Chief Information Security Officer (CISO)

Chief Information Security Officer (CISO) United Launch Alliance

• 3.6 Centennial, CO Job Details Full-time $172,973
• $321,235 a year 1 day ago Benefits Paid time off 401(k) matching Qualifications Contract documentation review Vendor contracts Contract management Stakeholder engagement Contract review Incident management IT system monitoring Regulatory compliance ROI Information security compliance Team development Managing budgets in a finance role Bachelor's degree Team management Mentoring Third-party risk management Recruiting IT services information & network security Vulnerability management IT Cross-functional collaboration Incident response implementation Financial acumen Cross-functional communication Identity & access management Stakeholder management IT security monitoring Full Job Description Chief Information Security Officer (CISO)

Date:

May 11, 2026

Location:

Centennial, CO, US, 80112 Cape Canaveral, FL, US, 32925 Decatur, AL, US, 35601 Vandenberg

AFB, CA, US, 93437

Arlington, VA, US, 22209

Company:

United Launch Alliance Requisition ID:

1721

Standard Weekly Hours:

40.00

Location:

ULA

• Denver, ULA
• Cape Canaveral, ULA
• Decatur, ULA
• Vandenberg

AFB, ULA

• Washington DC (CC ULS)

Relocation:

Yes

• Relocation may be available

Travel Requirements:

10% At ULA, success comes through the efforts of a strong, united team. Thanks for your interest in United Launch Alliance, the world's most experienced and reliable space launch company! Successfully launching more than 155 consecutive missions with 100% mission success doesn't happen by accident. It's a testament to the commitment and dedication of our team of rocket scientists and support employees combined with the systems and processes we use to pull them together. As a ULA employee, you'll have the opportunity to grow in your career while working in a team-oriented culture that combines technology, innovation, ingenuity and a commitment to the extraordinary. Whether you are in college just launching your career, or, have experience and want to come work with the best rocket team in the world, our unshakable unity yields stronger solutions and better results as we carry out our mission to save lives, explore the universe, and connect the world. Our team is excited to meet you! Job Overview & Responsibilities At ULA, the Chief Information Security Officer (CISO) is responsible for the overall Security of the ULA Enterprise IT Infrastructure and Application portfolio including all IT Infrastructure, Applications and Data. The CISO is responsible for maintaining compliance with all security & compliance contractual requirements including

DFARS, ISO

27000, AS9100, CMMC, as well as maintaining classified systems security, compliance, and accreditation.

Primary Responsibilities:

Leadership of the IT Cyber Security Team and Security Operations Center (SOC) including both ULA employees and service providers. Overall Security of the ULA Enterprise IT Infrastructure and Application portfolio including all IT Infrastructure, Applications and Data. Maintain compliance with all security & compliance contractual requirements including

DFARS, ISO

27000, AS9100, CMMC, as well as maintaining classified systems security, compliance, and accreditation. Review and analyze contracts for security & compliance implications and make favorable redlines, as appropriate and necessary. Use the Risk Management Framework principles to implement security and compliance controls while enabling organizational agility and execution. Ensure the Security of United Launch Alliance Data, Systems and overall IT Enterprise Architecture through the implementation and management of Leading Information Security Controls, Industry Best-Practices, Advanced Monitoring and Analysis Solutions, Advanced Threat Management Solutions, Intrusion Detection and Prevention Systems, Risk Management. Develop and execute a robust and innovative Information Security Strategy and multi-year roadmap leveraging advances in Cyber Security technologies and capabilities, state-of-the-art secure operating systems, networks, applications, and database products. Business Process Development, Documentation of IT Policies and Procedures, and Integration of the IT Security value stream across the enterprise. Ensure a high level of system and data integrity through in-depth monitoring, event analysis, immediate incident response and rapid recovery. Manage ULA Access Control, support ULA Legal and the Office of Internal Governance with investigations. Manage cyber incidents & vulnerabilities to resolution resulting from vulnerability scanning and Advanced Persistent Threat notifications. Partner with other IT teams including IT Infrastructure, IT Project Management Office, IT Vendor Management Office, IT Applications, and other business units such as Engineering and Launch to implement appropriate IT security and compliance controls while enabling successful execution of IT projects and meeting project schedules. Serve as a voting member of the IT Change Management Board and IT Architecture Board. Assess organizational impacts and develop risk mitigation strategies. Incorporate organizational change initiatives into plans to increase acceptance and improve results. Utilize approval processes to validate the investment value for IT projects. Drive Enhanced Security Initiative projects to closure. Conducts risk assessment and provides recommendations for application design. Prepare security reports to regulatory agencies. Required Education Bachelor Required Years of Experience Minimum of 10 years of related work experience Basic Qualifications Bachelor's degree from an accredited college or university required, Master's degree in Cybersecurity, Information Technology, Business Administration, or related field preferred Minimum of 10+ years of progressive experience in Cybersecurity, Information Security, IT Operations, or related technical/administrative disciplines within complex enterprise environments At least 4+ years of demonstrated leadership experience managing high-performing teams of 20+ security professionals, including exempt employees, technical leaders, and outsourced Security Operations Center (SOC) resources Ability to obtain and maintain a TS/SCI security clearance is required; U.S. Citizenship required Industry-recognized security certifications such as Certified Information Systems Security Professional (CISSP) strongly preferred; additional certifications such as CISM, CISA, or Security+ are a plus Proven track record of successfully leading enterprise Cybersecurity programs and Security Operations Centers (SOC), including incident response, threat detection, vulnerability management, and continuous monitoring initiatives Extensive knowledge of Cybersecurity technologies, frameworks, architectures, and operational best practices across cloud, network, endpoint, identity, and data security domains Deep understanding of Defense Industrial Base (DIB) security and compliance requirements, including

ITAR, DFARS, NIST 800-171, NIST 800-53, CNSSI 1253, CMMC, ISO

27001, and AS9100 compliance frameworks Demonstrated experience interpreting, reviewing, and negotiating contractual security and compliance requirements, including identifying risk exposure and recommending favorable contract redlines when appropriate Strong understanding of third-party/vendor risk management lifecycle processes, including sourcing, procurement, onboarding, governance, compliance monitoring, and vendor relationship management Financial and operational acumen with experience evaluating business cases, budgeting, depreciation schedules, capitalization strategies, return on investment (ROI), and total cost of ownership (TCO) analyses Proven ability to recruit, mentor, develop, and retain high-performing teams while fostering a culture of accountability, collaboration, and continuous improvement Executive-level communication and presentation skills with the ability to effectively engage internal leadership, customers, auditors, regulatory bodies, and external vendor partners Strong interpersonal and stakeholder management skills with the ability to influence cross-functional teams, build strategic partnerships, and drive alignment across organizational priorities Exceptional analytical and problem-solving capabilities with the ability to balance technical risk, operational efficiency, compliance obligations, and business objectives in a fast-paced environment Demonstrated ability to lead through change, manage competing priorities, and deliver measurable business outcomes through collaboration with internal and external stakeholders Preferred Qualifications Prior experience in the Aerospace & Defense industry. Thorough understanding of Cybersecurity requirements including, but not limited to DFARS 252.204-7012 and

NIST 800-171, CNSSI

1253 and

NIST 800-53, CMMC 2.0, ISO 27001, AS9100

Prior experience leading through Cybersecurity audits and responding to findings with appropriate plans of action. Prior experience leading Cybersecurity Incident Management. Prior experience developing Cybersecurity KPIs and Metrics. Executive presentation skills. Prior experience creating and implementing strategic plans and roadmaps. Prior experience managing $10M+ annual budgets. Summary Salary Range (for ULA

• Denver, ULA
• Cape Canaveral, ULA
• Decatur, ULA
• Vandenberg

AFB, ULA

• Washington DC (CC ULS) only): $172,973.00
• $321,235.

00 Please note that the salary information shown above is a general guideline only. Salaries are based upon a candidate's experience and qualifications, as well as internal equity, market and business considerations. Employees may be eligible for a discretionary annual bonus in addition to base pay. What makes ULA different? Because we understand launch success comes through the collective efforts of a team, we seek the best to join us. We value ethics, ingenuity, engagement and professional development for employees at all levels. We offer our employees competitive pay and benefits including: 401(k) match plus an additional employer contribution Discretionary annual incentive bonus for eligible employees Generous paid time off Flexible work environments Additionally, most salaried ULA team members work a "9/80 schedule," meaning they enjoy every other Friday off. Benefits and work schedules may vary for union-represented hourly positions and are described in the applicable collective bargaining agreement. The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates. Security Clearance / International Traffic In Arms Regulations (ITAR). This position requires use of information which is subject to the International Traffic In Arms Regulations (ITAR). Therefore, all applicants must be U.S. Persons as defined in

ITAR 22 CFR 120.62

(e.g., U.S. Citizen, Lawful Permanent Resident (Green Card holder) or protected individual. See 8 U.S.C. 1101(a)(20) and 8 U.S.C. 1324b(a)(3) for additional information). ULA is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment. ULA is a participant in the federal E-Verify Program. Posters in PDF format pertaining to this program can be accessed by clicking on the links identified below. E-Verify Participation poster (English / Spanish) and Right to Work Poster (English / Spanish). Colorado Equal Pay for Equal Work Act requires covered employees to follow a post selection notification process. A hired candidate may opt out of this process by notifying the hiring manager in writing at the time the offer is accepted

Nearest Major Market:

Denver