Facility Security Officer / ISSM

Facility Security Officer (FSO) / Unclassified Information System Security Manager (ISSM)

Location: [On-site, Crystal City, VA]

Clearance Required: Active Secret (Top Secret eligible preferred)

Reports To: COO

Position Type: Full-time, Exempt

FLSA: Exempt

Company Overview

Strategic Insight, Ltd., established in 1985, is committed to sustaining excellence and quality growth across our workforce as we strive to improve our clients’ services and products. Strategic Insight staff members enjoy growth opportunities and are provided with robust benefits, from healthcare and 401K to merit bonuses. We hold a Top Secret facility clearance under 32 CFR Part 117 and operate classified information systems supporting multiple active contracts across the DoD enterprise.

Position Summary

Strategic Insight is seeking a Facility Security Officer (FSO) / Unclassified Information System Security Manager (ISSM) to lead and manage our industrial security and cybersecurity programs end-to-end. This individual will be formally designated as Key Management Personnel (KMP) in DISS and serve as the company’s principal liaison with DCSA and customer government security offices. The role reports directly to senior leadership and is accountable for maintaining the Facility Clearance (FCL), coordinating with IT personnel in implementing NIST 800-171, and executing compliance with DCSA security review requirements.

Key Responsibilities

Facility Security Officer (FSO)

The FSO administers Strategic Insight’s facility clearance under 32 CFR Part 117 (NISPOM) and is the primary point of contact with DCSA. Day-to-day responsibilities include maintaining the FCL and all KMP designations in DISS, executing and maintaining the DD-441, and reviewing every incoming DD-254 to confirm contract security requirements are understood and met. The FSO manages the full personnel security clearance lifecycle — initiations and reinvestigations in NBIS, indoctrinations and debriefings, continuous vetting enrollment, incident and adverse information reporting, and SF-312 administration. They plan and execute the annual self-inspection, prepare the company for DCSA security reviews with the goal of a Commendable or Superior rating, and remediate findings.

The FSO also leads and manages the Security Education, Training, and Awareness (SETA) program — initial security briefings, annual refresher training, foreign travel briefings and debriefings, derivative classifier training, and threat awareness. The FSO manages classified visit requests inbound and outbound through DISS, oversees physical security, including closed area or controlled area accreditations if applicable, administers the company’s classified holdings and document control program, and serves as the designated Insider Threat Program Senior Official (ITPSO). The FSO is responsible for reporting under the NISPOM’s reporting requirements, including cyber incidents, suspicious contacts, foreign travel, and changes in personal status.

Information System Security Manager (ISSM) for Unclassified Information Systems

The ISSM leads and manages the cybersecurity posture of all information systems and executes the Risk Management Framework (RMF) per DoDI 8500.01, DoDI 8510.01, and NIST SP 800-53. Responsibilities include developing and maintaining System Security Plans (SSPs), Security Assessment Reports, Plans of Action and Milestones (POA&Ms), continuous monitoring strategies, and incident response plans for each system The ISSM serves as the company’s cyber incident response lead for the organization’s information systems — coordinating with DCSA, the DoD Cyber Crime Center (DC3), and customer cybersecurity offices as required.

The ISSM also supports Strategic Insight’s CMMC compliance program for CUI environments, coordinates with the IT department on architecture and zero-trust initiatives, and contributes to supply chain risk management and Foreign Ownership, Control, or Influence (FOCI) mitigation activities.

Separation of Duties

The FSO/ISSM is an oversight role and is intentionally separated from day-to-day IT system administration. The incumbent will not hold privileged operator accounts on the systems they accredit and audit; system administration is performed by Strategic Insight’s IT team under the ISSM’s policy direction, with audit log review and privileged action oversight performed by the ISSM independently.

Required Qualifications

• U.S. citizenship (required by NISPOM for FSO and ISSM designations)
• Active Secret clearance; ability to obtain Top Secret clearance
• Minimum 5 years of progressive industrial security experience in a cleared DoD contractor environment, including at least 3 years in a designated FSO role at a possessing facility
• Working knowledge of 32 CFR Part 117 (NISPOM), DoDI 8500.01, DoDI 8510.01, NIST SP 800-37, NIST SP 800-53, NIST SP 800-171, and applicable DISA STIGs
• Hands-on proficiency with DISS, NBIS, NISS, and eMASS (or customer-equivalent RMF tooling)
• DoD 8140 IAM Level II certification (CISSP, CISM, CASP+, or equivalent) at hire or within six months; IAM Level III preferred
• Completion of CDSE FSO Program Management for Possessing Facilities curriculum (or completion within six months of designation)
• Experience with CMMC Level 2 implementation and assessment
• Demonstrated ability to draft and implement SSPs, SOPs, and incident response plans

Preferred Qualifications

• Minimum 3 years as a designated ISSM or senior ISSO with demonstrated experience achieving ATO decisions on classified systems
• NCMS Industrial Security Professional (ISP) or SPeD SFPC certification
• Experience supporting multi-contract, multi-customer security programs at a similarly sized contractor
• Experience with closed area accreditation under NISPOM
• Prior experience as ITPSO and building an Insider Threat Program from baseline

What We Offer

Team Culture:

Diversity: All staff members are expected to accomplish their work in a businesslike manner and always be courteous toward all other staff members, clients, business associates, guests, and visitors. All staff members should be treated in a manner free from bias, favoritism, and any form of illegal discrimination.

Ethics: All members of Strategic Insight should be marked by a commitment to excellence, professional integrity, self-discipline, and wise judgment. Our employees reflect this by attention to detail, comprehensive staff work, and honorable behavior.

The above information has been designed to indicate the general nature and level of work performed by employees in this classification. It is not designed to contain or to be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of the employee assigned to this job.

 Strategic Insight, Ltd. is an equal opportunity employer. We are committed to providing equal opportunity to all applicants and employees in full compliance with all applicable state and federal laws prohibiting discrimination based on race, color, age, gender, religion, national origin, disability, protected veteran status, or any other class protected by applicable state or federal law.