Jobs · Information Technology · Virginia

Facility Security Officer/ISSM-Skillbridge Internship

Sparton · Fairfax, VA · 3 mo ago
Information TechnologyFull-time

Job Summary

The Facility Security Officer (FSO) is responsible for implementing and maintaining a security program that complies with the NISPOM and other regulations. The ISSM is responsible for ensuring the appropriate operational security posture is maintained for information system security requirements.

FSO Responsibilities

  • Serve as the manager on all physical and Proxy Agreement security requirements, with working knowledge of Foreign Ownership, Control and Influence (FOCI) policy and security structure.
  • Provide support for all security actions in accordance with corporate and governmental policies and directives.
  • Oversee the day-to-day security operations of each system, associated media and networks.
  • Develop and maintain compliance standard procedures supporting customer and government agency requirements.
  • Develop and maintain effective security awareness training.
  • Safeguard and assure accountability of all classified materials and areas in accordance with NISPOM requirements.
  • Manage visit requests and Cleared personnel visit requests utilizing DISS.
  • Process and manage personnel security clearances using DISS and assist new applicants with the e-QIP process.
  • Plan, examine, analyze, evaluate and provide oversight of security operations; prepare reports and record for management team.
  • Conduct annual clearance justifications and advise leadership when an employee does not meet clearance requirements.
  • Manage the Operational Security (OPSEC) requirements for all government sensitive programs and ensure personnel cleared on those programs receive initial and refresher.

Desired ISSM Responsibilities

  • Reviewing, preparing, and updating ATO packages in accordance with NIST Risk Management Framework and customer policy, procedures and guidelines.
  • Identify and communicate changes that might affect information system (IS) security authorization status.
  • Act as a liaison with government agencies, such as Defense Security Service (DSS) Information System Security Professionals (ISSP), Advanced / Special Program government Security Control Assessors (SCA), and other external / internal customers.
  • Development, implementation, and maintenance of System Security Plans (SSP), Standard Operating Procedures (SOP), information security policies to ensure compliance with Risk Management Framework (RMF) guidelines.
  • Development and maintenance of Plan of Action and Milestones (POA&M) through mitigation and risk acceptance.
  • Oversee the scheduling, installation, implementation and maintenance of security software integration on all information systems under his/her purview.
  • Ensure proper measures are taken when an information system incident or vulnerability is discovered.
  • Maintain, and execute the information security continuous monitoring (ConMon) plan.
  • Ensure configuration management (CM) policies and procedures for authorizing the use of hardware/software on an information system are followed and assess changes to the system, its environment, and operational needs that could affect the security authorization.
  • Perform self-inspections, provide security coordination and review of system test plans.
  • Identify vulnerabilities and work with technical subject matter experts to identify and implement countermeasures.
  • Assists in the coordination, preparation, and tracking of IS inspections, reports, and responses.
  • Deploy and configure scanning tools to conduct security vulnerabilities reviews in support of continuous monitoring processes.
  • Conduct scheduled audits and managing audit data.
  • Prepare reports on the status of security safeguards applied to computer systems.
  • Ensure IS and network nodes are operated, maintained, and disposed of in accordance with security policies and practices.

Minimum Requirements

  • Active military, Skillbridge eligibility.
  • Active Secret clearance with the ability to obtain and maintain a Top Secret (TS).
  • Experience as an FSO (desired).
  • Completion of CDSE FSO Certification (desired; must complete within 6 months of start).
  • Working knowledge of CFR 32 Part 117 (NISPOM), ICDs, and associated industrial security regulations.
  • Experience with government systems (DISS, NCAISS, e-APP, NBIS, SWFT).
  • U.S. Citizen.

Skills for ISSM (Desired)

  • Minimum of 1 to 2 years of experience as an assistant ISSO, Alternate ISSM, or DoD equivalent at an organization of similar size and complexity.
  • Relevant bachelor’s degree a plus.
  • Experience with AIS reaccreditation process and security controls under the NIST Risk Management Framework, in accordance with NIST special publications, including SP-800-171, SP-800-53, and DAAPM.
  • Knowledge of other security disciplines and how they impact and interact with information system security.
  • Ability to obtain and maintain a Top-Secret Clearance.
  • Ability to perform technical certifications for systems being presented to the government for authorization, to include type accreditation.
  • Understanding of network concepts and Type 1 encryption devices, such as TACLANE.
  • Familiarity with CUI requirements for unclassified IT systems and SIPRnet connectivity process is a plus.
  • Desirable certifications include Security+, CISSP or other DoD 8570.1 certifications.
  • Familiarity and understanding of Microsoft Windows 10 security and administrative settings, and ability to meet STIG/JSIG/NISPOM requirements for IS.

Similar jobs