Facility Security Officer/ISSM
Elbit Systems of America · Fairfax, VA · 6 mo ago
On-siteInformation TechnologyFull-time
Job Summary
The Facility Security Officer (FSO) is responsible for implementing and maintaining a security program that complies with the NISPOM (32 CFR Part 117) and other regulations. The ISSM ensures the appropriate operational security posture is maintained for information system security requirements.
FSO Responsibilities And Tasks
- Serve as the manager on all physical and Proxy Agreement security requirements, with working knowledge of FOCI policy and security structure.
- Provide support for all security actions in accordance with corporate and governmental policies and directives.
- Manage compliance standard procedures supporting customer and government agency requirements, including SOPs, SPPs, OPSEC, EAPs, and Risk Analysis Investigations.
- Develop and maintain effective security awareness training, including annual Security Briefings, Counterintelligence, Espionage, Insider Threat, Courier, NATO, debriefings, indoctrinations, pre/post-foreign travel briefings, and all other mandated briefings.
- Safeguard and assure accountability of all classified materials and areas in accordance with NISPOM requirements.
- Conduct periodic self-inspections on local processes and practices to ensure Proxy Agreement and component program security compliance; report security posture to site, group, and corporate leadership.
- Oversee badging of employees, visitors, consultants, and government representatives to ensure compliance with Sparton policy.
- Manage visit requests and Cleared personnel visit requests utilizing DISS. Process and manage personnel security clearances using DISS and assist new applicants with the e-QIP process.
- Plan, examine, analyze, evaluate, and provide oversight of security operations; prepare reports and records for management team.
- Conduct annual clearance justifications and advise leadership when an employee does not meet clearance requirements.
- Manage the Operational Security (OPSEC) requirements for all government sensitive programs and ensure personnel cleared on those programs receive initial and refresher.
Desired ISSM Responsibilities And Tasks
- Review and prepare ATO packages in accordance with NIST Risk Management Framework and customer policy, procedures, and guidelines.
- Communicate changes affecting information system (IS) security authorization status to include identifying security deficiencies/discrepancies and providing recommendations for solutions.
- Liaise with government agencies such as DSS, ISSP, SCA, and external/internal customers.
- Develop, implement, and maintain SSPs, SOPs, information security policies to ensure compliance with RMF guidelines.
- Create and maintain POA&M through mitigation and risk acceptance.
- Schedule, install, implement, and maintain security software integration on all information systems under his/her purview.
- Ensure proper measures are taken when an information system incident or vulnerability is discovered.
- Maintain and execute information security continuous monitoring (ConMon) plan.
- Audit and assess changes to the system, its environment, and operational needs that could affect the security authorization.
- Perform self-inspections, provide security coordination, and review of system test plans.
- Identify vulnerabilities and work with technical subject matter experts to implement countermeasures.
- Coordinate, prepare, and track IS inspections, reports, and responses.
- Deploy and configure scanning tools to conduct security vulnerabilities reviews in support of continuous monitoring processes.
- Conduct scheduled audits and manage audit data.
- Prepare reports on the status of security safeguards applied to computer systems.
- Ensure IS and network nodes are operated, maintained, and disposed of in accordance with security policies and practices.
Education, Experience, Licenses And Certifications
- Bachelor’s degree OR associate degree OR equivalent years of relevant experience in lieu of a degree.
- Active Secret clearance with the ability to obtain and maintain a Top Secret (TS).
- Five years of experience as an FSO (desired).
- Completion of CDSE FSO Certification (desired; must complete within 6 months of start).
- Working knowledge of CFR 32 Part 117 (NISPOM), ICDs, and associated industrial security regulations.
- Experience with government systems (DISS, NCAISS, e-APP, NBIS, SWFT).
- U.S. Citizen.
Skills And Abilities
- Minimum of 1 to 2 years of experience as an assistant ISSO, Alternate ISSM, or DoD equivalent at an organization of similar size and complexity.
- Relevant bachelor’s degree a plus.
- Knowledge of other security disciplines and how they impact and interact with information system security.
- Ability to obtain and maintain a Top-Secret Clearance.
- Ability to perform technical certifications for systems being presented to the government for authorization, to include type accreditation.
- Understanding of network concepts and Type 1 encryption devices, such as TACLANE.
- Familiarity with CUI requirements for unclassified IT systems and SIPRnet connectivity process is a plus.
- Desirable certifications include Security+, CISSP or other DoD 8570.1 certifications.
- Familiarity and understanding of Microsoft Windows 10 security and administrative settings, and ability to meet STIG/JSIG/NISPOM requirements for IS.
Benefits
- Healthcare: Robust medical, dental, vision, & disability coverage; virtual health solutions; company-paid basic life insurance; additional life & AD&D insurances; on-site wellness clinic; paid benefits; competitive compensation; 401k program with company match 75% up to 8% plus 1% Employer contribution; company-paid time off (vacation and sick); paid parental leave; adoption assistance; fertility and family building assistance; lifestyle spending account; perks at work; generous employee referral program; tuition reimbursement; voluntary benefits available: longer term care, legal, identity theft, pet Insurance, and many more options.