Jobs › Chief Information Security Officer (CISO)
Chief Information Security Officer (CISO)
Role at a glance
- Category
- GRC
- Work arrangement
- On-site
- Location
- Pentagon, Arlington
- Salary range
- $151,662 to $219,000
- Posted
- Jul 11, 2026
Department of the Air Force - Agency Wide is hiring a Chief Information Security Officer (CISO) in Pentagon, Arlington. This is a GRC role in the governance, risk, and compliance field, with a posted range of $151,662 to $219,000. Review the full details below and apply directly with Department of the Air Force - Agency Wide.
Click on "Learn more about this agency" button below for IMPORTANT additional information. The primary purpose of this position is to manage and direct all aspects of Department of the Air Force cybersecurity staff functions, serving as the lead cybersecurity advisor and establishing DAF-wide cybersecurity strategies and policies. Qualifications: Eligibility will be based upon a clear showing the applicant has education, training, and experience of the scope and quality sufficient to effectively carry-out the duties of the position. Candidates must exemplify the corporate perspective, leadership vision, broad experience and character needed in the SES corps not only to satisfy the immediate vacancy, but future vacancies which will occur in a variety of organizations, functions and locations. Candidates will not be hired based on their race, sex, color, religion, or national origin. In accordance with new OPM requirements to streamline Senior Executive Service (SES) hiring, applicants are no longer required to submit lengthy narrative essays, including those for Executive Core Qualifications (ECQs) or Mandatory Technical Qualifications (TQs), when applying. Instead, the initial application will be resume-only, capped at two pages. This change streamlines the application process and more closely aligns with private industry practices. Applicants identified for potential selection will have their ECQs assessed by undergoing a structured interview with the Office of Personnel Management (OPM) Qualifications Review Board (QRB). To meet the minimum qualification requirements for this position, you must show that you possess the education, Technical Qualifications (TQ), and Executive Core Qualifications (ECQ) related to this position within your resume (not to exceed 2 pages). Resumes over the 2-page limit will be disqualified. Your resume should include examples of experience, education, and accomplishments applicable to the qualification(s). If your resume does not reflect demonstrated evidence of the ECQs and TQs, you may not receive further consideration for the position. CERTIFICATIONS: The incumbent must possess or be willing to achieve Cybersecurity Workforce Management certification (8570.01 IAM level III) or equivalent within one year of gaining the position. TECHNICAL QUALIFICATIONS (TQs): Your resume should demonstrate accomplishments that satisfy the technical qualifications. TQ 1: Demonstrated executive-level experience in directing enterprise-wide
Full responsibilities and requirements are on Department of the Air Force - Agency Wide's application page.
Apply for this role →Location and market context
This role is based in Pentagon, Arlington on-site. Local candidates benefit from being close to Department of the Air Force - Agency Wide's teams and regional hiring market. Confirm the exact in-office expectation and any relocation support with the employer.
About cybersecurity governance roles
Cybersecurity governance connects security control frameworks to business and regulatory risk, covering policy, risk assessment, and control assurance rather than hands-on operations. Roles like this one are typically evaluated against frameworks such as NIST CSF, ISO/IEC 27001, SOC 2, and security risk and control-assurance practices.
How to position yourself for this cybersecurity governance role
Strong candidates emphasize security control frameworks, risk assessment, policy and standards, and translating technical security posture into governance and board-level reporting. In your resume and outreach, tie your experience to how Department of the Air Force - Agency Wide would apply NIST CSF, ISO/IEC 27001, SOC 2, and security risk and control-assurance practices, and lead with concrete outcomes rather than duties.
Similar GRC roles
More GRC jobs: All GRC roles · Browse by category & location