Director Information Security

The Unisys Director of Information Security provides dedicated cybersecurity leadership in support of critical Virginia based Client. This role is responsible for helping the Client to implement, manage, and govern information security programs that protect the Client's systems, services, and data.

The Unisys Director of Information Security works closely with the Client CISO team, leadership, and stakeholders across the Client to ensure compliance with IT security standards, perform risk assessments, support incident response, and deliver strategic security guidance. Ideal candidate has strong project management (PM) skills, technical grasp of Cybersecurity, and a deep understanding of System Security Plans, Business Impact Analysis, and Cybersecurity Risk Registers.

Key Responsibilities

1. Security Governance & Compliance

• Develop, refine, and maintain agency-aligned security policies, controls, and documentation.
• Assist Client and assigned agencies with audits, compliance reviews, and remediation planning.
• Ensure adoption of NIST-aligned risk management and security control frameworks.

2. Risk Management

• Conduct or assist with enterprise risk assessments, data classification, and security control evaluations for Client and supported agencies.
• Identify security gaps and recommend risk-based remediation strategies.
• Support the development of System Security Plans (SSPs), BIAs, and agency risk registers.
• Provide guidance on COOP and Incident Response Plan development.

3. Incident Response & Threat Support

• Act as an incident response resource to Client, helping coordinate cybersecurity investigations, analysis, and documentation.
• Collaborate with Client's SOC, during active events.
• Deliver after-action reporting, root cause analysis, and improvement recommendations.

4. Security Architecture & Technology Support

• Assist Client in evaluating IT solutions, cloud services, and enterprise initiatives for security compliance.
• Review designs, contracts, and procurements to ensure required security controls are incorporated.
• Provide recommendations aligned with Zero Trust, identity management best practices, encryption, logging, and network security principles.

5. Training, Awareness, & Stakeholder Coordination

• Support cybersecurity awareness programs across Client and partner agencies.
• Act as one of the primary Unisys security liaisons interfacing with Client leadership.
• Communicate risks, emerging threats, and mitigation options to technical and non-technical audiences.
• Provide security guidance to project teams, application developers, and business units.

6. Strategic Security Leadership

• Contribute to Client's enterprise cybersecurity strategy and statewide security initiatives.
• Recommend modern tools, frameworks, and processes to enhance the Clients security posture.
• Participate in governance boards, working groups, and cross-agency cybersecurity committees.
• Support Unisys in delivering high-quality, contract-aligned services that enhance Client's mission.

You will be successful in this role if you have:

Required Qualifications

• Bachelor's degree in Information Security, Computer Science, IT, or related field; equivalent experience considered.
• 8+ years of cybersecurity or information assurance experience.

Strong understanding of

• NIST frameworks , 800-37, CSF)
• Zero Trust principles and modern security architectures
• Experience in risk assessments, audits, and implementing security controls.
• Incident response or SOC coordination experience.
• Excellent communication, documentation, and stakeholder-engagement skills.

Preferred Certifications

• CISSP
• CISM
• CISA
• CRISC
• GIAC certifications (GSEC, GCIH, GSTRT, etc.)
• Cloud security certifications (AWS / Azure)
• Project Management Professional (PMP)

Key Competencies

• Ability to work collaboratively across multiple agencies and stakeholder groups
• Strong analytical and risk-based decision-making skills
• Ability to communicate complex security issues clearly
• High initiative, ownership, and professionalism
• Commitment to delivering high-quality support to a mission-critical state Client