Unison, a software product and services company in Dulles, VA., seeks an experienced Information Security Officer (ISO) to drive security compliance (e.g. FISMA, FedRAMP) for multiple hosting environments and proactively assist with new security projects across the organization. For over 25 years, Unison has been providing Acquisition and Grant Management software products to Civilian, DoD, and Intel agencies in the Federal Government, and to the Federal contractor community. In addition, Unison has a growing hosting business for its software products.
The ideal candidate will have demonstrated security experience working with on premise and cloud system deployments (SaaS) and should be very comfortable with a wide array of technical and operations knowledge; including system administration, operating systems, virtualization technology, networking (TCP/IP, DNS, Directory Services included), and application security. The candidate must also be able to work well with management, hosting support teams, and application development teams while integrating security solutions or supporting security assessments / audits. Knowledge of DoD Information Security directives and processes is a plus.
Lead continuous monitoring or periodic security review activities for various hosted environments, systems admin scanning
Support security administration activities across the organization
Ability to use and interpret results from vulnerability scanning tools (Tenable Nessus, AppScan, etc. BurpSuite) and understand vulnerabilities in security systems
Maintain up-to-date security documentation for compliance-based systems
Proactively manage system risk and system vulnerabilities
Understand the potential business impacts of proposed new controls and of security risks from new business and IT initiatives across the IT organization
Act as a knowledge bridge between IT / Hosting staff and the Security Team during periodic reviews of information security controls
Create and/or participate in process development to meet security procedural controls
Position themselves as a trusted advisor sought out by IT / hosting management for advice and guidance on security issues
Maintain an active and working knowledge of current security risks
Maintain an active and working knowledge of security regulations and frameworks for Federal, DoD, and commercial organizations (e.g. FedRAMP, FISMA, ISO 27000, CSA, etc.)
When and if necessary, the ISO will also participate in Unison's incident management process as an information security subject matter expert and will, on occasion, meet with clients to discuss information security implementation and capabilities.
Experience, Skills/Abilities, and Education:
B.A. or B.S. in relevant field of study (Advanced degree preferred)
5-8 years of information system security and/or security management/leadership experience
Experience in large enterprise systems
Experience in meeting compliance activities for FISMA / FedRAMP environments
Expert knowledge of cyber security principles
Understand the architecture of infrastructure security systems and deployments and work with management to address potential issues.
Strong written and oral communication skills
CISA, CISM, CISSP, CCSP or similar certification preferred
Top Secret Clearance preferred. Candidate must be a U.S. Citizen and be eligible to obtain a Security Clearance (Secret or higher)
Physical Requirements: Qualified candidates will need to be able to move/traverse throughout multiple facilities