Facility Security Officer (FSO) & Info Systems Security Officer

Chantilly, VA

Exp Federal is an established Chicago-based full service architectural and engineering firm that provides a full range of exceptional design solutions and construction support to the federal government. Our team of professionals operates in some of the most challenging environments to provide support services to a variety of governmental agencies globally.

The Challenge:
Exp Federal is currently seeking a dual-hatted Facility Security Officer (FSO) and Information System Security Officer (ISSO) to manage the security program at our Chantilly office. This individual will work closely with the Corporate Security Officer and the Corporate Information System Security Manager (ISSM) headquartered in Chicago to implement the program and monitor the branch office facility to ensure compliance. Because this is a relatively small office and the corporate security programs are well established, this position will have these two primary roles combined under the responsibility of one individual.

The duties for this position are based on the requirements outlined in the National Industrial Security Program Operations Manual (NISPOM) and are summarized here:

Principle areas of responsibility are:

FSO

• Supervise and direct security measures necessary for implementing applicable requirements of this NISPOM and related Federal requirements for classified information. The FSO shall complete security training as specified in Chapter 3 of the NISPOM and as deemed appropriate by the CSA.
• Provide security training to staff.
• Prepare and submit reports required by NISPOM, Corporate Security Officer, and/or clients
• Prepare for and lead facility Security Vulnerability Assist visits.
• Utilize DISS, NISS, and other government authorized systems to maintain security related information.
• Manage Visit Request process, which vary by client.
• Conduct period scheduled and unscheduled internal audits.
• Support Corporate Security Officer with the creation and maintenance of security policeis and procedures.
• Provide miscellaneous support to Corporate Security Officer

ISSO

• Ensure the implementation of security measures, in accordance with facility procedures.
• Identify and document any unique threats.
• Perform risk assessments
• Develop and implement a certification test as required by the ISSM/CSA.
• Prepare, maintain, and implement an SSP that accurately reflects the installation and security provisions.
• Notify the CSA (through the ISSM) when an IS no longer processes classified information, or when changes occur that might affect accreditation.
• Ensure: (1) That each IS is covered by the facility Configuration Management Program, as applicable. (2) That the sensitivity level of the information is determined prior to use on the IS and that the proper security measures are implemented to protect this information. (3) That unauthorized personnel are not granted use of, or access to, an IS. (4) That system recovery processes are monitored to ensure that security features and procedures are properly restored.
• Document any special security requirement identified by the GCA and the protection measures implemented to fulfill these requirements for the information contained in the IS.
• Implement facility procedures: (1) To govern marking, handling, controlling, removing, transporting, sanitizing, reusing, and destroying media and equipment containing classified information. (2) To ensure that vendor-supplied authentication (password, account names) features or security-relevant features are properly implemented. (3) For the reporting of IS security incidents and initiating, with the approval of the ISSM, protective or corrective measures when a security incident or vulnerability is discovered. (4) Requiring that each IS user sign an acknowledgment of responsibility for the security of IS and classified information. (5) For implementing and maintaining security-related software for the detection of malicious code, viruses, and intruders (hackers), as appropriate.
• Conduct ongoing security reviews and tests of the IS to periodically verify that security features and operating controls are functional and effective. k. Evaluate proposed changes or additions to the IS, and advises the ISSM of their security relevance. l. Ensure that all active user Ids are revalidated at least annually.
• Maintain network hardware and software.
• Ensure operating system patches and virus protection upgrades are promptly installed on all system devices.
• Monitor activity on network.

Miscellaneous

• Assist users in office with their device hardware and software issues
• Ensure inventory of IT assets is kept current
• Other IT related tasks that may be assigned by the supervisor

Required Qualifications:

• Knowledge of the National Industrial Security Program Operating Manual
• Experience operating and maintaining classified information systems
• Experience with MS Word, MS PowerPoint, and MS Excel is required.
• Organized & Energetic, Professional & Articulate, both in writing and verbally.
• Bachelor's degree in Computer Science, Information technology or related field or a minimum of 8 years of relevant experience
• Ability to obtain and maintain a Top Secret Security Clearance

Preferred Qualifications:

• NISPOM Chapter 8 Implementation Course
• Risk Management Framework (RMF) training

More About Us:

exp Federal delivers full-service Architectural & Engineering and Design-Build solutions. You will be part of an expanding team that works collaboratively across our wider exp Federal design studios. As part of a project team, you will have the opportunity to work on a variety of projects that keep you engaged and showcase your individual talents. We believe in identifying potential in people and then providing opportunities to achieve success.

Our employees work on complex projects that require innovative, efficient solutions, and collaboration across various disciplines. Joining our team is a commitment to meaningful work supporting federal government clients across multiple sectors. Employees and clients alike will look to you for results that exceed their expectations.

Our Values:

Respect: We respect people, honor diversity, and treat each other fairly. These are the cornerstones of our culture and the key to our culture and the key to our ability to work successfully as a global team.

Unquestioned Integrity: We operate with the highest standards of honesty and responsibility – as individuals and as a corporation. We’re people who meet routine, everyday obligations with honesty.

Safety: We place the highest priority on the health and safety of our employees and protection of our assets and the environment. Our goal is zero work-related injuries.

Customer Service: We listen and respond to the changing needs of our customers, the industry, and the environment, and draw upon lessons learned from our experiences around the world.

Impeccable Quality: We recognize that quality is fundamental in all our operations — it is everyone’s responsibility. We have established procedures, assessments, and continuous improvement processes in place to ensure the quality of our work.

Sustainability: We understand the impact of our work on the environment and that sustainability is a part of everything we do. We work with customers to provide responsible, efficient, healthy, and effective project solutions to reduce our overall environmental impact.

What We Offer:

• ⌚ Exponential full-time professional growth and development
• ⏩ Fast-paced and professional work culture
• ⚕ ️Health insurance including medical, dental, and vision
  1. Health Savings Account and Flexible Savings Account options
  2. Company HSA funding contributions