Security Compliance Lead

Responsibilities

• Lead the CPCSC certification program from the ground up, including the controls register, evidence collection, and managing the assessor relationship.
• Drive audit readiness for Level 1 and Level 2 certifications.
• Establish and manage third-party risk assessments, including vendor due diligence, scoring, and ongoing monitoring.
• Oversee the Controlled Goods Program, including registration, security plans, and access controls.
• Manage security flow-downs and contractual security obligations for federal and defense contracts.
• Handle export-control obligations and personnel security/clearance administration.
• Build and run the company's security awareness and training program.
• Own the security policy suite and ensure all policies are mapped to relevant controls.

Requirements

• Hands-on experience building or running a security compliance program (e.g., CPCSC, CMMC, ISO 27001, NIST SP 800-171, or controlled goods).
• Fluency in controls frameworks such as ITSP.10.171, NIST SP 800-171, CMMC, or ISO 27001.
• Proven experience in third-party and supply-chain risk management.
• Ability to design, implement, and defend security controls to external assessors.
• A builder's temperament with the ability to thrive in ambiguous, fast-paced environments.

Benefits

• Competitive base salary and company equity.
• Comprehensive health benefits.
• Additional equity grants based on impact.

About the Company

Dominion Dynamics builds real defense capability for the Canadian Armed Forces and our allies. We operate in a high-trust environment with rapid iteration, delivering systems that are currently in the field.