Information Security Specialist

About The Position

Requirements

• Experience: 3-7 years of broad, hands-on experience in Information Security, with a significant focus on SCI security and networks within the U.S. Defense Industrial Base or Intelligence Community.
• Process Expertise: Proven experience in process improvement, standardization, or quality assurance roles within a highly regulated compliance environment.
• Regulatory Expertise: Deep, practical knowledge of NISPOM/32 CFR Part 117 and applicable Intelligence Community Directives (ICDs).
• Clearance: Must possess and maintain an Active Top Secret (TS) / Sensitive Compartmented Information (SCI) eligibility security clearance. U.S. Citizenship is required.
• Skills: Exceptional analytical and problem-solving skills, with a proven ability to translate complex regulatory requirements into simplified, efficient, and user-friendly processes.

Nice To Haves

• Certification: SPeD Certification, or experience with process improvement methodologies (e.g., Lean, Six Sigma).
• System Proficiency: Highly proficient with security management systems (DISS, NISS) and familiarity with enterprise software tools used for document control or workflow management.
• Education: Bachelor’s degree in a relevant field (e.g., Security Management, Business Process, Quality Assurance).

Responsibilities

• Security Process Analysis and Design
• Efficiency Improvement: Identify operational inefficiencies, compliance gaps, and bottlenecks in existing security workflows.
• Standardization: Design, implement, and standardize new, optimized security processes and procedures to enhance efficiency, reduce cycle time, and ensure consistent compliance across all USSF sites.
• Methodology: Utilize process improvement methodologies (e.g., Lean, Six Sigma principles) to enhance the security team's overall effectiveness while maintaining strict regulatory adherence.
• Incidence Response and Operations
• Incident Response: Lead and participate in all security incident response activities, including the identification, containment, eradication, and recovery from security incidents impacting SCI systems.
• SOP Guidance: Maintain detailed Standard Operating Procedures (SOPs) for security incident instigation, mitigation, and reporting activities.
• Coordination: Coordinate incident response and forensic activities with the ISSM, SSO, command leadership, law enforcement, and other government agencies as required.
• Monitoring and Reporting: Stay up-to-date on the latest security threats, vulnerabilities, and technologies to inform defensive strategies.
• Technology Integration and Metrics
• Technology Evaluation: Evaluate and recommend technology solutions (e.g., workflow software, compliance tracking tools, security management systems) to automate manual security processes and enhance auditability.
• System Optimization: Serve as a functional lead for the integration and optimization of security management systems (DISS/NBIS, NISS) and physical security systems (ACS/IDS) to improve data integrity and compliance reporting.
• KPI Development: Develop and track Key Performance Indicators (KPIs) and metrics for security process efficiency, compliance status, and security team performance to measure the impact of improvement initiatives.