Information Security Officer bei Ventus Solutions

Ventus Executive Solutions is a dynamic small business at the forefront of technology-driven innovation, dedicated to delivering exceptional solutions for our clients. We cultivate a supportive and inclusive workplace culture that values collaboration, mentorship, and professional growth. At Ventus Solutions, we believe our employees’ success is integral to our mission, which is why we prioritize work-life balance, personal development, and fostering a sense of belonging. In addition to providing opportunities to thrive, we offer competitive salaries and comprehensive benefits to attract and retain top talent ready to make a meaningful impact. Be part of our Employee Stock Ownership Plan (ESOP).

Ventus Solutions is seeking a skilled Information Security Officer (ISO) to support the company’s Information Security Management System (ISMS). The ideal candidate will ensure the confidentiality, integrity, and availability of the company’s data and networks. Reporting directly to the Director of Operations, the ISO will serve as the central authority for cybersecurity strategy, compliance, and governance across the organization. This role requires a proactive leader who can maintain compliance with government cybersecurity standards (including NIST 800-171 and CMMC Levels I & II), coordinate with IT providers, and translate complex security issues into actionable plans for leadership. The ISO will also guide the companies’ Information Security Team, foster a strong security culture, and drive continuous improvement in security operations and risk management. Join our innovative team and contribute to impactful national security initiatives.

Work Location: Hybrid/Fairfax, VA

Part-time

Required Experience:

• Minimum of 5 years of cybersecurity experience and 2 years in a supervisory role within industry, government, or military settings.
• Proven experience with cybersecurity asset management and security infrastructure design and implementation.
• Strong working knowledge of NIST Special Publications and/or ISO 27001 frameworks.
• Demonstrated experience with CMMC Level II requirements and certification processes.
• Prior performance in one or more of the following roles: ISM, ISSM, ISSO, ISO/ACISO, or CISO for federal agencies or contractors.
• Possession of at least one of the following certifications: CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Security Manager).
• Excellent verbal and written communication skills with the ability to brief senior leadership and interface across technical and non-technical teams.
• Bachelor’s degree in Information Security, Business Administration, Computer Science, STEM, or a related IT field.

Desired Experience:

• Minimum of 8+ years of cybersecurity experience with 4+ years in a supervisory or leadership capacity.
• Additional certifications such as CISA (Certified Information Systems Auditor), CISO (Certified Information Security Officer), or equivalent.
• Current DoD 8570 baseline certification for IAT II (GSEC, Security+, SCNP, or SSCP).
• Expert-level knowledge of NIST SP 800-171, NIST SP 800-37, and NIST SP 800-53 standards.
• Demonstrated success in achieving and maintaining NIST 800-171 compliance within an organization.
• Strong project management experience, including POA&M development and execution.
• Master’s degree in Information Security, Business Administration, Computer Science, STEM, or a related field.