Industrial Security Team Lead / Senior Facility Security Officer (FSO)

Requirements

About Galois

Who We Are: Galois tackles the hardest problems in computer science. Our mission is to assure trust in critical systems that protect the privacy and integrity of information in the real world.  From building digital engineering tools that make space exploration safer to verifying cryptographic libraries that protect some of the world’s most valuable data, Galois develops technology to guarantee the trustworthiness of systems where failure is unacceptable.

What We Do: We believe trustworthy systems are built on a formal mathematical foundation. Our researchers apply formal analysis techniques to the design and verification of critical software systems, allowing us to model, analyze, and mathematically prove that a system behaves exactly as intended under all circumstances. With clients including DARPA, NASA, AWS, and the DoD / DoW, we leverage our cutting-edge research to deliver high assurance solutions and tools that enhance security, reliability, and operational efficiency across sectors including aerospace & defense, healthcare, semiconductors, and fintech.

Life at Galois: People are the foundation of Galois’s success. As an employee-owned company, we care not only about the technologies we develop, but also the path we take to create them. Galois operates under a highly collaborative organizational model that encourages leadership and teamwork and respects the individuals.

For more on our culture and organizational structure, visit Life at Galois.

About the Role

The Industrial Security Team Lead/Senior Facility Security Officer (FSO) is responsible for further developing and maintaining Galois’ industrial security program and ensuring company and customer security requirements are met. The successful candidate will lead a team of security professionals across Galois locations and interface with all levels of Galois personnel and government management personnel to ensure contract security compliance with National Industrial Security Operating Manual (NISPOM), Contract Security Classification Specifications (DD254) and Program Classification Guides. 

The position requires a self-motivated candidate that is capable of leading a distributed team of other security professionals as well as working independently with minimal direction. The FSO must possess the confidence to make critical security decisions concerning high value contracts and to implement security procedures that will prevent unauthorized access to company and government facilities or information.  The candidate will be required to conduct security self-inspections, apply risk mitigation methodologies, support customer assessments, and implement security measures to meet requirements.

Responsibilities

• Report directly to Galois’ General Counsel and other senior level executives on security matters across the organization
• Lead and collaborate with other Galois’ FSOs to establish and maintain facility and information security requirements across all Galois facilities. 
• Provide oversight and direction to other Galois functional areas on security related matters. 
• Manage and maintain compliance with the industrial security program for Galois’ Arlington, VA facility in accordance with the NISPOM as well as other secure areas and facilities (Open Storage Spaces (OSS)), as needed including preparing and maintaining accreditation documentation for each (e.g. UL certifications, open storage area approval checklists, and mitigation plans). 
• Use 32 CFR 2001.53 and other technical specifications to design new secure spaces or develop modifications and construction security plans for secure areas based on their accreditation status and Sponsor requirements as needed. 
• Account for, control, transmit, package and safeguard COMSEC information and administer periodic software and cryptographic key updates.
• Support IT staff in maintaining appropriate accreditation documentation for all information systems within Galois secure areas and address any shortcomings. 
• Implement OPSEC plans as needed. 
• Conduct security self-inspections, apply risk mitigation methodologies, support customer assessments, and implement security measures to meet emerging requirements. 
• Conduct Personnel Security processing actions including requesting, reviewing, approving, and submitting clearances packages up to and including SCI nomination
• Process Prime and Sub DD254s. 
• Escort uncleared personnel and visitors. 
• Generate and oversee a security education training and awareness program for Galois staff 
• Ensure proper protection and corrective measures are taken when an incident or vulnerability is discovered.
• Support Galois technical staff via coordination and visitor management (e.g., sending and receiving clearances through visitor approval requests (VARs)).

Key Qualifications

• 8 to 10 years of experience working in Industrial Security, Special Programs, security management, military or government information security programs. 
• 5 to 7 years experience leading a team of experienced security professionals. 
• Active and transferable U.S. government issued TS/SCI security clearance prior to state date.  Willingness to pursue a polygraph if needed. 
• Candidates must be professional, capable of independent engagement, and skilled in leading and collaborating with peers and personnel both within the security team and without. Candidates must be highly organized with excellent communication, time management, and multitasking skills. 
• Expert understanding of and experience implementing 32 CFR Part 117 (NISPOM). 
• Strong understanding of physical security requirements for collateral Restricted Areas. 
• Thorough understanding and working experience with government and corporate security databases such as NISS, DISS, eAPP, etc. 
• Experience creating, modifying, and conducting initial security briefings, debriefings, indoctrinations, pre/post foreign travel briefings, and refresher briefings. 
• Ability to develop and establish an effective security awareness, training, and education program. Assist in executing the requirements set forth in the Technology Control Plan (TCP) for foreign visitors.
• Demonstrable experience influencing both technical and non-technical personnel on policies, practices and procedures. 
• Demonstrable experience communicating information security and risk-related concepts effectively to both technical and non-technical audiences. 
• Completion of all required FSO training courses with certificate of successful completion for possessing facilities from DCSA. 
• Experience working in Special Programs and Sensitive Compartmented Information operations. 
• Willingness to regularly travel to other Galois locations to oversee the set-up of new secure areas and/or collaborate with other Galois security professionals.

Preferred Qualifications:

• Prior ISSO/ISSM experience
• CSSO training certificate
• CPSO training certificate
• Understanding of physical security requirements for OSS, SAP, and SCIF areas.
• Ability to manage and maintain compliance with the industrial security program for Special Access Programs (SAP) and Sensitive Compartmented Information Facilities (SCIF)) as needed including preparing and maintaining accreditation documentation for each (e.g. UL certifications, open storage area approval checklists, TEMPEST checklists, and mitigation plans).

Location

This role requires the ability to work in-person from Galois' office location in Arlington, VA.

Compensation and Benefits

Compensation is based on the value of your results, not your value as an employee or person. The compensation process, individual salaries, and criteria for salary changes are transparent to the entire company.  For more information about our forward-looking and transparent approach to pay, visit this page.

We offer a robust benefits package to provide for your and your family’s well-being, including:

• Employee Stock Ownership Plan (ESOP)
• 401(k) retirement plan with 5% employer match and immediate vesting
• Fully paid medical insurance plans and dental and vision reimbursement plan
• Health Savings Account (HSA) with generous employer contributions
• Mental health and wellbeing support through our employee assistance program
• 5 weeks of paid time off and 9 days of paid company holidays each year
• 16 weeks of fully paid parental leave (available for birth, adoption, and fostering)
• 1 week of fully paid “Blue Sky” innovation time each year to pursue your interests

For more information on our benefits, visit our Careers page.

Equal Employment Opportunity

Galois is an Equal Opportunity Employer and does not discriminate in employment opportunities or practices based on disability, veteran status, or any other characteristic protected by applicable federal, state, or local law. Consistent with the Americans with Disabilities Act (ADA) and federal and state laws, it is the policy of Galois, Inc. to provide reasonable accommodation when requested by a qualified applicant or employee with a disability, unless such accommodation would cause an undue hardship. If you require reasonable accommodation in completing the employment application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please contact [email protected].