Remote (Global)

RegScale is hiring a Product Solutions  Owner - Department of War

About the Role

RegScale is hiring a Product Solutions Owner to own product strategy and execution for the Department of War (DoW) vertical. This role serves as the subject matter expert for DoW Cyber GRC, translating customer and mission needs into actionable product requirements to help customers achieve cybersecurity outcomes and accelerate Authorizations to Operate.

What You'll Do

Own the DoW product strategy and execution roadmap, ensuring alignment with customer needs, mission requirements, and market demands.
Serve as the subject matter expert (SME) for DoW Cyber GRC within the RegScale product organization.
Own solution definition and success for the DoW vertical, ensuring platform alignment with RMF, NIST 800-53, CNSSI 1253, CMMC, NIST CSF, and related DoW directives.
Define requirements for Impact Level (IL4/IL5/IL6) deployment readiness for DoW cloud environments.
Champion RBAC and access control requirements reflective of DoW organizational hierarchies and role-based workflows.
Inform enterprise risk scoring capabilities that align with DoW risk tolerance models and continuous monitoring mandates.
Partner with customers and prospects to identify pain points, use cases, and success criteria.
Synthesize customer feedback and market research to drive data-informed product decisions.
Work with DoW customers to develop public customer references and case studies.
Translate customer and mission needs into clear, actionable product requirements and user stories.
Collaborate closely with Product Management and Engineering to guide solution design, prioritization, and validation.
Lead the integration of automation and emerging technologies, particularly AI, to transform DoW risk and compliance management.
"Accept" product builds for your area, ensuring solutions meet functional, security, and compliance expectations.
Represent RegScale at DoW and defense industry events, conferences, and customer meetings.
Partner with Sales, Marketing, and Customer Success to enable go-to-market readiness and customer value realization.

What We're Looking For

10+ years of experience directly managing cybersecurity governance, risk, and compliance within the Department of War (or formerly DoD) as an ISSM, Component Security Control Assessor (SCA), or Authorizing Official (AO).
Deep expertise in DoW RMF workflows, including NIST 800-37, CNSSI 1253, NIST Cybersecurity Framework, and the end-to-end ATO lifecycle.
Strong understanding of DoW Control Tailoring, DoW Tier structure, and DoW-specific overlays and parameters.
Hands-on experience with eMASS, including all aspects of the control and package approval chain.
Strong familiarity with DoW technical assessments: DISA STIGs, SCAP benchmarks, ACAS, CMRS, and DoW hardening standards.
Understanding of DoW Impact Levels (IL2–IL6), FedRAMP+ requirements, and operating in classified and CUI environments.
Proven ability to translate complex DoW compliance requirements into actionable processes or technical product requirements.
Experience successfully scaling a compliance program using tools and enablers; managing ATO processes across large, complex DoW portfolios.
Strong communication skills to engage with DoW leadership, executive stakeholders, technical contributors, and external audiences.
Experience collaborating cross-functionally across business, product, and technology teams.
Passion for innovation and a desire to help modernize how the DoW approaches cybersecurity compliance.

Nice to Have

Prior experience in a product, solution management, or consulting role within a software or SaaS company serving the DoW market.
Familiarity with CCM, automation, or continuous compliance platforms.
Strong understanding of how AI and LLMs can be embedded into enterprise platforms to enhance productivity and deliver ROI.
AI Governance experience.
Fluency with product development tools including JIRA, Figma, and collaboration platforms like Confluence.
DoW CSWF Relevant certifications such as CISSP, CISM, CASP, CISA, CEH.
Thought leadership and/or market presence in the DoD GRC space (speaking, writing, community participation).
Experience with DoD DevSecOps initiatives, cATO (continuous ATO), and the Software Factory model.
Active DoW security clearance.

Technical Stack

eMASS
AWS GovCloud
Azure Government
DISA milCloud
JIRA
Figma
Confluence

Team & Environment

This role is part of the product organization, collaborating closely with Product Management and Engineering.

Work Mode

This is a remote position.

Required Skills

eMASSAWS GovCloudAzure GovernmentDISA milCloudJIRAFigmaConfluenceProduct OwnershipDoD ComplianceAgile MethodologiesStakeholder ManagementRequirements AnalysisGovernment ITCloud PlatformsSecurity Frameworks

Landing international contracts?

Invoice globally with an EU company

GloPay creates an Estonian partnership for you automatically. Your clients get proper invoices, you keep 95% of payments. Setup takes 5 minutes, works in 100+ currencies.

EU-registered company for compliance

Multi-currency invoicing & payments

Expense tracking & tax reports

Money in your bank in 1 business day

Start invoicing free

5% per invoice • No subscriptions

About company

RegScale is a purpose-built cyber GRC platform designed to enable the CISO to track and monitor security controls. It bridges security, risk, and compliance through controls lifecycle management, leveraging Continuous Control Monitoring (CCM) instrumentation to deliver massive compliance process improvements.

Visit website

Job Details

Category product

Posted a month ago