Director of IT & Information Security

At Hidden Level, we’re building the future of airspace awareness through cutting-edge RF sensing technology. Our mission is to make the world safer—whether it’s protecting troops, securing infrastructure, or enabling smarter cities. We design, manufacture, and deploy advanced sensor systems that deliver real-time insights for defense and commercial applications.

Position Overview:

The Director of IT & Information Security is responsible for leading Hidden Level’s Information Technology (IT) function and information security program. This role ensures that enterprise systems, infrastructure, applications, and support services are reliable, secure, scalable, and aligned with business priorities.

This position oversees IT operations, cybersecurity, incident management, change management, security response, and compliance with applicable U.S. Department of Defense (DoD) cybersecurity requirements, including National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, Defense Federal Acquisition Regulation Supplement (DFARS), and Cybersecurity Maturity Model Certification (CMMC).

This is a hands-on leadership role requiring both operational execution and strategic direction to support a growing enterprise organization.

This role is critical to ensuring Hidden Level’s operational continuity, cybersecurity posture, compliance readiness, and enterprise technology maturity as the company supports national security missions.

Location:

Onsite, Syracuse, NY – This role requires frequent travel to multiple locations in the Syracuse area and may include occasional travel to Washington, DC.

Organizational Scope & Reporting:

• The Director of IT & Information Security is responsible for leading Hidden Level’s Information Technology (IT) function and information security program. This role ensures that enterprise systems, infrastructure, applications, and support services are reliable, secure, scalable, and aligned with business priorities.
• This position oversees IT operations, cybersecurity, incident management, change management, security response, and compliance with applicable U.S. Department of Defense (DoD) cybersecurity requirements, including National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, Defense Federal Acquisition Regulation Supplement (DFARS), and Cybersecurity Maturity Model Certification (CMMC).
• This is a hands-on leadership role requiring both operational execution and strategic direction to support a growing enterprise organization.

Responsibilities:

IT Operations & Infrastructure

• Lead enterprise IT operations, including infrastructure, applications, support services, cloud systems, and business systems.
• Own Incident Management, Change Management, and Security Response processes, providing both strategic oversight and hands-on leadership during operationally significant or high-impact events.
• Ensure system availability, reliability, scalability, and operational resilience.
• Develop and manage IT budgets, vendor relationships, infrastructure planning, and technology roadmaps.
• Lead and develop IT personnel and/or managed service providers.
• Support facility expansion, business transformation initiatives, and enterprise growth.

Information Security & Cybersecurity

• Develop, implement, and maintain the company’s information security program.
• Lead cybersecurity operations including vulnerability management, monitoring, incident response, audit readiness, and risk management.
• Oversee implementation of security controls, system hardening, access management, logging, Security Information and Event Management (SIEM), and endpoint protection.
• Provide cybersecurity leadership and guidance to the Information Systems Security Manager (ISSM) and broader IT organization.
• Assess and communicate cybersecurity risks to leadership and stakeholders.
• Support enterprise resilience and security operations, including disaster recovery, digital forensics, insider threat, and compliance-related activities.

CMMC, Compliance & Governance

• Accountable for overall CMMC readiness and certification efforts, with execution led in partnership with the ISSM and supported through established governance, audit oversight, and separation of duties controls.
• Ensure compliance with NIST SP 800-171, DFARS, and applicable contractual or regulatory requirements.
• Oversee maintenance of System Security Plans (SSPs), Plans of Action & Milestones (POA&Ms), security policies, and audit documentation.
• Coordinate internal and external audits, assessments, remediation activities, and customer security reviews.
• Support the Cybersecurity Governance Committee and provide executive-level reporting on cybersecurity posture, risks, incidents, and remediation progress.
• Oversee third-party and supplier security risk management.
• Maintainappropriate governance, risk visibility, and separation of duties across IT and cybersecurity functions.

What We’re Looking For:

• Strong leadership presence with the ability tooperatein both strategic and hands-on capacities.
• Ability to build scalable processes, accountability, and operational discipline.
• Strong prioritization, decision-making, and problem-solving skills.
• Cross-functional collaboration across Operations, Engineering, Supply Chain, Program Management, Contracts & Legal, and Executive Leadership.
• Commitment to cybersecurity, compliance, continuous improvement, and enterprise service delivery.

Required Qualifications:

• 15+ years of progressive experience across IT operations, cybersecurity, infrastructure, and compliance leadership with at least 8 years in a regulated environment.
• Proven experience managing enterprise IT infrastructure, cloud environments, applications, and security operations.
• Hands-on experience with NIST SP 800-171 and/or CMMC compliance.
• Experience in a regulated environment such as DoD, aerospace, defense contracting, or similar.
• Experienced people leader withdemonstratedexperience across both operational IT and cybersecurity functions.
• Active U.S. Secret clearance preferred; ability to obtain andmaintaina clearancerequired.
• Strong communicationskills with the ability to translate technical and security risks into business impact.

Preferred Qualifications:

• CISSP, CISM, or equivalent cybersecurity certification and/or experience.
• Experience with ERP systems and enterprise business applications.
• Familiarity with ISO9001, vulnerability management, and secure infrastructure practices.
• Experience working in classified or air-gapped environments.

Compensation and Benefits: Hidden Level offers a competitive salary and a comprehensive benefits package, including health insurance, paid parental leave, flexible time off, 401(k) with employer contributions, life insurance, disability insurance, and potential stock options.

Salary Range: The salary range for this position is estimated at $138,000 to $179,000 annually. Please note that the salary information is a general guideline only. Hidden Level considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer.

Equal Opportunity Employer: Hidden Level is an Equal Opportunity Employer. We consider all qualified applicants for employment without regard to race, color, religion, national origin, sex, pregnancy, sexual orientation, gender identity, age, veteran status, disability, or any other status protected by applicable federal, state, or local law.

Security Note: Due to the nature of Hidden Level’s technology, only U.S. citizens can be considered for this position.