Facility Security Officer

About The Position

Requirements

• U.S. Citizenship required; must possess or be eligible to obtain a U.S. Government security clearance (Secret or higher)
• Bachelor’s degree in Security Management, Criminal Justice, Cybersecurity, or related field (or equivalent experience)
• 5+ years of experience in industrial security and information protection within a cleared defense contracting environment
• In-depth knowledge of NISPOM (32 CFR Part 117), DISS, NISS, and government security policies
• Strong familiarity with CUI guidelines (32 CFR Part 2002), DFARS 252.204-7012, NIST SP 800-171, and CMMC compliance
• Proven ability to lead audits, investigations, and security awareness programs
• Excellent written and verbal communication skills

Nice To Haves

• Completion of CDSE FSO Program Management Course
• Insider Threat Program Management certification
• Professional certification such as ISP (Industrial Security Professional) or CPP (Certified Protection Professional)
• Working knowledge of ITAR/EAR export controls and secure communications infrastructure (e.g., TEMPEST, SCIF, Closed Areas)
• Experience supporting RMF, CMMC assessments, and managing classified IS under JSIG guidelines

Responsibilities

• Administer and maintain the facility’s compliance with the NISP defined by 32 CFR Part 117
• Manage the Facility Clearance (FCL), including sponsorship, documentation, and ongoing eligibility requirements
• Oversee and process personnel security clearances (PCLs) using DISS, NISS, and eAPP
• Prepare and manage classified information systems and coordinate with IT/cybersecurity teams for RMF compliance
• Conduct self-inspections and support DCSA assessments; implement corrective actions as needed
• Develop, maintain, and enforce Standard Operating Procedures (SOPs), Security Plans, and Emergency Action Plans (EAPs)
• Manage visitor access and classified visit authorizations using DISS
• Investigate and report security violations, incidents, and infractions in accordance with government directives
• Implement policies and controls to protect CUI in accordance with: 32 CFR Part 2002 (CUI Program) DFARS 252.204-7012 NIST SP 800-171 CMMC Level 2+ requirements
• Ensure proper marking, handling, storage, transmission, and destruction of CUI
• Monitor and restrict access to CUI using physical and digital access control methods
• Collaborate with IT to ensure CUI data is protected in systems using appropriate encryption, MFA, and audit logging
• Oversee and deliver CUI-specific training and awareness programs for employees and subcontractors
• Conduct CUI risk assessments and support readiness for DoD cybersecurity or CMMC audits
• Coordinate and report CUI security incidents and suspected compromises within prescribed timelines (e.g., 72-hour window per DFARS)
• Act as the Insider Threat Program Senior Official (ITPSO)
• Develop and maintain the Insider Threat Program (ITP), integrating CUI protection objectives
• Deliver annual training for cleared and uncleared staff on industrial security, insider threat, and CUI responsibilities
• Serve as primary point of contact for DCSA, DoD customers, and prime contractors regarding security matters
• Coordinate with HR, IT, Legal, and Program Management on cross-functional issues affecting classified and CUI information
• Support subcontractor security reviews and flow-down of CUI protection requirements in accordance with prime contract obligations

Benefits

• Competitive salary and performance-based bonuses
• Comprehensive health, dental, and vision insurance
• Retirement savings plan with company match
• Opportunities for professional development and career advancement
• Collaborative and innovative work environment