Program Security Officer
Kratos Defense and Security Solutions · Huntsville, AL · 2 wk ago
On-siteManagementFull-time
Primary Responsibilities
- Perform key cryptographic equipment per key effective dates; enforce Two-Person Integrity procedures as required.
- Manage COMSEC throughout the lifecycle: procure, distribute, relocate, return, and destroy material and ancillary equipment.
- Administer inventories and records: maintain hand receipts, account files, reconcile transfers, and perform semiannual audits.
- Enforce access controls and ensure recipients are enrolled in the Cryptographic Access Program (CAP) and other customer specific access requirements.
- Develop and deliver training for users, CROs, SVROs, and alternates; maintain realistic Emergency Action Plans across the division.
- Process material, equipment, and paperwork promptly; receive/send DCS packages as required and reconcile transfer reports of material sent through official channels.
- Report and respond to incidents immediately and ensure staff follow COMSEC incident procedures.
- Serve as SME and liaison: translate policy into technical/operational requirements and assist with SKMP/KGMPP, revalidations, and surveys.
- Provide technical support: COMSEC administration and RMF stakeholder day-to-day assistance.
Experience And Skills
- 5 years of security experience related to COMSEC and compliance such as maintaining records and files, reporting security incidents, providing status reports regarding COMSEC materials, etc.
- 5+ years of experience supporting DoD, SAP or IC accounts
- Active Top Secret SCI clearance with COMSEC access eligibility
- Prior COMSEC/INFOSEC experience managing keying, inventory, and Two-Person Integrity procedures
- Familiarity with CAP, KMI, DCS, SKMP, and KGMPP processes
- Proven records and inventory management skills, including hand receipts and semiannual audits
- Experience delivering training and briefings on COMSEC and emergency procedures
- Strong attention to detail and strict adherence to chain of custody and documentation protocols
- Incident response capability and knowledge of COMSEC incident reporting procedures
- Technical aptitude for troubleshooting cryptographic equipment and supporting installs
- Effective communicator able to translate policy into operational procedures and support stakeholders
- Experience with courier procedures and material reconciliation (DCS or equivalent)
- COMSEC custodian certification or equivalent and experience supporting IC or DoD COMSEC programs
- Experience with DIAS and other COMSEC systems
- Experience creating realistic and actionable Emergency Action Plans (EAPs)
- Supervisory experience
- CompTIA Security+ CE, CASP+, or equivalent cybersecurity certification
Preferred Skills And Experience
- 5+ years of security experience related to COMSEC and compliance such as maintaining records and files, reporting security incidents, providing status reports regarding COMSEC materials, etc.
- Active Top Secret/SCI Clearance with an active CI or Full-Scope Polygraph
- Knowledge of DoD/IC COMSEC program requirements
- Superb communications skills, both written and verbal
- Managerial experience leading teams
- Ability to effectively interact with industry and government partners
- Proficient with COMSEC requirements and procedures including acquisition, maintenance, operation, and disposition of related equipment
- Experience working SKMP submissions
- Ability to work in a fast paced, dynamic environment
- Flexibility to travel within CONUS
- 2 years as an ISSO or equivalent duties
- Familiarity with eMASS, XACTA, or similar government systems of record
- Familiarity with Zero Trust Architecture (ZTA) requirements
- Experience with Windows and RHEL environments
- Experience with AWS
- Experience with security tools such in the following areas: Malicious code prevention and analysis (i.e., Trellix), Audit log analysis (Splunk, Greylog, etc.), Patch Management and Vulnerability Analysis (Tenable Security Suite & ACAS), and security tools which support the implementation of DISA STIGs (SCC, Evaluate STIG, STIG Viewer, etc.)