Information Security Officer

Overview

On Site

$120,000 - $130,000

Full Time

100% Travel

Skills

FISMA

NIST

ISO

Job Details

Company Overview

At 4A Consulting, we turn complexity into opportunity. Founded in 2014 and headquartered in Baltimore, MD, we are a women-owned, boutique consulting firm specializing in delivering innovative, data-driven solutions to both the Federal Government and Fortune 500 clients. Our team blends deep industry knowledge with advanced technologies to design tailored strategies that drive measurable and sustainable outcomes. We pride ourselves on an agile, collaborative approach that helps organizations navigate challenges and seize emerging opportunities in a rapidly evolving digital landscape. At 4A, we don t just deliver projects we build trusted partnerships that empower our clients to lead with confidence in the digital age.

What You ll Do

The Information Security Officer (ISO) plays a critical role in ensuring the security, compliance, and resilience of enterprise systems. You will oversee cybersecurity operations, lead risk management initiatives, and guide the development of secure architectures across business and IT functions. This role combines strategic leadership with hands-on security management to ensure that all systems, networks, and services adhere to industry best practices, regulatory standards, and organizational goals.

Key Responsibilities

Lead the daily operations and implementation of ISO-related projects, ensuring effective security governance and compliance.
Develop and maintain security metrics to track adoption rates, monitor controls, and identify areas for improvement.
Review, update, and enforce security policies and procedures to align with regulatory frameworks such as ISO 27001 and NIST Cybersecurity Framework.
Conduct vulnerability assessments, analyze results, and coordinate remediation efforts with relevant stakeholders.
Participate in Authorization to Operate (ATO) assessments to validate compliance and readiness for production environments.
Collaborate with cross-functional teams to enhance security protocols, system designs, and operational processes.
Design and implement secure architectures for cloud, on-premises, and hybrid environments.
Lead and manage security-related projects, ensuring successful and timely delivery.
Develop and deliver security awareness training programs to improve organizational security posture.
Maintain and execute an incident response plan, ensuring preparedness and rapid response to security incidents.
Prepare and present detailed security reports, dashboards, and compliance documentation for leadership and stakeholders.
Monitor security systems to detect and respond to potential threats.
Develop strategic roadmaps for service delivery, ensuring efficient resource allocation and continuous improvement.
Serve as the primary point of contact for agency-related inquiries and cybersecurity engagements.

Education:

Bachelor s degree in computer science, information technology, Information Security, Cybersecurity or related field.
Advanced degrees or certifications such as CISSP, CISM, or CISA, Sec+, CISSO.

Minimum Qualifications

Bachelor s degree in Computer Science, Information Technology, Information Security, Cybersecurity, or a related field.
5+ years of experience in information security management, IT administration, or related fields.
3+ years implementing cyber assessment and remediation plans, procedures, and defense operations.
Hands-on experience with risk management, incident response, vulnerability management, and security compliance.
Strong understanding of ISO 27001, NIST, and other industry security frameworks.
Proficiency with security tools, technologies, and methodologies for enterprise-level systems.
Excellent analytical, problem-solving, and communication skills.
Proven ability to manage multiple priorities and projects in a fast-paced environment.
Graduate degree or certifications such as CISSP, CISM, or CISA

Preferred Qualifications

Experience developing strategic cybersecurity plans, roadmaps, and business cases for enterprise initiatives.
Demonstrated ability to lead cross-functional teams in the delivery of cybersecurity programs.
Knowledge of federal, state, and local regulations related to information security and privacy.
Familiarity with centrally managed cyber services and adoption tracking.
Experience in cloud security and modern IT environments.

Why Join 4A

Opportunities for professional growth, innovation, and leadership in cybersecurity.
Collaborative, agile work environment focused on technical excellence.
Exposure to high-impact security and digital transformation projects.
Meaningful work supporting public sector and enterprise clients across Maryland and beyond.

Equal Opportunity Statement

4A is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Job Details

Company Overview

What You ll Do

Key Responsibilities

Lead the daily operations and implementation of ISO-related projects, ensuring effective security governance and compliance.

Develop and maintain security metrics to track adoption rates, monitor controls, and identify areas for improvement.

Review, update, and enforce security policies and procedures to align with regulatory frameworks such as ISO 27001 and NIST Cybersecurity Framework.

Conduct vulnerability assessments, analyze results, and coordinate remediation efforts with relevant stakeholders.

Participate in Authorization to Operate (ATO) assessments to validate compliance and readiness for production environments.

Collaborate with cross-functional teams to enhance security protocols, system designs, and operational processes.

Design and implement secure architectures for cloud, on-premises, and hybrid environments.

Lead and manage security-related projects, ensuring successful and timely delivery.

Develop and deliver security awareness training programs to improve organizational security posture.

Maintain and execute an incident response plan, ensuring preparedness and rapid response to security incidents.

Prepare and present detailed security reports, dashboards, and compliance documentation for leadership and stakeholders.

Monitor security systems to detect and respond to potential threats.

Develop strategic roadmaps for service delivery, ensuring efficient resource allocation and continuous improvement.

Serve as the primary point of contact for agency-related inquiries and cybersecurity engagements.

Education:

Bachelor s degree in computer science, information technology, Information Security, Cybersecurity or related field.

Advanced degrees or certifications such as CISSP, CISM, or CISA, Sec+, CISSO.

Minimum Qualifications

Bachelor s degree in Computer Science, Information Technology, Information Security, Cybersecurity, or a related field.

5+ years of experience in information security management, IT administration, or related fields.

3+ years implementing cyber assessment and remediation plans, procedures, and defense operations.

Hands-on experience with risk management, incident response, vulnerability management, and security compliance.

Strong understanding of ISO 27001, NIST, and other industry security frameworks.

Proficiency with security tools, technologies, and methodologies for enterprise-level systems.

Excellent analytical, problem-solving, and communication skills.

Proven ability to manage multiple priorities and projects in a fast-paced environment.

Graduate degree or certifications such as CISSP, CISM, or CISA

Preferred Qualifications

Experience developing strategic cybersecurity plans, roadmaps, and business cases for enterprise initiatives.

Demonstrated ability to lead cross-functional teams in the delivery of cybersecurity programs.

Knowledge of federal, state, and local regulations related to information security and privacy.

Familiarity with centrally managed cyber services and adoption tracking.

Experience in cloud security and modern IT environments.

Why Join 4A

Opportunities for professional growth, innovation, and leadership in cybersecurity.

Collaborative, agile work environment focused on technical excellence.

Exposure to high-impact security and digital transformation projects.

Meaningful work supporting public sector and enterprise clients across Maryland and beyond.

Equal Opportunity Statement

4A is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

About 4A-Consulting

Share