Katie Arrington is returning to the Pentagon in a new role as chief information security officer at the Defense Department Office of the Chief Information Officer, marking a full-circle moment for the former acquisition official who served as the public face of the Cybersecurity Maturity Model Certification program during President Trump's first term.
Arrington announced her new job in a Feb. 19 LinkedIn post with no details on what she will be doing as DOD CISO. She was tapped to lead the development of the CMMC program in July 2019 within the office of the under secretary of defense for acquisition and sustainment, where the CMMC Program Management Office was initially based.
The CMMC program was paused in early 2021 under the direction of then-Deputy Defense Secretary Kathleen Hicks who came in at the start of the Biden administration. Arrington was put on suspension in the summer of 2021 over her alleged sharing of classified information outside of DOD.
Arrington officially resigned in February 2022 from DOD and announced a run for a House seat in South Carolina in the 2022 election cycle. She lost in the primary election to incumbent Rep. Nancy Mace (R-SC) who was selected in the 118th Congress to serve as chair of the House Oversight cyber subcommittee.
Arrington joined supply chain firm Exiger in January 2024 as vice president of government affairs.
The CISO job at the DOD CIO was posted on USAJobs in January after acting DOD CIO Leslie Beavers moved David McKeown into a new job as special assistant for cybersecurity innovation. Sudha Vyas, chief cybersecurity architect at DOD CIO, was made acting DOD CISO and acting principal director for cybersecurity.
In a February 2022 memorandum, Hicks moved the CMMC PMO over to the DOD office of the CIO and eliminated Arrington’s previous job as CISO at A&S. DOD did not respond to a request for comment on Arrington’s new role at the DOD CIO office as of publication time.