Assistant Facilities Security Officer/ Site Assessor - Pueo Business Solutions
Tysons, VA
About the Job
Pueo is known for bringing the best talent and unique tools to every opportunity. Pueo's Parliament (aka workforce) is composed of professionals who are seeking the opportunity to work in a business with an organization that thrives on career development and independence. In support of mission and professional growth, our Parliament has supported the development of multiple patents, proprietary tools, and applications as well as trademarked processes.
Our organization emphasizes career development across multiple career environments (at the members own pace) and ensures those who contribute broadly are properly rewarded. Pueo has four career environments where every member of the parliament can participate. Each environment has opportunities available for all levels. Opportunities are framed by an employee's desires and capabilities, and we ensure challenges, growth, and unique experiences are available for employees at all levels.
Our Career Environments (Program, Functional, Service, and Leadership) provide numerous opportunities for employees to invest in their personal growth and those things that offer fulfillment. We invest in helping our members create and execute their career development plans. Our Pods (small teams of 5 or less) are comprised of personnel with similar skillsets to ensure mentorship, understanding, and peer support.
Role: Pueo has an opportunity for an experienced TS/SCI cleared Information Systems Security Officer/Site Assessor to join our team in Tyson's Corner, VA. The Information Systems Security Officer/Site Assessorwill perform duties as an Information Systems Security Officer (ISSO) for Information Technology systems residing within a SCIF environment and also serve as a Special Security Representatives (SSR) to support Sensitive Compartmented Information Facility (SCIF) operations/management. Information Systems Security Officer/Site Assessor will support the Defense Intelligence Agency with varying security standards and procedures, utilizing the NISPOM, ICDs, DoDM 5205.07 and other applicable directives, policies and procedures set forth by the DoD and Intelligence Community.
Responsibilities:
- SCIF Security Protocols Implementation: Develop, implement, and enforce security protocols to protect Pueo's sensitive information and assets. Coordinating, developing, and implementing local SCIF Standard Operating Procedures (SOP) and Emergency Plans (EP), policies, and guidance, including the preparation of SCIF documentation required for accreditation. Conducting SCIF inspections, corrective action planning, and on-site support. This includes but is not limited to physical security measures, access control mechanisms, and data encryption techniques.Responsible for assisting the FSO with pre-screening of candidates to mitigate risk to the government. Assist the FSO with processing SCI and SAP nominations for personnel supporting various efforts.Document and maintain personnel security files and rosters. Act as an advocate for the security program, using sound communication expertise as well as working with senior level managers to accomplish mission. Bring security risks and concerns to the attention of the FSO and management,
- SCIF Management/Physical Security safeguard: Responsible for executing visitor control functions to include security clearance verification. Conduct SCIF/SAPF self-inspections in preparation for security audits. Prepare written SOPs and update annually for IC and SAP customers. Maintains SCIF / SAPF visitor control functions. Receiving/validating incoming clearances and accesses; passing clearances and SCI accesses; preparing Visit Authorization Request (VAR) and Permanent Certifications. Verifying/vetting news media personnel/equipment for SCIF interviews. Reviewing/processing foreign travel/contact requests and verifying/vetting foreign nationals. Coordinating/executing Co-Utilization Authorizations. Maintaining access codes, spin-dial combinations, intrusion detection system codes and keys for SCI Facilities/doors. Conducting onsite monitoring of security systems and responding as necessary to system failures/power outages to provide security support of the space,
- Information Technology Security: Responsible for maintaining the accreditation and reaccreditation of classified IS Systems and unclassified IS systems within the SCIF, in accordance with U.S.G, DoD and Intelligence Community polices and regulations. Follow NIST 800 Series Risk Management Framework, ICD 503, FISMA, etc. to ensure IT systems are operating securely, data integrity is maintained, and Approval to Operate/Approval to Connect status is continuously monitored. Will conduct Cyber IT self-inspections following DIA inspection guideline for JWICS,
- Risk Assessment and Management: Conduct regular risk assessments to identify potential security vulnerabilities and threats. Develop mitigation strategies and action plans to address identified risks and ensure the integrity and confidentiality of Pueo's data and resources.Investigating known or suspected security violations, incidents, and unauthorize disclosures. Ensuring SCIF integrity through alarm monitoring, management, and auditing of the access control system. Conducting Semi and Annual IDS testing and USM directed Security Review; Annual Self-Inspections, SOP/EP reviews and EP testing. Instituting/maintaining access process to authorized SCIF users; maintain access control roster,
- Security Awareness Training: Develop and deliver security awareness training programs for Pueo's employees. Administering the annual SCI and Derivative Classification Refresher training,
- Incident Response and Investigation: Develop and maintain incident response plans to effectively respond to security incidents and breaches. Lead investigations into security incidents, assess the impact, and implement remediation measures to prevent recurrence.Assist the FSO with investigating security violations and submission of required reports to the government,
- Vendor Management: Collaborate with third-party vendors and service providers to ensure that security requirements are met in outsourced functions and services. Conduct security assessments of vendors and monitor their compliance with contractual security obligations. Work with SCRM for third party acquired equipment,
- Security Documentation/Materials and Reporting: Maintain accurate and up-to-date documentation of security policies, procedures, and incidents. Prepare regular reports on security activities, including compliance status, incident trends, and risk assessments, for senior management and regulatory authorities as required. Maintain SCIF and SAPF accreditations to include transference of cognizance (TOC) to appropriate Cognizant Security Agency (CSA). Maintain oversight of COMSEC account and material.
Qualifications:
- An active TS/SCI clearance with the ability to obtain a CI Poly,
- High School Diploma,
- Minimum of 5 years of experience as an Information Systems Security Officer/ Special Security Representative or similar position,
- Ability to travel to Pueo Locations, attend conferences, training, or other industry events,
- Ability to work onsite.
Preferred:
- Have or be able to obtain STEPP/DCSA required certification for FSO's for Possessing Facilities,
- Strong working knowledge of the NISPOM and other relevant security guidelines and directives,
- Working knowledge of NIST 800 Series RMF,
- Experience handling customer service for a government organization or private corporation in an official capacity.
Pueo is an equal employment opportunity employer and affirmative action employer. All interested individuals will receive consideration and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity, genetic information, or protected veteran status. Pueo takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities, women, protected veterans, and individuals with disabilities.