Information Security Officer

What success looks like in this role: Position SummaryThe Unisys Information Security Officer (ISO) provides dedicated cybersecurity leadership in support of critical Virginia based Client. This role is responsible for helping the Client to implement, manage, and govern information security programs that protect the Client’s systems, services, and data.The Unisys ISO works closely with the Client CISO team, leadership, and stakeholders across the Client to ensure compliance with IT security standards, perform risk assessments, support incident response, and deliver strategic security guidance. Ideal candidate has strong project management (PM) skills, technical grasp of Cybersecurity, and a deep understanding of System Security Plans, Business Impact Analysis, and Cybersecurity Risk Registers.Key Responsibilities1. Security Governance & ComplianceDevelop, refine, and maintain agency-aligned security policies, controls, and documentation.Assist Client and assigned agencies with audits, compliance reviews, and remediation planning.Ensure adoption of NIST-aligned risk management and security control frameworks.2. Risk ManagementConduct or assist with enterprise risk assessments, data classification, and security control evaluations for Client and supported agencies.Identify security gaps and recommend risk-based remediation strategies.Support the development of System Security Plans (SSPs), BIAs, and agency risk registers.Provide guidance on COOP and Incident Response Plan development.3. Incident Response & Threat SupportAct as an incident response resource to Client, helping coordinate cybersecurity investigations, analysis, and documentation.Collaborate with Client’s SOC, during active events.Deliver after-action reporting, root cause analysis, and improvement recommendations.4. Security Architecture & Technology SupportAssist Client in evaluating IT solutions, cloud services, and enterprise initiatives for security compliance.Review designs, contracts, and procurements to ensure required security controls are incorporated.Provide recommendations aligned with Zero Trust, identity management best practices, encryption, logging, and network security principles.5. Training, Awareness, & Stakeholder CoordinationSupport cybersecurity awareness programs across Client and partner agencies.Act as one of the primary Unisys security liaisons interfacing with Client leadership.Communicate risks, emerging threats, and mitigation options to technical and non-technical audiences.Provide security guidance to project teams, application developers, and business units.6. Strategic Security LeadershipContribute to Client’s enterprise cybersecurity strategy and statewide security initiatives.Recommend modern tools, frameworks, and processes to enhance the Clients security posture.Participate in governance boards, working groups, and cross-agency cybersecurity committees.Support Unisys in delivering high-quality, contract-aligned services that enhance Client’s mission.You will be successful in this role if you have:Required QualificationsBachelor’s degree in Information Security, Computer Science, IT, or related field; equivalent experience considered.8+ years of cybersecurity or information assurance experience.Strong understanding ofNIST frameworks (800-53, 800-37, CSF)Zero Trust principles and modern security architecturesExperience in risk assessments, audits, and implementing security controls.Incident response or SOC coordination experience.Excellent communication, documentation, and stakeholder-engagement skills.Preferred CertificationsCISSPCISMCISACRISCGIAC certifications (GSEC, GCIH, GSTRT, etc.)Cloud security certifications (AWS / Azure)Project Management Professional (PMP)Key CompetenciesAbility to work collaboratively across multiple agencies and stakeholder groupsStrong analytical and risk-based decision-making skillsAbility to communicate complex security issues clearlyHigh initiative, ownership, and professionalismCommitment to delivering high-quality support to a mission-critical state ClientThis role may require access to export-controlled commodities and technology. Therefore, to conform to U.S. export control regulations, applicant should be eligible for any required authorizations from the U.S. Government.Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law.