Facility Security Officer (FSO) / Information Systems Security Manager (ISSM)

Responsibilities:

• Serve as the primary point of contact for DCSA reviews and correspondence; establish a working relationship with DCSA and other government security personnel
• Work with the Security Manager to review, update and establish various policies and procedures related to the NISP
• Author and maintain documentation supporting the Assessment & Authorization (A&A) of assigned systems in accordance with the Risk Management Framework (RMF)
• Perform security control assessments as part of the Continuous Monitoring Plan
• Oversee configuration management of assigned systems and validates audits are performed to ensure the security posture integrity
• Conduct hardware and software inventory assessments
• Identify system security control shortcomings and serve as PoC for remediating technical and physical deficiencies
• Investigate security incidents such as data spills, data integrity, malicious events and insider threat
• This position will require some overnight travel
• Personnel clearance processing
• Facility clearance maintenance activities
• Review and maintain DD-254s
• Ability to fulfil the requirements set forth in the 32 CFR Part 117

Qualifications:

Bachelor's degree and 3 years of prior relevant experience or supplemental related work experience

Required Skills:

• Must have a U.S. Department of Defense (DoD) Secret security clearance with the ability to obtain Top Secret clearance
• Must have the following certificates, or must be completed within 6 months of hire:
• FSO Program Management for Possessing Facilities Curriculum (IS030.CU)
• ISSM Required Online Training DAAPM - 2.6 Program Risk Management Framework (CS100.CU)
• CompTIA Continuous Monitoring (CS200.16)
• Introduction to the Risk Management Framework (CS124.16)
• Introduction to Industrial Security (IS011.16)
• Introduction to Information Security (IF011.16)
• Introduction to Personnel Security (PS113.16)
• Introduction to Physical Security (PY011.16)

Preferred Skills:

• The technical knowledge that will assist in rulings, approvals, interpretations, and acceptable deviations from regulations for IS compliance with various government agencies & regulations (RMF, STIGs, associated NIST publications) for a variety of Operating Systems and components
• Ensuring compliance with Risk Management Framework (RMF) policies, concepts, and measures for currently accredited and new Information Systems
• Evaluate potential security risks through Continuous Monitoring
• Ensuring configuration management (CM) system software, hardware and firmware is maintained and documented
• Perform antivirus updates, system patch installations and conduct security self-reviews
• Working knowledge of eMASS application/DISS/NBIS
• Possess good written, verbal, listening and presentation skills