Field CISO in Virginia Beach, Virginia at Mythics

As a federal government contractor and a recipient of federal funding, Mythics and Emergent is required to abide by the Drug-Free Workplace Act, which requires Mythics and Emergent to provide a drug-free workplace, among other obligations. As part of this effort, Mythics and Emergent requires pre-employment drug tests for all candidates for employment. Please note that marijuana (including medical marijuana) is designated as a controlled substance under federal law and will be screened for in the drug test.

Emergent, a subsidiary of Mythics, LLC, is an award-winning IT solutions provider and value-added reseller based in Virginia Beach, Virginia. Since 2006, Emergent has specialized in solving complex challenges and delivered best-of-class technology solutions to operations in all levels of government, education, and commercial organizations worldwide. At Emergent, we are looking for motivated people with the expertise and insight to tackle the toughest client issues.

Because at Emergent, YOU count! At Emergent, our Corporate Values are at the foundation of everything we do. Our values, Respect – Empathy – Excellence – Fun (REEF), have created an environment that fosters creative thinking, respects your contributions, and accepts nothing less than excellence in serving our customers. At Emergent, you will experience a truly enjoyable corporate culture.

Enjoy Tailored Benefits to Suit Your Needs with our Flexible Options. Our benefit options include:

• Comprehensive Health, Dental, and Vision plans
• Premier 401k retirement plan with corporate matching and a 529 college saving plan
• Tax-advantaged Health Savings Account and Dependent Care Flexible Spending Account options
• Legal Resources

Unlock Exclusive Benefits for Full-Time Employees:

• Generous work/life balance opportunities supported by a PTO bank, paid holidays, leave programs and additional flex time off
• Employee referral program
• Employee recognition, gift and reward program
• Tuition reimbursement for continuing education
• Remote or hybrid work options
• Engaging company events such as team building activities, annual awards and kick-off parties
• Health and wellness-focused activities
• Relaxation Spaces
• In-office gourmet coffee, tea, fresh fruit and healthy snacks
• Corporate GREEN approach – tracking energy consumption for reduction and purchasing only environmentally friendly products for our offices

Emergent, LLC is an equal opportunity employer. In accordance with applicable federal, state, and/or local law, all qualified applicants will receive consideration regardless of race, color, religion, national origin, sex, disability, sexual orientation, gender identity, age, marital status, medical condition, veteran status, or other factors protected by law. We offer equal opportunity in compensation, advancement opportunities, and all other terms and conditions of employment. As a federal government contractor, Emergent has developed and maintains a written Affirmative Action Program relating to individuals with disabilities and protected veterans, which sets forth the policies, practices and procedures to which the Company is committed in order to ensure that its policy of nondiscrimination and affirmative action for qualified individuals with disabilities and protected veterans is followed. For those unable to complete an online application, alternative methods are available by contacting accommodationrequests@mythics.com. For more information about Federal laws prohibiting job discrimination, please read Know Your Rights.

The Field CISO is a senior, client-facing cybersecurity leadership role responsible for supporting revenue generation through advisory-led assessment engagements and related services. This position partners with sales and delivery teams to provide executive-level technical credibility, lead cybersecurity assessments, deliver findings to senior client stakeholders, and convert assessment outcomes into follow-on services and OEM solution engagements. The role balances advisory responsibilities with commercial objectives. The Field CISO does not own client accounts but is accountable for enabling assessment sales, influencing services pull-through, and supporting revenue outcomes through expertise, credibility, and executive communication.

Duties and Responsibilities:

Revenue Enablement and Sales Support

• Partner with Account Executives to support identification, qualification, and closure of cybersecurity assessment engagements, including:
• Cyber Exposure & Defense Optimization (CEDO)
• Exposure Reality Check (ERC)
• Shadow AI & Non-Human Identity (NHI) Exposure Assessments
• Participate in client discovery and qualification calls to identify appropriate assessment entry points (e.g., compliance requirements, renewal cycles, budget reviews, executive inquiries).
• Provide technical and executive-level credibility during pre-sales discussions to support commercial outcomes.
• Address advanced technical and architectural objections during the sales cycle as required.
• Support multi-stakeholder client conversations involving security, IT, compliance, finance, and executive leadership.
  
  

Assessment Delivery and Client Outbriefs

• Lead or co-lead assessment outbriefs to CISOs and executive stakeholders, presenting findings in risk, financial, and operational terms.
• Validate technical findings, including MITRE ATT&CK mappings, control coverage analysis, overlap assessments, and exposure identification.
• Ensure assessment outputs are accurate, defensible, and aligned with documented methodology.
• Translate technical findings into clear remediation priorities and recommended next steps.
• Ensure appropriate follow-on conversations (services, advisory, or OEM evaluations) are introduced during or immediately following the outbrief.
  
  

Services and Solution Alignment

• Identify opportunities for post-assessment remediation and advisory services, including but not limited to:
  • Security stack rationalization
  • Non-Human Identity (NHI) remediation
  • Secrets management and privileged access initiatives
  • AI governance and policy development
  • Zero Trust architecture and identity programs
• Support scoping of project-based and recurring advisory engagements derived from assessment findings.
• Provide vendor-agnostic guidance connecting findings to appropriate solution categories, while supporting OEM solution pull-through where applicable.
  

Ongoing Advisory and Market Engagement

• Serve as a senior advisory resource to clients following assessments, including participation in periodic security reviews or executive discussions as contracted.
• Represent the organization at industry events, roundtables, and sector-specific forums as requested.
• Maintain awareness of regulatory, threat, and compliance developments relevant to supported markets.
• Contribute subject matter expertise to internal teams and, as appropriate, external thought leadership initiatives.

Other Duties

• Perform all other duties, as assigned

Minimum Requirements:

• Bachelor’s Degree in an IT-related field or equivalent work experience, required.
• 15 or more years of professional experience in cybersecurity or information security.
• Minimum of 3 years serving in a CISO, Deputy CISO, Field CISO, vCISO, or equivalent senior security leadership role with direct accountability for enterprise security outcomes.
• Demonstrated experience engaging directly with executive-level stakeholders (CISO, CIO, CFO, or equivalent).
• Experience supporting or leading client-facing security assessments, advisory engagements, or risk analysis initiatives.

Preferred Requirements:

• Active or previously held security certifications (e.g., CISSP, CISM, or equivalent).
• Active or previously held security clearance supporting Federal or DoD client environments.
• Prior experience in a vendor, VAR, consulting, or advisory CISO role.

Knowledge / Skills / Abilities (KSAs):

• Advanced knowledge of the MITRE ATT&CK framework, including tactics, techniques, sub-techniques, and control coverage analysis.
• Strong understanding of modern enterprise security architectures, adversary tradecraft, and exposure management concepts.
• Ability to translate technical security findings into business, risk, and financial language appropriate for executive audiences.
• Experience structuring, scoping, and delivering defensible cybersecurity assessments or advisory engagements.
• Working knowledge of security technologies commonly evaluated through assessments, including EDR/XDR, SIEM/SOAR, IAM, PAM, IGA, vulnerability management, secrets management, Non-Human Identity (NHI) management, and GRC platforms.
• Ability to operate effectively in a revenue-influenced, matrixed environment, partnering with sales and delivery teams to support commercial outcomes.
• Strong verbal and written communication skills, with the ability to engage both technical practitioners and senior executives with credibility.
• Working knowledge of applicable regulatory and compliance frameworks, including NIST SP 800-53, NIST CSF, FISMA, CMMC, and Zero Trust guidance.