Facility Security Officer

About The Position

Requirements

• Bachelor's Degree or equivalent experience
• At least 10 years of experience and education must be consistent with the ability to effectively manage all security aspects of a dynamic fast-growing business
• Minimum of 5 years government contracting experience
• Working knowledge of NIST SP 800-171 requirements and CUI handling obligations
• Strong written skills and oral skills required to interact directly with customer security personnel, management and technical managers
• Demonstrated ability to multi-task and be proactive in response to business needs
• In-depth knowledge of the DoD, DoE or other government security regulatory manual
• Must have an active Top Secret security clearance to be considered for the position
• US Citizenship is required

Nice To Haves

• Information Systems Security knowledge, compliance with NISPOM and Chapter 8
• Experience coordinating security compliance efforts with external IT or managed service providers
• Completion of DSS Security Education requirements for qualification as FSO
• Familiarity with Microsoft GCC High or other government cloud environments
• Advanced Microsoft Office experience
• Attention to detail, self-starter, excellent follow through skills
• Excellent interpersonal skills

Responsibilities

• Responsible for the oversight and security management of the AHA facilities.
• Serves as internal lead for NIST SP 800-171 and Cybersecurity Maturity Model Certification (CMMC) program governance, coordinating with executive leadership and external IT service providers.
• Maintains security policies and procedures related to industrial security and CUI handling.
• Ensures proper identification, marking, handling, storage, and transmission of CUI.
• Maintains System Security Plan (SSP), POA&M, and compliance documentation repository.
• Serves as primary internal point of contact for cybersecurity compliance matters with executive leadership and government representatives.
• Responsible for all security disciplines, OPSEC, personnel security, training, classification management, information systems security, document accountability, and physical security.
• Coordinates with external IT service providers to ensure cybersecurity controls are implemented and maintained in accordance with contractual requirements.
• Formulates and conducts security awareness training and education and required initial and refresher briefings to continue the excellent security posture of the Facility.
• Knowledgeable of the NISPOM, NISPOM Supplements, DCID 6/3 & 6/9, CMCC and RMF.
• Supports all functions of the security department in reference to personnel clearances, daily end-of-day checks, destruction, incoming and outgoing classified mail, IS operations and general routine security items.
• Coordinates and monitors highly sensitive aspects of the DoD, DoE or other industrial security program and other security activities, ensuring compliance with government and company security policies and procedures that are non-IT related.
• Oversees SPRS score reporting and DFARS 252.204-7012 compliance.
• Addresses typical security related issues which may include physical access to buildings, rooms, couriers, clearances, packages, documentation and debriefings.
• Conducts highly sensitive security briefings.
• Coordinates all security education programs.
• Prepares organization for CMMC self-assessment or C3PAO assessment activities.
• Integrates personnel security, training, insider threat, and access control requirements with cybersecurity program governance.
• Acts as primary liaison with upper management and outside agencies.
• Handles all onboarding/offboarding efforts with regards to security and systems needs.
• Manages company safety plan and acts as company Safety Officer (SO).
• Able to assume all responsibilities of the FSO upon hire.
• May provide work leadership for lower-level employees.
• Is a fast learner and must be able to assume additional responsibilities and duties as directed by the Chief Operating Officer.
• Other duties as assigned.