About the position
As the Facility Security Officer (FSO), you'll coordinate and perform routine to intermediate security tasks to ensure compliance with contractual, program and security requirements. This will include participating in the administration and coordination of one or more security programs/activities, conducting security briefings, maintaining security education programs and planning for new security programs, including proposal preparation. Additionally, we will rely on you to provide leadership to a team as well as partner with various government agencies to ensure corporation is compliant with directives and regulations and obtains rulings, interpretations and deviations, as appropriate. As the Information Systems Security Manager (ISSM) you will support information system life cycle activities from categorizing systems for new programs and preparing Risk Management Framework packages, to reviewing regular maintenance, support, and upgrades of systems during program execution. The ISSM will maintain the day-to-day security posture and continuous monitoring of Information Systems (IS) for Department of Defense (DoD) programs, and includes security event log review and analysis, end user account audits, etc.
Responsibilities
- Perform or lead security requirements analysis, security control selection, and validation with little or no supervision.
- Execute or lead the execution of the development of required security documentation including items such as system security plans, contingency plans, and standard operating procedures in compliance with the IA policy.
- Conduct internal vulnerability assessments to identify and mitigate potential security weaknesses and ensure all security features applied to a system are implemented and functional.
Requirements
- A Bachelors degree in Administration of Justice, Criminal Justice, Law Enforcement or related field or the equivalent plus a minimum of 5 years relevant experience; or Master's degree plus a minimum of 3 years relevant experience.
- Solid knowledge of all security policies and procedures and ability to interpret security requirements and apply them consistently across diverse situations.
- Fully proficient knowledge of all general functions and substantial understanding of policies and procedures to include the National Industrial Security Program Operating Manual (NISPOM), National Industrial Security Program Operating Manual Supplement (NISPOMSUP), National Security Agency (NSA) Industrial COMSEC Manual, 90-1, specific Program Security Directives (PSD).
- Experience developing System Security Plans (SSPs) and all supporting Assessment and Authorization documentation.
- Experience with eMASS risk management and compliance automation tools.
- Experience with various system security assessment/hardening tools - SCAP Compliance Checker, STIG Viewer, ACAS/Nessus, etc.
- Trained and proficient in Assured File Transfer (AFT) procedures.
- Self-starter with the ability to operate independently without supervision.
- Strong knowledge of cybersecurity technology and trends.
Nice-to-haves
- Intuitive nature to anticipate potential problem areas and resolve issues.
- Excellent customer service skills and ability to prioritize, schedule and complete multiple tasks.
- Outstanding communications skills.
- Ability to work collaboratively in a cross-functional team throughout the system life cycle.
- DoD 8570 Certification meeting IAM Level I (e.g., Security + [CE]) [Preferred].
Benefits
- Flexible work environment where contributions are recognized and rewarded.
- Highly competitive benefits.
