Unissant, Inc. delivers innovative capabilities to the agencies that keep our nation healthy and safe. We apply our domain expertise, data acumen, and technology know-how to achieve breakthrough results for our clients. Working collaboratively, we advance missions and careers through a focus on honesty, integrity, and dependability. We continuously look for talent, excited to join that effort. To learn more about our exciting organization, please visit us at www.unissant.com.
We are seeking a Security Manager to join our team and support our clients in the Washington DC-Baltimore area. The ideal candidate will be responsible for providing design recommendations based on long-term IT organization strategy and viewed both internally and externally as a technical expert and critical technical resource across multiple disciplines.
*This position is contingent upon contract award.
Essential Duties and Responsibilities:
Lead all ATO lifecycle activities, including assessments, renewals, and documentation
Manage vulnerability remediation aligned with CMS SLAs
Implement continuous monitoring and threat detection processes
Coordinate audits, assessments, and compliance reviews
Ensure compliance with HIPAA, FISMA, ARS, and CMS policies
Collaborate with CMS security teams and external stakeholders
Integrate security into DevOps pipelines (DevSecOps)
Develop and implement cyber security strategies (including Security Roadmap and Management Plan), policies, and guidelines for the customer based on industry best practices
Define and maintain Enterprise Governance Policies and ensure compliance with policies
Develop and maintain a Security Roadmap and Security Management Plan for the customer
Design and maintain Enterprise Security Reference Architecture
Design and implement common security services for the organization
Ensure SDLC adherence to security architecture and policies
Participate in enterprise security analysis and task prioritization
Define and implement Identity and Access Management policies and procedures to include Authentication & Authorization, Identity Storage and Data Integration and User management
Work Experience and Job Skills:
Minimum 10 years of experience in information security, with at least 5 years supporting federal security compliance programs
Minimum 3 years serving in an ISSO, ISSM, or equivalent role supporting systems requiring ATO
Demonstrated experience obtaining and maintaining Authority to Operate (ATO) under federal frameworks (FISMA/NIST RMF)
Proven experience developing and maintaining security documentation including SSP, POA&M, SAR, RAR, and Contingency Plans
Demonstrated experience with NIST 800-53 controls and CMS Acceptable Risk Safeguards (ARS) or equivalent frameworks
Experience managing vulnerability remediation in accordance with federal SLAs (e.g., 15/30/90-day remediation timelines)
Hands-on experience with continuous monitoring tools and practices (e.g., AWS GuardDuty, Security Hub, SIEM tools)
Experience supporting security audits, assessments, and penetration testing activities
Knowledge of HIPAA privacy and security requirements for handling PII/PHI data
Enthusiastic, proactive, positive attitude and high integrity
Excellent organizational skills, strong attention to detail and ability to effectively manage architectures supporting multiple users
Ability to think and act strategically and proactively approach projects and issues
Able to work under pressure and to be flexible with changing priorities
Able to find innovative ways to solve problems
A genuine interest in looking for opportunities to add value and grow your area of responsibility
Education:
Bachelor's degree in Cybersecurity, Information Assurance, Computer Science, or related field is required
Certificates, Licenses and Registrations:
CISSP certification is desired.
Communication Skills:
Excellent written and verbal communication skills
Ability to convey technical information to non-technical individuals
Demonstrated experience communicating effectively across internal and external organizations
Ability to work well in a matrixed team environment
Travel:
This position is primarily remote with occasional on-site meetings in the Washington DC - Baltimore Area
Environmental Requirements:
Mainly sedentary; in an office environment
May be required to lift to ten (10) pounds
Flexible in working extended hours
The above statements are intended to describe the general nature and level of work being performed by the individual(s) assigned to this position. They are not intended to be an exhaustive list of all duties, responsibilities, and skills required. Unissant management reserves the right to modify, add, or remove duties and to assign other duties as necessary. In addition, where applicable and available, reasonable accommodation(s) may be made to enable individuals with disabilities to perform essential functions of this position.
Please note: Candidate(s) will be required to go through pre-employment screening.
Unissant, Inc. is a proud Equal Opportunity Employer! (EOE; M/F/Disability/Vets)