconsistent practices, reducing risks introduced by informal "IT champions," and implementing repeatable, sustainable processes.
Collaborate with stakeholders supporting regulated environments and DoD-related operations to ensure that cybersecurity requirements are fully integrated into business processes, ERP systems, and technology roadmaps.
Monitor changes in relevant cybersecurity frameworks, regulations, and DoD requirements, and adjust internal policies, controls, and documentation accordingly.
Promote a culture of security and compliance by communicating expectations, providing guidance, and influencing change across the organization without creating unnecessary bureaucracy.
Support the secure adoption and use of cloud services, particularly Microsoft Azure and FedRAMP-aligned environments that handle Controlled Unclassified Information (CUI).
Essential Skills
Deep expertise with NIST SP 800-171 and CMMC Level 2, including the ability to map, implement, document, and sustain all 110 controls associated with DoD FAR flowdowns.
Proven experience in cybersecurity governance and audit readiness, including hands-on management of SSPs, POA&Ms, and acting as the primary point of contact for external auditors and assessors.
Practical experience designing and implementing security architecture and technical controls such as multi-factor authentication (MFA), FIPS-validated encryption, vulnerability management, audit logging, and boundary protection in multi-site environments.
Demonstrated ability to assess organizational cybersecurity posture, identify gaps and risks, and lead remediation efforts ahead of formal audits.
Experience working in regulated environments, particularly those involving DoD contracts and sensitive or controlled data.
Strong familiarity with Microsoft Azure and FedRAMP-aligned cloud environments that support Controlled Unclassified Information (CUI).
Experience overseeing local IT teams through dotted-line or federated leadership structures across multiple operating companies.
Ability to drive change management in small or mid-sized organizations by addressing inconsistent IT practices and standardizing controls.
Solid understanding of ERP systems in the @context of regulated and DoD-focused environments.
Additional Skills & Qualifications
Experience with equivalent or complementary cybersecurity and compliance frameworks such as CIS Critical Security Controls, SOC 2 Type II, HITRUST CSF, or PCI-DSS, particularly in environments handling regulated or sensitive data.
Experience working with or supporting DoD-related operations and contract requirements.
Experience operating in a multi-site, federated IT environment with complex stakeholder relationships.
Proven ability to reduce risk introduced by informal or ad hoc IT practices while maintaining agility and minimizing unnecessary bureaucracy.
Strong communication and collaboration skills to influence stakeholders and promote a culture of security and compliance.
Comfort working in fast-growing organizations with evolving processes, systems, and product lines.
Interest in or familiarity with defense-related, tactical, or training products and their associated cybersecurity considerations.
Job Type & Location
This is a Permanent position based out of Janesville, WI.
Pay and Benefits
The pay range for this position is $150000.00 - $180000.00/yr.
Company provides full time benefits and will be shared upon desire to pursue role.
Workplace Type
This is a fully onsite position in Janesville,WI.
Application Deadline
This position is anticipated to close on May 8, 2026.
Diversity, Equity & Inclusion
At Actalent, diversity and inclusion are a bridge towards the equity and success of our people. DE&I is embedded into our culture through:
Hiring diverse talent
Maintaining an inclusive environment through persistent self-reflection
Building a culture of care, engagement, and recognition with clear outcomes
Ensuring growth opportunities for our people
Actalent is an equal opportunity employer.
About Actalent
Actalent is a global leader in engineering and sciences services. For more than 40 years, we've helped visionary companies advance their goals. Headquartered in the United States, our teams span 150 offices across North America, EMEA, and APAC-with four delivery centers in India led by 1,000+ extraordinary employees who connect their passion with purpose every day.
Our Bangalore, Hyderabad, Pune, and Chennai delivery centers are hubs of engineering expertise, with core capabilities in mechanical and electrical engineering, systems and software, and manufacturing engineering. Our teams deliver work across multiple industries including transportation, consumer and industrial products, and life sciences. We serve more than 4,500 clients, including many Fortune 500 brands. Learn more about how we can work together at actalentservices.com.
