Deputy CISO
$180k - $220kRK&K
Deputy Chief Information Security Officer
RK&K is seeking a Deputy Chief Information Security Officer to lead the development and execution of a dedicated cybersecurity program. Reporting directly to the Chief Information Officer, the Deputy CISO will be responsible for all cybersecurity operations, cyber risk management, security architecture, incident response, governance, compliance, and the long-term strategy required to protect RK&K's people, data, systems, clients, and business operations.
This is a foundational leadership role. This position will be responsible for building a standalone cybersecurity function from the ground up. The Deputy CISO will separate cybersecurity responsibilities from traditional IT operations, establish clear ownership of security controls and risk decisions, and create a scalable security operating model that supports RK&K's continued growth.
The Deputy CISO will partner closely with the CIO to define cybersecurity strategy, prioritize investments, strengthen cyber resilience, and align security initiatives with business objectives. This role requires a hands-on leader who can operate strategically while also building practical capabilities, policies, processes, tools, and teams.
Essential Functions
Cybersecurity Leadership and Strategy
- Serve as RK&K's senior cybersecurity leader responsible for day-to-day cyber operations and execution of the firm's cybersecurity roadmap.
- Partner with the CIO to develop, maintain, and execute a multi-year cybersecurity strategy aligned with RK&K's business goals, client expectations, regulatory obligations, and risk appetite.
- Provide regular reporting to the CIO and executive leadership on security posture, risk trends, major initiatives, incidents, metrics, and investment needs.
- Advise the CIO on cybersecurity budget priorities, technology investments, staffing plans, vendor selection, and risk tradeoffs.
- Create annual and multi-year security plans with measurable goals, timelines, milestones, and success criteria.
- Represent cybersecurity in strategic technology planning, enterprise architecture decisions, digital transformation initiatives, acquisitions, client requirements, and major business initiatives.
Cyber Operations
- Develop and lead RK&K's cyber operations program, including security monitoring, detection, response, vulnerability management, endpoint security, identity security, email security, cloud security, and threat management.
Governance, Risk, and Compliance
- Develop and lead RK&K's cybersecurity governance, risk, and compliance program.
- Lead a formal cyber risk acceptance and exception process.
- Align cybersecurity compliance with contractual, regulatory, client-driven, and industry-specific cybersecurity requirements.
Security Architecture and Engineering
- Establish security architecture principles, standards, and review processes for infrastructure, applications, cloud services, networks, endpoints, and identity platforms.
- Partner with IT operations and enterprise architecture teams to ensure security is embedded into technology design and implementation.
Data Protection and Privacy Support
- Establish data protection strategies for sensitive business information, client data, employee data, financial data, intellectual property, and regulated information.
- Establish security requirements for document management, collaboration platforms, file shares, project data, client deliverables, and mobile access.
Incident Response, Resilience, and Business Continuity
- Develop incident response policies, plans, playbooks, communication templates, escalation matrices, and decision trees.
- Conduct tabletop exercises with executive leadership, IT, legal, HR, finance, communications, and business stakeholders.
- Establish ransomware readiness plans, including containment strategies, backup validation, recovery priorities, communication plans, and decision-making processes.
- Ensure backup environments are protected from compromise, unauthorized deletion, encryption by ransomware, and credential abuse.
- Define and maintain metrics for mean time to detect, mean time to respond, incident volume, root causes, recurring issues, and control failures.
Required Skills and Experience
Bachelor's degree in computer science, information technology, business administration, or related field. 10 or more years of progressive experience in information technology, cybersecurity, risk management, security engineering, infrastructure, or related disciplines. 5 or more years of cybersecurity leadership experience, including responsibility for security operations, incident response, governance, or cyber risk management. Experience developing cybersecurity strategy, roadmaps, policies, standards, operating models, and governance processes. Strong understanding of cybersecurity operations, including monitoring, detection, response, vulnerability management, endpoint security, identity security, and incident response. Experience with cyber risk assessments, risk registers, control maturity assessments, remediation planning, and executive risk reporting. Experience leading incident response activities, tabletop exercises, post-incident reviews, and cyber crisis coordination. Familiarity with enterprise security technologies such as SIEM, EDR/XDR, MDR, vulnerability management platforms, firewalls, email security, identity platforms, DLP, CASB, PAM, and cloud security tools. Strong knowledge of identity and access management, privileged access, multi-factor authentication, conditional access, single sign-on, and access reviews. Experience supporting security audits, client questionnaires, contract security requirements, cyber insurance, or compliance reviews. Ability to lead strategically while also operating hands-on in a developing security environment.
Preferred Skills and Experience
Professional certifications such as CISSP, CISM, CISA, CRISC, GIAC, CCSP, CGRC, or similar credentials. Experience supporting organizations with distributed offices, remote employees, field operations, project-based work, or client-driven security requirements. Experience developing or overseeing managed detection and response, managed SOC, or co-managed security operations models. Experience with data classification, data loss prevention, records management, secure collaboration, and document protection. Experience with business continuity, disaster recovery, ransomware readiness, and backup resilience. Experience presenting cybersecurity risks, plans, and investment needs to executive leadership or board-level audiences. Experience leading organizational change, especially where security responsibilities are being separated from legacy IT operations.
Other Duties
This job description indicates the general nature and level of work, knowledge, skills, abilities, and other essential functions (as covered under ADA). It is not designed to cover or contain a comprehensive listing of all activities and duties required of the employee. Other duties are assigned as required.
What We Offer
RK&K offers excellent potential for career advancement and professional growth. We also offer attractive compensation packages commensurate with experience and a comprehensive benefits package including:
- Paid time off
- Matching 401(k) plan
- Student Loan Retirement Match Program
- Paid Holidays
- Tuition reimbursement
- Health, dental, vision, life, and disability insurances
- Paid parental leave
- Wellness programs and employee resource groups
- Career Development
- Much, much more!
Why RK&K?
As a full-service engineering and construction management firm, RK&K gives you the opportunity to directly impact the communities in which we live and work. What sets RK&K apart is an award-winning culture that has fostered a spirit of collaboration and trust for over 100 years. To its clients, the firm delivers concepts, processes, and outcomes designed for success. RK&K has earned its reputation as a trusted partner, responsive employer, and community steward.
Design your career at RK&K—Apply Today!
Visa Sponsorship: This position is not eligible for employer-sponsored work authorization. Applicants must be currently authorized to work in the United States without the need for current or future sponsorship.
Salary Range: $180K-$220K
- ...Chief Information Security Officer (CISO) Hartman Executive Advisors was founded with the vision of providing business‑focused, vendor‑independent consulting to mid‑sized companies. As independent, trusted strategic advisors to our clients, Hartman’s mission is to create...SuggestedFull timeTemporary work
$110.6k - $178k
...executive summaries, dashboards, and recommendations tailored to the needs of different executive audiences (e.g., Board of Directors, CISO, CIO, IT leaders).* Synthesize complex technical information into clear, actionable insights for non-technical stakeholders.* Lead...SuggestedFull timeLocal area$104k - $166k
Responsibilities Peraton is seeking a Cybersecurity Vulnerability Analyst in our Linthicum, MD office in support of our Department of Defense (DoD) customer as part of a highly talented, highly motivated, and high-performing team. This position offers a unique opportunity...SuggestedContract workWork at officeShift work- Information Systems Security Officer (ISSO) Employment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment...SuggestedFull timeLocal areaRemote workFlexible hours
$112k - $179k
Responsibilities Peraton is seeking a Information Systems Security Officer in our Linthicum, MD office in support of our Department of Defense (DoD) customer as part of a highly talented, highly motivated, and high-performing team. This position offers a unique opportunity...SuggestedFull timeContract workWork at officeMonday to FridayShift work$7.5k
Senior Information Systems Security Officer Location: Central Maryland Security Clearance Required: Security Clearance with appropriate Polygraph Preferred Job Brief Evaluating security solutions to ensure compliance with requirements for processing classified...Work experience placementImmediate startFlexible hours- ...latency global networking that supports 40% fully remote workforce and geographically dispersed engineering teams.* Partnering with the CISO, Lead the evolution toward hybrid/multi-cloud environments, software-defined data centers, and zero-trust security architectures.**...Work at officeRemote workFlexible hours
- Digital Forensic Analyst Employment Type: Full-Time, Mid-Level Department: Forensics CGS is seeking a Digital Forensic Analyst whose primary focus will be on the preservation & collection of mobile device and cloud‑stored data. This candidate should be fluent in a broad...Full timeWork at officeRemote workFlexible hours
$69k - $86k
Transdev is seeking an experienced IT Manager in Linthicum, Maryland, responsible for overseeing IT and communications functions within the organization. This role includes providing technical support for desktop and in-vehicle systems while collaborating with multiple...- Digital Forensic Analyst Employment Type: Full-Time, Mid-Level Department: Forensics CGS is seeking a Digital Forensic Analyst whose primary focus will be on the preservation & collection of mobile device and cloud‑stored data. The ideal candidate should be fluent in a...Full timeWork at officeRemote workFlexible hours
$120k - $150k
Position Overview The Director of Technology works closely with faculty, staff, and leadership to ensure NDP’s technology environment supports both operational efficiency and educational innovation. This senior leadership role is responsible for both strategic oversight...Contract work$170k - $180k
Join to apply for the Director of Information Technology role at Lieber Institute for Brain Development Join to apply for the Director of Information Technology role at Lieber Institute for Brain Development Get AI-powered advice on this job and more exclusive...Full timeWork at officeLocal area- Excelsia Injury Care provides management services to a network of healthcare companies, supporting them in delivering comprehensive rehabilitation, diagnostic, surgical, and pain management services for individuals affected by post‑traumatic neuro‑musculoskeletal injuries...Local area
- Chiropractor Excelsia Injury Care provides management services to a network of healthcare companies supporting them in delivering comprehensive rehabilitation diagnostic surgical and pain management services for individuals affected by post-traumatic neuro-musculoskeletal...Local area
$90k - $100k
IT Director This is a full-time, in office position, Monday-Friday, 40 hours per week. Starting salary around $90,000-$100,000, depending on experience. The Information Technology ("IT") Director serves as the senior leader responsible for the vision, strategy, and...Full timeContract workWork at officeMonday to Friday$102.17k
Company Overview If you are passionate about water and technology, Trinnex is the place for you! Trinnex is a visionary company that is transforming the way water resources are managed and protected. By combining cutting-edge digital technologies, such as sensor/IoT...H1b$112k - $179k
Responsibilities This Cyber Threat Analyst position supports the Federal Government and participates as a team member performing threat analyses based on knowledge of cybersecurity and concepts supporting intelligence analysis requirements for all‑source cyber analysis...Full timeContract workMonday to FridayShift work- Stanley Black & Decker is seeking a Cyber Program Manager in Towson, MD, responsible for optimizing cybersecurity initiatives and ensuring data-driven decision-making. The role involves developing metrics, managing programs, and engaging executive stakeholders. The ideal...Remote job
- A leading tech company in Baltimore is looking for a Chief Information Officer to drive the vision and strategy for enterprise technology. The CIO will oversee IT operations, ensuring robust infrastructure and cybersecurity while guiding data strategy and AI implementation...Remote work
$78k - $250k
TO BE CONSIDERED FOR THIS POSITION YOU MUST HAVE AN ACTIVE TS/SCI W/ FULL SCOPE POLYGRAPH SECURITY CLEARANCE (U.S. CITIZENSHIP REQUIRED) Hardware & software inventory updates & change log updates Work various Secure The Enterprise (STE) & Secure The Network (STN...Temporary workRemote workFlexible hours- Chief Advancement Officer (CAO) About the Company Esteemed research & treatment center for children with neurodevelopmental disorders Industry Management Consulting Type Non Profit Founded 1937 Employees 1001-5000 Categories Consulting & ...
- ...Management 25 South Charles St. Baltimore, MD 21201 Main Purpose of Job This is a senior management position that serves as the Deputy Chief Financial Officer for Financial Services (DCFO-FS) within the Office of Budget and Finance (OBF) for the Department of Human...Full timeWork at officeLocal areaRemote work
$215k - $245k
Established in 1991 by Dr. Robert W. Deutsch, the Robert W. Deutsch Foundation is a private foundation committed to improving the lives of Baltimore residents and strengthening the vitality of the city’s neighborhoods. Guided by a deep belief in the power of philanthropy...Local areaFlexible hours$155k - $200k
A leading cyber security firm is seeking a Sales Engineer to engage closely with prospects, delivering technical demonstrations and leading training sessions. The ideal candidate has over 5 years of experience in technical roles within cyber security, solid communication...- Position: Survey Crew Chief Location: Baltimore, MD (On-Site) Clearance: N/ Summary Our client is currently seeking applicants interested in a Survey Crew Chief position at their Baltimore office. The Survey Crew Chief will supervise the...Temporary workWork at officeLocal areaFlexible hoursNight shift
$144.9k - $265.8k
Digital Identity & Authentication SME (Microsoft Entra, Okta, Ping, Saviynt) Overview In today’s rapidly evolving IT landscape, organizations face increasingly complex cybersecurity risks and regulatory pressures. Identity—both human and non-human—is at the core of every...Work experience placementSummer holidayFlexible hours- ...daily calendar of the EVP by scheduling internal and external meetings, travel and events. Work with the Executive Specialist and Deputy Chief of Staff to resolve scheduling conflicts, prioritize requests, and confirm meeting details and expectations. Work closely...Work at officeRemote workDay shiftAfternoon shift
$60k - $110k
At Whitman, Requardt & Associates, LLP, we are "People Focused and Project Driven". We have been in business for more than 110 years and we are known for our quality work and quality employees. This is your chance to join our team - help us to design the infrastructure ...Full timeTemporary workH1bFlexible hoursNight shift$85.9k - $129.7k
Job Summary Information Systems Security Officer - Hunt Valley (Job Number: 331102) Provide information systems security support from a managerial and technical standpoint for DoD and Non-DoD classified systems and networks. Standing up and maintaining accreditations for...- Are you passionate about music and making a difference in the lives of the next generation of talented music students in Baltimore City Schools? Next Up Music & Culture is looking for Board Members and Event Volunteers. As a Board Member You Will: Participate in board...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Deputy CISO. Be the first to apply!
- remote ciso
- ciso
- information systems security officer
- business information security officer
- business information security officer biso
- chief information security officer
- information security officer
- information systems security officer sso
- chief information security officer ciso
- information security officer iso


