Security Compliance Manager - AMMO

Solutions Through Innovative Technologies, Inc. (STI-TEC) specializes in the delivery of professional business and information management services. STI-TEC offers government and commercial clients a comprehensive portfolio of services that identify, manage, distribute and improve business processes related to entities’ most valued resource, information. As a fast-growing solutions provider, established in 2000, total customer satisfaction has remained the cornerstone of our business. Our business model focuses on integrity, loyalty, and trust.

Position Overview

The Advanced Framework for Simulation, Integration, and Modeling (AFSIM) is an innovative, open-source military simulation framework used extensively by the U.S. Department of Defense (DoD) and related communities. Managed by the U.S. Air Force Research Laboratory (AFRL), AFSIM supports scenario creation, analytical work, and virtual wargaming, benefiting from a collaborative user community across the military, government, industry, academia, and international partners. To enhance AFSIM's growth, the Department of the Air Force (DAF) is establishing a Model Management Office (MMO).

In this cutting-edge new MMO the Security Compliance Manager will manage security protocols across programs, products, and services affiliated with the MMO while ensuring the confidentiality, integrity, and availability of critical MMO assets and resources and provide multi-disciplined security support for Collateral, Sensitive Compartmented Information (SCI), and Special Access Program (SAP) activities.

Essential Job Function

Program Protection

• Advise or assist the MMO to conduct program protection planning and develop Program Protection Plans (PPPs)
• Monitor and protect MMO programs, products, and services from threats and vulnerabilities
• Conduct threat awareness education in coordination with organizational or enterprise (DoD, DAF, AFMC, and/or AFRL) sources to inform program protection planning and execution
  
  

Operations Security

• Advise or assist the MMO to implement a comprehensive OPSEC program covering all MMO programs, products, and services
• Review publications, presentations, or information prior to public release in coordination with organizational OPSEC policy and processes
• Review prime contractor OPSEC plans and provide recommendations to the MMO to improve OPSEC posture across all stakeholders
• Facilitate threat informed OPSEC awareness education and training
  
  

Industrial Security

• Advise or assist the MMO to implement industrial security controls and ensure prime contractor and subcontractor compliance with regulations such as the National Industrial Security Program Operating Manual (NISPOM)
• Implement and monitor security controls that protect classified information from point of initiation to destruction
• Perform access control functions for restricted secure areas, process inbound and outbound classified packages, and coordinate courier services at appropriate classification levels
• Facilitate training and awareness on the protection of classified information
  
  

Personnel Security

• Coordinate personnel security actions
• Coordinate with the government security office to organize and track inbound and outbound visit requests through Defense Information System for Security (DISS) or other systems as required
• Escort facility visitors and assist in access control procedures
• Review, track, and monitor security clearance processing actions and organization-specific security awareness and education requirements necessary to maintain access
  
  

Cybersecurity

• Advise or assist the MMO to secure the confidentiality, integrity, and availability of critical information systems necessary for the conduct of MMO activities
• Coordinate system access requests and authorizations and coordinate the transfer of classified data at multiple levels of security
• Review prime contractor or subcontractor System Security Plans (SSPs) and provide recommendations to the MMO to improve cybersecurity posture across all stakeholders
• Facilitate threat-informed cybersecurity awareness education and training
  
  

Incident Response

• Advise or assist in the design, implementation, and maintenance of a comprehensive incident management and response plan
• Coordinate MMO response activities during training events, tabletop exercises, or real-world incidents. Maintain a Continuity of Operations Plan (COOP)
  
  

Security Compliance

• Advise or assist in the preparation and generation of required security monitoring and control documentation related to MMO processes, products, and services
• Ensure that documentation complies with all applicable law, regulation, and security standards
  
  

Minimum Qualifications

Education and Experience

• Bachelor's Degree in a relevant field such as Cybersecurity, Information Technology, Computer Science, or a related discipline
• Minimum 7 Years of Experience in cybersecurity, information assurance, or a related field, with a demonstrated history of managing security protocols and compliance
  
  

Certifications

• Information Assurance Manager (IAM) Level-II Certification in accordance with AFMAN-17-1303 and DoD 8570.01-M
• Certified Information Systems Security Professional (CISSP) or similar certification is highly desirable
  
  

Experience With Department Of Defense (DoD) Security Protocols

• Proven experience working with or within DoD, Air Force Materiel Command (AFMC), or Air Force Research Laboratory (AFRL) is highly desirable
  
  

Program Protection

• Demonstrated experience in program protection planning and the development of Program Protection Plans (PPPs)
  
  

Operations Security (OPSEC)

• Experience in implementing comprehensive OPSEC programs and conducting threat-informed OPSEC awareness education and training
  
  

Industrial Security

• Familiarity with industrial security controls and compliance with regulations such as the National Industrial Security Program Operating Manual (NISPOM)
  
  

Personnel Security

• Experience in coordinating personnel security actions and managing security clearance processing
  
  

Cybersecurity

• Strong background in securing the confidentiality, integrity, and availability of critical information systems and facilitating cybersecurity awareness education and training
  
  

Incident Response

• Proven ability to design, implement, and maintain comprehensive incident management and response plans
  
  

Security Software Proficiency

• Proficiency in using security monitoring and management tools such as SIEM (Security Information and Event Management) systems, vulnerability assessment tools, and access control systems
  
  

Data Analysis and Reporting

• Strong analytical skills to monitor, analyze, and report on security incidents and compliance metrics
  
  

Documentation and Compliance

• Ability to prepare and generate required security monitoring and control documentation, ensuring compliance with all applicable laws, regulations, and security standards
  
  

Additional Requirements

• Top Secret SCI clearance and eligible for higher level accesses
  
  

Desired Qualifications

• Master’s degree in a related field
  
  

Applicants selected may be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information.

STI-TEC is an equal opportunity employer and values diversity. Employment is decided on the basis of qualifications, merit, and business need. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected Veteran status, gender identity and sexual orientation.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, transfer, leaves of absence, compensation and training.

If you need assistance or an accommodation due to a disability, you may contact us at HR@sti-tec.com or you may call us at 1+918.583.9900.

• This job posting is to identify potential candidates for positions in order to respond to a request for proposal. This job posting, including but not limited to, qualifications, duties, compensation and benefits, is subject to change based on the terms and conditions of the awarded contract and is contingent on STI-TEC being awarded the contract.