FSOISSM

Job Summary:

In this role, you will serve as the Facility Security Officer (FSO) for the Oxnard, CA site, with full responsibility for ensuring compliance with the National Industrial Security Program (NISP). In this dual-function position, you will also act as the Information Systems Security Manager (ISSM), overseeing the security of classified information systems across multiple Mercury locations.

As the FSO, you will manage all aspects of NISP compliance, implement and enforce security policies and procedures, and ensure full adherence to U.S. Government requirements. As the ISSM, you will be responsible for the overall security posture of classified information systems, including configuration, protection, assessment, and accreditation under the DoD Risk Management Framework (RMF).

Key responsibilities include aligning security program goals with organizational objectives, assessing and mitigating risk, ensuring regulatory compliance, protecting personnel, information, facilities, and business operations.

Job Responsibilities:

• Collaborate with the Corporate ISSM to ensure all accredited information systems meet RMF requirements.
• Prepare, maintain, and upload System Security Plans (SSPs) and supporting artifacts in eMASS.
• Ensure SSPs accurately reflect system configuration and required security controls.
• Support certification testing and assessments conducted by the Cognizant Security Agency (CSA).
• Maintain facility information system records in eMASS.
• Develop and maintain procedures supporting Configuration Management (CM) for security relevant hardware, software, and firmware.
• Conduct risk and vulnerability assessments of classified systems and verify the effectiveness of security controls.
• Ensure compliance with DoD certification and accreditation requirements, including DoDI 8510.01 (RMF for DoD IT).
• Install, update, and maintain security-related software tools to detect malicious code, viruses, and unauthorized intrusions.
• Provide Security guidance to and regularly interact with Program Managers, Engineering/Production, Management, and Human Resources.
• Responsible for the administration and coordination of the DOD and other industrial security programs and activities to ensure compliance with 32 CFR 117 and other government and company security policies and procedures.
• Coordinate due diligence and risk assessments whose objective is to identify improvements in the existing physical security controls in place for non-NISP security function at assigned facilities.
• Maintain and provide security classification guidance of DD254's, Security Classification Guides, and other documents related to security requirements for assigned programs.
• Operate and maintain a security education, training, and awareness program to include indoctrinations, annual refresher training, debriefings, courier, travel, event specific briefings, and OPSEC procedures.
• Respond to intrusion alarms as needed.
• Manage physical security for the site, including intrusion detection, access control, CCTV, security hardware, and GSA approved containers.
• Respond to intrusion alarms as necessary.
• Be the direct liaison for the facility with the Defense Counterintelligence and Security Agency (DSCA) and other government agencies.

Required Qualifications:

• Typically requires 4 years of experience in cybersecurity, information systems security, RMF, and Certification & Accreditation (C&A) processes.
• Active Secret Clearance.
• Experience working with eMASS and RMF procedures.
• Demonstrated ability to conduct thorough risk assessments and manage complex documentation.
• Experience of network assets and peripheral equipment.
• Maintain facility and personnel information in DISS and NISS.

Preferred Qualifications:

• Experience with large, multi‑facility networks in Windows and Linux environments.
• Familiarity with cyber incident response, including preservation, containment, and eradication.
• CISSP, CASP, or similar certification.
• FSO & ISSM Certification with in 6 months of hire.
• Master''s degree in Information Systems or related field.
• High initiative, strong attention to detail, analytical skills, and organizational capability.
• Ability to work effectively both independently and collaboratively.

#LI-RL1

"This position requires you to access information that is subject to U.S. export regulations. You may only access such information if you are a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. government."