Join our team as an Acquisition Program Security Officer (APSO) / Program Protection Analyst in Stafford, VA. We are seeking dedicated professionals with acquisition security, systems engineering, cybersecurity, intelligence, and technology protection experience to support Marine Corps acquisition programs.
Requirements
- Analyze, develop, and evaluate acquisition, intelligence, and security policies
- Support Program Managers (PMs), Deputy Program Managers, and Integrated Product Teams (IPTs) in identifying, assessing, and protecting Critical Program Information (CPI), mission-critical functions, and sensitive acquisition technologies
- Develop and assess Program Protection Plans (PPPs), CPI assessments, and protection strategies in accordance with DoDI 5000.83 and DoDI 5200.39
- Analyze adversary threat, exposure, vulnerability, and exploitation risk to acquisition programs, systems, software, hardware, interfaces, and supply chains
- Support integration of Anti-Tamper (AT), cybersecurity, OPSEC, SCRM, and system security engineering activities into acquisition protection strategies and program planning
- Assist acquisition programs in translating technical security risks into mission, operational, sustainment, and acquisition impacts for leadership decision-making
- Provide acquisition security and technology protection recommendations to PMs, IPTs, engineers, and security stakeholders regarding risk mitigation, protection prioritization, and lifecycle protection strategies
- Coordinate cross-functional acquisition security activities involving engineering, cybersecurity, intelligence, counterintelligence, logistics, contracting, and system security engineering stakeholders
- Recommend risk-based countermeasures to reduce adversary exploitation opportunities targeting CPI, mission software, embedded systems, sensitive interfaces, technical data, and supply chain exposure points
- Assess protection effectiveness and identify gaps in program protection, acquisition security, OPSEC, and technology protection implementation
- Work with subject matter experts (SMEs) from various acquisition competencies, intelligence communities, security, and counterintelligence to ensure delivery of resilient and uncompromised capabilities to the warfighter
- Collaborate with Systems Security Engineers (SSEs), program offices, and intelligence stakeholders in developing and maintaining Security Classification Guides (SCGs), CPI identification and analysis, Criticality Analyses (CA), PPPs, and technology protection strategies
- Support horizontal protection analysis to ensure consistent protection of equivalent CPI and mission-critical technologies across related acquisition programs
- Assist in evaluating requirements for Anti-Tamper (AT), exportability considerations, cybersecurity, and system resiliency protections based on consequence of compromise and operational exposure
- Support Supply Chain Risk Management (SCRM) and Trusted Systems and Networks (TSN) activities by assessing supplier, component, software, firmware, and sustainment risks affecting mission-critical functions and acquisition program integrity
- Coordinate with logistics, engineering, cybersecurity, and sustainment stakeholders regarding counterfeit prevention, trusted supplier concerns, lifecycle exposure points, and supply chain threat mitigation strategies
- Review acquisition documentation for potential security concerns
- Provide guidance regarding classification, Controlled Unclassified Information (CUI), distribution statements, OPSEC-sensitive information, and acquisition documentation marking requirements to reduce unauthorized disclosure and operational exposure risk
- Conduct acquisition security and OPSEC reviews of public release materials, technical documentation, briefs, demonstrations, industry engagements, test activities, and external communications to identify indicators that could reveal sensitive program capabilities, vulnerabilities, or CPI
- Support identification, assessment, reporting, and mitigation of acquisition security incidents, unauthorized disclosures, foreign collection concerns, and technology exposure events affecting program information or sensitive technologies
- Support program-level OPSEC awareness efforts and recurring acquisition security risk communication activities intended to improve workforce awareness of adversary collection threats, exposure indicators, and technology protection responsibilities across government and contractor teams
Benefits
- Paid Time Off
- 401k Matching
