Special Access Program Security Officer

Overview

SPECIAL ACCESS PROGRAM SECURITY OFFICER (NAUT):

Bowhead seeks a Special Access Program Security Officer to support our customer on the Nautical contract in the Arlington, VA area. This position ensures security management and compliance for security controls for DoD cloud migration projects while coordinating security accreditation activities and maintaining ongoing security posture, training, and other related events in accordance with Government and Bowhead policies.

Responsibilities

• Implement and enforce SAP security management per DoD and customer specific standards/regulations/policies
• Plan, schedule, and prioritize security activities to accomplish mission objectives
• Conduct comprehensive security risk assessments and vulnerability analysis on facilities/processes, addressing impacts
• Establish, maintain, and update Security Operating Procedures, Emergency Action Plans, and other applicable procedures
• Ensure applicable Security Classification Guides and pertinent classification documentation is available to employees
• Proven experience reporting/coordinating security matters, including personnel vetting issues and security incidents, with the Program Security Officer, Contractor Program Manager, Government Program Manager, and company leadership to include coordinating response activities.
• Conduct exploration of any loss, compromise, or suspected compromise of classified and/or sensitive information, including conducting preliminary inquiries and generating damage assessments as a result of the loss of classified information
• Establish, conduct, and maintain security training and documentation for initial, courier, situational, and annual refresher
• Execute the SAP Nomination Process ensuring accuracy and clarity with applicable prescreening questionnaires and conduct applicable reviews of candidates being submitted for SAP access
• Have access to and able to understand information found in the Defense Information System for Security (DISS) Web Application or any successor system
• Prepare, process, and/or review Program Access Request (PARs) for accuracy and access eligibility
• Perform indoctrinations to individuals approved for access to include documentation and updating applicable databases
• Establish, update, and conduct debriefings to include documentation, updating applicable databases, and visit requests
• Prove experience with and maintain access to the Joint Access Database Environment (JADE), or any successor system, and maintain personnel security files, to include input and reporting requirements
• Research, process, file, and maintain inbound and outbound SAP visit notices
• Conduct and maintain documentation of annual self-inspection or other compliance inspections and submit corrective action plans to applicable authorities through completion
• Establish procedures and be knowledgeable of Intrusion Detection Systems (IDS) and the requirements that go with IDS and alarm response
• Establish, update, and ensure access control procedures are in place for the facility and access control badges
• Establish, update, and conduct escort procedures, including logging, for cleared and uncleared visitors
• Conduct entry and exit inspections
• Maintain security containers and facilities to ensure ability to properly safeguard classified information
• Establish and maintain an accountability process for Top Secret SAP and media (hard drives, discs) materials
• Acquire and maintain destruction procedures/equipment consistent with regulations
• Be able to maintain records for and coordinate distribution (including packaging)/receipt of classified information/packages
• Interface with facility cybersecurity Information Systems Security Managers and/or Information Systems Security Officers to ensure full protection of all classified materials are met
• Basic understanding of Joint SAP Implementation Guide (JSIG) and other cybersecurity requirements
• Ensure an Operational Security (OPSEC) plan has been established and communicated to company employees
• Provide leadership, mentoring, and oversight of team members
• Maintain an extensive customer database point of contact listing
• Maintain various daily logs for a variety of administrative functions associated with security management
• Handle classified information according to proper procedures and security protocols
• Perform other duties as assigned including miscellaneous administrative support functions

Qualifications

• Bachelor's degree in Cybersecurity, Information Systems, Information Technology, Computer Science, or related field from an ABET accredited or CAE designated institution or 10 years experience in leiu of this degree.• Minimum of 16+ years of information security experience with demonstrated expertise in cloud security• Minimum of 5+ years of DoD SAP security experience in enterprise environments• Minimum of 3+ years of hands-on experience with cloud security frameworks and implementations• Complete understanding and experience implementing requirements of the NISPOM and ICDs• Knowledge of cloud security principles and FedRAMP requirements• Demonstrated ability to develop solutions to complex security problems• Proven ability to work in fast-paced, deadline-driven environments• Excellent verbal and written communication skills for technical and executive audiences• Recent experience with security management policies and procedures• Proficiency with Microsoft Office Suite and security management tools

CERTIFICATION REQUIREMENTS:

Required: DoD Directive 8570 compliant certification; CompTIA Security+Desired: Security Fundamentals Professional Certification (SFPC), Special Program Security Credentials (SPSC), other Security Specific SPED Certifications

Physical Demands

• Must be able to lift 25 pounds on occasion.
• Must be able to stand and walk for prolonged period amounts of time.
• Must be able to twist, bend, and squat periodically.

SECURITY CLEARANCE REQUIREMENTS: Must currently hold a Top Secret security clearance with SCI eligibility and ability to maintain SAP (Special Access Program) eligibility. Due to work requirements, this position will not entertain work from home capabilities. US Citizenship is a requirement for this contract.

#LI-KC1