Information Security Specialist

ABOUT NOOKS

Are you seeking an exciting and unique opportunity to grow and support our national security? As a startup, we are offering a limited-time opportunity to be an equity owner in a pioneering new industry. Nooks is pioneering Classified Infrastructure-as-a-Service (CIaaS) to provide government and industry partners with the fastest, most efficient access to classified infrastructure. We are building a nationwide network of accredited classified spaces and systems, ensuring that the best technologies equip our nation’s warfighters. At Nooks, we value innovation, collaboration, and a service-first mindset.

ABOUT THE ROLE

We are seeking a highly analytical and experienced Information Security Specialist to serve as an internal consultant and driver of operational excellence across the US Space Force's classified security enterprise. This is a strategic role focused on analyzing, standardizing, and streamlining security workflows within the Information Security discipline. 

The role involves providing support on system security planning, compliance with ICD 503 and CNSSI 1253, incident response, and continuous monitoring of classified IT infrastructure.

KEY RESPONSIBILITIES:

1. Security Process Analysis and Design

• Efficiency Improvement: Identify operational inefficiencies, compliance gaps, and bottlenecks in existing security workflows.
• Standardization: Design, implement, and standardize new, optimized security processes and procedures to enhance efficiency, reduce cycle time, and ensure consistent compliance across all USSF sites.
• Methodology: Utilize process improvement methodologies (e.g., Lean, Six Sigma principles) to enhance the security team's overall effectiveness while maintaining strict regulatory adherence.

2. Incidence Response and Operations

• Incident Response: Lead and participate in all security incident response activities, including the identification, containment, eradication, and recovery from security incidents impacting SCI systems.
• SOP Guidance: Maintain detailed Standard Operating Procedures (SOPs) for security incident instigation, mitigation, and reporting activities.
• Coordination: Coordinate incident response and forensic activities with the ISSM, SSO, command leadership, law enforcement, and other government agencies as required.
• Monitoring and Reporting: Stay up-to-date on the latest security threats, vulnerabilities, and technologies to inform defensive strategies.

3. Technology Integration and Metrics

• Technology Evaluation: Evaluate and recommend technology solutions (e.g., workflow software, compliance tracking tools, security management systems) to automate manual security processes and enhance auditability.
• System Optimization: Serve as a functional lead for the integration and optimization of security management systems (DISS/NBIS, NISS) and physical security systems (ACS/IDS) to improve data integrity and compliance reporting.
• KPI Development: Develop and track Key Performance Indicators (KPIs) and metrics for security process efficiency, compliance status, and security team performance to measure the impact of improvement initiatives.

THE SKILLSET:

• Experience: 3-7 years of broad, hands-on experience in Information Security, with a significant focus on SCI security and networks within the U.S. Defense Industrial Base or Intelligence Community.
• Process Expertise: Proven experience in process improvement, standardization, or quality assurance roles within a highly regulated compliance environment.
• Regulatory Expertise: Deep, practical knowledge of NISPOM/32 CFR Part 117 and applicable Intelligence Community Directives (ICDs).
• Clearance: Must possess and maintain either an Interim Top Secret or Active Top Secret (TS) / Sensitive Compartmented Information (SCI) eligibility security clearance. U.S. Citizenship is required.
• Skills: Exceptional analytical and problem-solving skills, with a proven ability to translate complex regulatory requirements into simplified, efficient, and user-friendly processes.

PREFERRED QUALIFICATIONS:

• Certification: SPeD Certification, or experience with process improvement methodologies (e.g., Lean, Six Sigma).
• System Proficiency: Highly proficient with security management systems (DISS, NISS) and familiarity with enterprise software tools used for document control or workflow management.
• Education: Bachelor’s degree in a relevant field (e.g., Security Management, Business Process, Quality Assurance).

This position is a strategic, enterprise-wide role that may require occasional travel to USSF facilities.

This employment offer is contingent upon continued funding of the underlying government contract. Should the contract be modified, or terminated, or if funding is reduced or eliminated, the employer reserves the right to adjust or rescind the offer accordingly.