BAE Systems
Facility Security Officer (FSO)/Contractor Program Security Officer (CPSO)/Cyber
BAE Systems, Fort Worth, Texas, United States, 76102
Security Position
Join a dynamic security team implementing and providing security guidance to our Ft. Worth, Texas facility location. This is an opportunity to develop your career and grow your skills in a high intensity, team-based environment, and become a part of BAE Systems, a leading company in Aerospace and Defense. As a Facility Security Officer (FSO), Contractor Program Security Officer (CPSO), and Cyber Security Manager (ISSM) you will work with all levels of leadership, as well as both internal and external customers to support a variety of interesting and dynamic programs. This role provides onsite support for the sites security program which also includes cyber and COMSEC tasks. In this security position, you will make impacts in the following ways: Develop and revise security plans and procedures utilizing the 32 CFR Part 117 National Industrial Security Operating Manual (NISPOM), DoD Special Access Program Security Manual, as well as any other specific programmatic instruction manuals. Interpret and enforce government and company policies as well as provide direction and guidance to employees. Provide prime/subcontractor security support and direction including the development and maintenance of DD254's and security guidance. Provide classification guidance to employees, develop and provide security education and awareness training, conduct security briefings, lead security self-inspections and audits, and investigate security incidents. Provide security guidance and education to company personnel and advise Senior Management Conduct investigations of non-compliance government and company regulations Write comprehensive investigation, adverse information, suspicious contacts, violation, infraction or administrative inquiry reports Develop and implement improved methods of inspection preparation, audits, and analysis of the security function to determine performance and cost effectiveness Lead Government Security reviews as well as any internal Security audits Conduct formal self-inspections overseeing implementation/completion of corrective action plans Conduct general and program specific briefings Lead site Insider Threat council Establish and maintain physical security systems, plant protection, contingency plans and emergency response through collaboration with Business Continuity and Physical Security Managers Incident commander for all site security emergency events Support to other security disciplines within the organization to include: Personnel Security, Physical Security, Special Programs, Document Control and Visitor Control Responsible for supporting adherence to all aspects of a rigorous Risk Management Framework (RMF) compliance program as stipulated by NISPOM/DAAPM, JSIG, ICD 503, NSA, and associated NIST publications. To obtain and maintain Authority to Operate (ATO) approvals for an information system by adhering to the Risk Management Framework (RMF). Supports cybersecurity efforts throughout the RMF process for one or more assigned programs(s) to include the development and management of System Security documentation, Plans of Action and Milestones (POA&Ms), assessing and auditing systems security controls, and continuous monitoring of controls. Interface with program managers and maintain strong relationship with Defense Counterintelligence & Security Agency (DCSA), National Security Agency (NSA) and US Government Security customers Ensure the requirements of the NSA/CSS Policy Manual 3-16 and other applicable manuals / OPORDS are implemented, and compliance is maintained Interface with program managers and maintain liaison with US Government Program Security Officers. Complete annual COMSEC keying of Taclanes and/or Vipers prior to their supersession date Complete / submit NSA initiated semi-annual inventories prior to the given deadline and maintain DIAS to reflect current inventory Additional duties/tasks as required Provide oversight for all classified systems compliance, and ensure the execution of our strong self-inspection program. Ensure all security certification and accreditation documents in relation to all classified systems are up-to-date. Ensure continuous monitoring (e.g. weekly, monthly, etc.) in accordance with cognizant security authority requirements are being implemented and met. Required Education, Experience, & Skills 6 or more years of relevant security related work experience applicable to the position and a minimum of a high school diploma Active Top Secret Clearance is required Ability to exercise discretion and independent judgement while complying with policies, procedures, appropriate principles and applicable state and federal laws and regulations. Highly proficient written and verbal communication skills with emphasis on clear and cogent presentation of complex information. Demonstrated knowledge of 32 CFR Part 117 NISPOM Ability to solve complex decisions independently Ability to manage time, make sound decisions, take independent action, analyze problems, and provide focused solutions. IAM Level II certification commensurate with DoD 8570.1M requirements ISSM or relevant cybersecurity experience High level of personal motivation and initiative to learn and acquire new skills, and adapt seamlessly to an ever-changing security environment Strong organizational skills Able to interface with other IA team members, other security disciplines (industrial security, physical security, special programs security, etc.), program personnel and government security representatives. Knowledge and ability to operate multiple Key loading devices (SKL, DTD, RASKL) STE and ViPer phones. Coordinate security-related activities with information security architects, senior information security officers, information system owners, common control providers, and information system security officers Experience with eMASS and the ability to develop required Authorization to Operate (ATO) documentation including System Security Plans, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, and Configuration Management Plans. Experience with the review and creation of mitigation reports from compliance and vulnerability scanning tools (Nessus, SCAP, SPLUNK). Experience with auditing and certifying compliance of various systems (Windows, Linux, Network Devices and peripherals). Experience with development and delivery of IA-related briefings and training material. Experience with compliance and vulnerability scanning tools (Nessus, SCAP, SPLUNK). Experience with the review and creation of mitigation reports from compliance and vulnerability scanning tools (Nessus, SCAP, ACAS, SCC). Preferred Education, Experience, & Skills Previous experience as an FSO and/or ISSM or Department of Defense Security Manager Facility Security Officer Program Management for Possessing Facilities Certificate (via CDSE) Final Top Secret Clearance Demonstrate working knowledge of the DoD SAP Manuals & ICD series manuals. Experience with DISS, NISS, SIMs, and eMASS Run and maintain the entire information assurance program for more complex efforts or area Working knowledge of system functions, security policies, technical security safeguards, and operational security measures. Translate operational requirements into technical requirements and architectures needed to meet program objectives Experience with conducting all aspects of a self-inspection Experience with periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and integrity scans to determine compliance Prepared incident reports of analysis methodology and results Knowledge of new and emerging information technology (IT) and cybersecurity technologies. Employ best practices when implementing security controls within an information system including; software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques Ability to function as an integral part of the development team to include designing and developing organizational information systems or upgrading legacy systems Pay Information Full-Time Salary Range: $90373 - $153634. Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience. Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and
Join a dynamic security team implementing and providing security guidance to our Ft. Worth, Texas facility location. This is an opportunity to develop your career and grow your skills in a high intensity, team-based environment, and become a part of BAE Systems, a leading company in Aerospace and Defense. As a Facility Security Officer (FSO), Contractor Program Security Officer (CPSO), and Cyber Security Manager (ISSM) you will work with all levels of leadership, as well as both internal and external customers to support a variety of interesting and dynamic programs. This role provides onsite support for the sites security program which also includes cyber and COMSEC tasks. In this security position, you will make impacts in the following ways: Develop and revise security plans and procedures utilizing the 32 CFR Part 117 National Industrial Security Operating Manual (NISPOM), DoD Special Access Program Security Manual, as well as any other specific programmatic instruction manuals. Interpret and enforce government and company policies as well as provide direction and guidance to employees. Provide prime/subcontractor security support and direction including the development and maintenance of DD254's and security guidance. Provide classification guidance to employees, develop and provide security education and awareness training, conduct security briefings, lead security self-inspections and audits, and investigate security incidents. Provide security guidance and education to company personnel and advise Senior Management Conduct investigations of non-compliance government and company regulations Write comprehensive investigation, adverse information, suspicious contacts, violation, infraction or administrative inquiry reports Develop and implement improved methods of inspection preparation, audits, and analysis of the security function to determine performance and cost effectiveness Lead Government Security reviews as well as any internal Security audits Conduct formal self-inspections overseeing implementation/completion of corrective action plans Conduct general and program specific briefings Lead site Insider Threat council Establish and maintain physical security systems, plant protection, contingency plans and emergency response through collaboration with Business Continuity and Physical Security Managers Incident commander for all site security emergency events Support to other security disciplines within the organization to include: Personnel Security, Physical Security, Special Programs, Document Control and Visitor Control Responsible for supporting adherence to all aspects of a rigorous Risk Management Framework (RMF) compliance program as stipulated by NISPOM/DAAPM, JSIG, ICD 503, NSA, and associated NIST publications. To obtain and maintain Authority to Operate (ATO) approvals for an information system by adhering to the Risk Management Framework (RMF). Supports cybersecurity efforts throughout the RMF process for one or more assigned programs(s) to include the development and management of System Security documentation, Plans of Action and Milestones (POA&Ms), assessing and auditing systems security controls, and continuous monitoring of controls. Interface with program managers and maintain strong relationship with Defense Counterintelligence & Security Agency (DCSA), National Security Agency (NSA) and US Government Security customers Ensure the requirements of the NSA/CSS Policy Manual 3-16 and other applicable manuals / OPORDS are implemented, and compliance is maintained Interface with program managers and maintain liaison with US Government Program Security Officers. Complete annual COMSEC keying of Taclanes and/or Vipers prior to their supersession date Complete / submit NSA initiated semi-annual inventories prior to the given deadline and maintain DIAS to reflect current inventory Additional duties/tasks as required Provide oversight for all classified systems compliance, and ensure the execution of our strong self-inspection program. Ensure all security certification and accreditation documents in relation to all classified systems are up-to-date. Ensure continuous monitoring (e.g. weekly, monthly, etc.) in accordance with cognizant security authority requirements are being implemented and met. Required Education, Experience, & Skills 6 or more years of relevant security related work experience applicable to the position and a minimum of a high school diploma Active Top Secret Clearance is required Ability to exercise discretion and independent judgement while complying with policies, procedures, appropriate principles and applicable state and federal laws and regulations. Highly proficient written and verbal communication skills with emphasis on clear and cogent presentation of complex information. Demonstrated knowledge of 32 CFR Part 117 NISPOM Ability to solve complex decisions independently Ability to manage time, make sound decisions, take independent action, analyze problems, and provide focused solutions. IAM Level II certification commensurate with DoD 8570.1M requirements ISSM or relevant cybersecurity experience High level of personal motivation and initiative to learn and acquire new skills, and adapt seamlessly to an ever-changing security environment Strong organizational skills Able to interface with other IA team members, other security disciplines (industrial security, physical security, special programs security, etc.), program personnel and government security representatives. Knowledge and ability to operate multiple Key loading devices (SKL, DTD, RASKL) STE and ViPer phones. Coordinate security-related activities with information security architects, senior information security officers, information system owners, common control providers, and information system security officers Experience with eMASS and the ability to develop required Authorization to Operate (ATO) documentation including System Security Plans, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, and Configuration Management Plans. Experience with the review and creation of mitigation reports from compliance and vulnerability scanning tools (Nessus, SCAP, SPLUNK). Experience with auditing and certifying compliance of various systems (Windows, Linux, Network Devices and peripherals). Experience with development and delivery of IA-related briefings and training material. Experience with compliance and vulnerability scanning tools (Nessus, SCAP, SPLUNK). Experience with the review and creation of mitigation reports from compliance and vulnerability scanning tools (Nessus, SCAP, ACAS, SCC). Preferred Education, Experience, & Skills Previous experience as an FSO and/or ISSM or Department of Defense Security Manager Facility Security Officer Program Management for Possessing Facilities Certificate (via CDSE) Final Top Secret Clearance Demonstrate working knowledge of the DoD SAP Manuals & ICD series manuals. Experience with DISS, NISS, SIMs, and eMASS Run and maintain the entire information assurance program for more complex efforts or area Working knowledge of system functions, security policies, technical security safeguards, and operational security measures. Translate operational requirements into technical requirements and architectures needed to meet program objectives Experience with conducting all aspects of a self-inspection Experience with periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and integrity scans to determine compliance Prepared incident reports of analysis methodology and results Knowledge of new and emerging information technology (IT) and cybersecurity technologies. Employ best practices when implementing security controls within an information system including; software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques Ability to function as an integral part of the development team to include designing and developing organizational information systems or upgrading legacy systems Pay Information Full-Time Salary Range: $90373 - $153634. Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience. Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and