# Contract Security Officer

> Stafford Gray · Lansing, United States (Hybrid) · Contract · Posted 2026-07-16

**Workplace:** hybrid

## Description

Stafford Gray is seeking an experienced Contractor Security Officer to serve as the dedicated security and compliance lead on a State of Michigan (DTMB) engagement. This is a leadership-facing role, not a hands-on-keyboard analyst position: the Security Officer owns the project's security posture from day one, acts as the single point of accountability for compliance matters between the delivery team and state stakeholders, and ensures that every aspect of service delivery meets the state's security standards. The right candidate has spent years running security for complex engagements and is comfortable operating in a public-sector environment where documentation, auditability, and stakeholder communication are as important as technical controls.

**Key Responsibilities:**

-   Own and manage the complete security program for the project, ensuring alignment with State of Michigan security policies, standards, and contractual security requirements
-   Serve as the primary security and compliance liaison to client stakeholders — fielding compliance inquiries, coordinating security reviews, and representing the delivery team in audit and assessment activities
-   Facilitate compliance activities end-to-end: gathering evidence, maintaining security documentation and artifacts, tracking remediation items to closure, and reporting status to both internal leadership and state contacts
-   Establish and enforce secure delivery practices across the project team, including access management, data handling procedures, and incident response protocols
-   Motivate, guide, and coach project staff to ensure secure, accurate, efficient, and timely delivery of services — building a security-conscious culture rather than policing one
-   Identify, assess, and communicate security risks proactively; escalate issues with clear remediation recommendations
-   Maintain awareness of applicable regulatory and framework requirements (e.g., NIST 800-53, CJIS, HIPAA, IRS Pub 1075 — _confirm with client which frameworks govern this engagement_) and translate them into practical guidance for the team

## Requirements

**Required Qualifications:**

-   **5+ years of experience managing security** for projects or programs of similar size and scope — candidates must be able to name the specific projects and the years the experience was obtained
-   **5+ years of experience facilitating compliance** for clients and external stakeholders, including audit support, evidence collection, and compliance documentation
-   Demonstrated ability to lead and guide staff — motivating a delivery team toward secure, accurate, efficient, and timely outcomes
-   Excellent written and verbal communication skills; comfortable presenting security posture and compliance status to non-technical stakeholders
-   Strong organizational skills with a track record of maintaining audit-ready documentation
-   **Education:** Bachelor's degree (institution will be listed in the submission — must be verifiable)
-   **Certification:** One or more actively held security certifications (e.g., CISSP, CISM, CISA, CRISC, Security+) — credential IDs required at submission

**Preferred Qualifications:**

-   Prior State of Michigan, DTMB, or other state/local government project experience
-   Experience working within a staff-augmentation or managed-services delivery model
-   Familiarity with security assessment and authorization (SA&A) processes in a public-sector context
-   Experience responding to formal RFP/RFS security requirements and bidder documentation

## Apply

[Apply at Stafford Gray](https://apply.workable.com/staffordgray/j/BC728788E2/apply)

---
Powered by [Workable](https://www.workable.com)
