Impact Track 1 –
Operational Security Leadership
Impact Track 1
Operational Security Leadership
Who Should Attend?
Security Directors • Senior Security Managers • Program Security Managers • Directors of Federal Security • Directors of Compliance • Business Unit Security Managers • Regional Security Manager • Senior Managers of Security Programs • Corporate Security Managers • Heads of Program Security • Security Operations Manager • Research/Mission Assurance Security Manager • Security Operations Executives
Who Else Should Consider Attending?
Corporate FSOs • Key Operational Support Leaders • Anyone Interested in an Operations Career
What is This Track All About?
This track is fundamentally an interactive forum that platforms accomplished operational security leaders.
Join this track to learn what does and doesn’t work for your colleagues and peers in other organizations. Get real, actionable insights and successful practices you can adapt to your own structure, culture, and current level of operational maturity.
Impact Sessions
From Inspection Prep to Continuous Readiness
Modernizing Security Oversight: Turning Data and Digital Tools Into Force Multipliers
Managing Security Across Multiple Sites and Programs Without Losing Control
Getting IT, HR and Program Teams on Board for Mutual Benefit
Trusted Workforce at Scale: Managing Continuous Vetting and SEAD-3 Across Thousands
Building an Enterprise Evidence COE: Turning Readiness Data into a Living System
JML and IAM Integration for Security: Making Access and Readiness Move in Sync
Strategies to Build and Sustain a High-Performing Security Team
Impact Sessions
From Inspection Prep to Continuous Readiness
Moving From Inspection Prep to Continuous Readiness – 90 Minutes
Format & Speaker Plan
90-minutes • Integrated Discussion Featuring 2-3 Speakers
90-minutes • Integrated Discussion Featuring 2-3 Speakers
Part 1 —Building the Enterprise Readiness Rhythm
Speaker: Corporate FSO / Director of Industrial Security
Part 2 —Turning Findings into Foresight
Speaker: Senior Manager, Security Governance & Assurance
Part 3 —Making Continuous Readiness Stick in Hard Environments
Speaker: Security Assurance Lead from an FFRDC, UARC, or similarly autonomous portfolio
Part 4 — Moderated Audience Q&A
90-minutes • Integrated Discussion Featuring 2-3 Speakers
Part 1 —Building the Enterprise Readiness Rhythm
Speaker: Corporate FSO / Director of Industrial Security
Part 2 —Turning Findings into Foresight
Speaker: Senior Manager, Security Governance & Assurance
Part 3 —Making Continuous Readiness Stick in Hard Environments
Speaker: Security Assurance Lead from an FFRDC, UARC, or similarly autonomous portfolio
Part 4 — Moderated Audience Q&A
Core Issue
Shifting from inspection-driven bursts of activity to a reliable, multi-site readiness rhythm that holds under turnover, customer pressure, and changing oversight.
Shifting from inspection-driven bursts of activity to a reliable, multi-site readiness rhythm that holds under turnover, customer pressure, and changing oversight.
Value
Leaders in larger and upper-medium organizations know how to survive inspections. Their real challenge now is staying ready between them—especially across multiple sites, programs, and customer expectations. Many have pieces of the puzzle (self-inspections, CAPs, dashboards), but readiness still spikes before events and sags afterward, CAPs get closed, but patterns might not change, and evidence is updated in bursts, not as part of a durable operating rhythm. This session platforms leaders who are turning continuous readiness into a system.
Leaders in larger and upper-medium organizations know how to survive inspections. Their real challenge now is staying ready between them—especially across multiple sites, programs, and customer expectations. Many have pieces of the puzzle (self-inspections, CAPs, dashboards), but readiness still spikes before events and sags afterward, CAPs get closed, but patterns might not change, and evidence is updated in bursts, not as part of a durable operating rhythm. This session platforms leaders who are turning continuous readiness into a system.
Potential Takeaways
- Making the case, getting started
- Solving, avoiding roadblocks
- Insights and ideas that optimize even mature programs
- Making the case, getting started
- Solving, avoiding roadblocks
- Insights and ideas that optimize even mature programs
Modernizing Security Oversight: Turning Data and Digital Tools Into Force Multipliers – 90 Minutes
Modernizing Security Oversight: Turning Data and Digital Tools Into Force Multipliers
Format & Speaker Plan
90-minutes • Integrated Discussion Featuring 2-3 Speakers
Part 1 —Building the Data-Credible Oversight Model (operational leadership)
Speaker: Corporate FSO / Director of Industrial Security (or equivalent)
Part 2 —Turning Oversight Data Into Action (architecture & automation)
Speaker: Security Data & Tooling Architect (or security-aligned systems owner)
Part 3 —Governance / QA / Multi-site leader who makes the model work in day-to-day operations
Speaker: Regional / Division Security Lead (field execution lens)
Part 4 — Moderated Audience Q&A
90-minutes • Integrated Discussion Featuring 2-3 Speakers
Part 1 —Building the Data-Credible Oversight Model (operational leadership)
Speaker: Corporate FSO / Director of Industrial Security (or equivalent)
Part 2 —Turning Oversight Data Into Action (architecture & automation)
Speaker: Security Data & Tooling Architect (or security-aligned systems owner)
Part 3 —Governance / QA / Multi-site leader who makes the model work in day-to-day operations
Speaker: Regional / Division Security Lead (field execution lens)
Part 4 — Moderated Audience Q&A
Core Issue
Oversight has digitized, but not modernized. Leadership is investing in systems, yet it can still be hard for security to confidently say “this is our single, defensible picture of readiness.”
Oversight has digitized, but not modernized. Leadership is investing in systems, yet it can still be hard for security to confidently say “this is our single, defensible picture of readiness.”
Value
Operational leaders are under pressure to prove control across personnel, access, training, and incidents—not just during inspection, but all year. Most large and upper-mid organizations have plenty of tools and dashboards, but their oversight story is still fragile: conflicting numbers, shadow trackers, brittle spreadsheets, and data that can’t be defended under sampling.
This session platforms leaders who have made progress on data-credible oversight: defining single sources of truth, standardizing metrics, and using automation and governed workflows to turn digital tools into force multipliers instead of noise.
Operational leaders are under pressure to prove control across personnel, access, training, and incidents—not just during inspection, but all year. Most large and upper-mid organizations have plenty of tools and dashboards, but their oversight story is still fragile: conflicting numbers, shadow trackers, brittle spreadsheets, and data that can’t be defended under sampling.
This session platforms leaders who have made progress on data-credible oversight: defining single sources of truth, standardizing metrics, and using automation and governed workflows to turn digital tools into force multipliers instead of noise.
Potential Takeaways
- Making the case, getting started
- Solving, avoiding roadblocks
- Insights and ideas that optimize even mature programs
- Making the case, getting started
- Solving, avoiding roadblocks
- Insights and ideas that optimize even mature programs
Managing Security Across Multiple Sites and Programs Without Losing Control – 90 Minutes
Managing Security Across Multiple Sites and Programs Without Losing Control
Format & Speaker Plan
90-minutes • Integrated Discussion Featuring 2-3 Speakers
Part 1 —Designing for Consistency Without Command-and-Control
Speaker: Corporate FSO / Director of Industrial Security
Part 2 —Automation Meets Accountability
Speaker: Senior Manager/Director of Security Governance & Assurance (data & CAP lens)
Part 3 —Running Oversight at the Edge
Speaker: Regional / Division Security Lead (field execution lens)
Part 4 — Moderated Audience Q&A
90-minutes • Integrated Discussion Featuring 2-3 Speakers
Part 1 —Designing for Consistency Without Command-and-Control
Speaker: Corporate FSO / Director of Industrial Security
Part 2 —Automation Meets Accountability
Speaker: Senior Manager/Director of Security Governance & Assurance (data & CAP lens)
Part 3 —Running Oversight at the Edge
Speaker: Regional / Division Security Lead (field execution lens)
Part 4 — Moderated Audience Q&A
Core Issue
Maintaining consistent readiness and control across distance and variation, without turning enterprise oversight into rigid command-and-control that breaks trust and slows delivery.
Maintaining consistent readiness and control across distance and variation, without turning enterprise oversight into rigid command-and-control that breaks trust and slows delivery.
Value
Leaders in larger and upper-mid contractors are responsible for readiness and control across multiple sites, programs, and customers—often with limited central staff and wide variation in culture, maturity, and customer expectations. They’re pulled between DCSA and customer oversight on one side and regional/program realities, staffing gaps, and competing priorities on the other. This session platforms operations where multi-site oversight actually works in motion: setting minimums, running governance rhythms, and converting findings into foresight—so leaders can keep control without smothering local teams or becoming the bottleneck.
Leaders in larger and upper-mid contractors are responsible for readiness and control across multiple sites, programs, and customers—often with limited central staff and wide variation in culture, maturity, and customer expectations. They’re pulled between DCSA and customer oversight on one side and regional/program realities, staffing gaps, and competing priorities on the other. This session platforms operations where multi-site oversight actually works in motion: setting minimums, running governance rhythms, and converting findings into foresight—so leaders can keep control without smothering local teams or becoming the bottleneck.
Potential Takeaways
- Making the case, getting started
- Solving, avoiding roadblocks
- Insights and ideas that optimize even mature programs
- Making the case, getting started
- Solving, avoiding roadblocks
- Insights and ideas that optimize even mature programs
Getting IT, HR, and Program Teams on Board for Sharing the Load
Getting IT, HR and Program Teams on Board for Sharing the Load – 90 Minutes
Format & Speaker Plan
90-minutes • Integrated Discussion Featuring 2-3 Speakers
Part 1 – Making Shared Accountability Real (Security-led)
Speaker: Corporate FSO / Director of Industrial Security (or equivalent)
Part 2 – Building the HR & Personnel Connection
Speaker: HR / Personnel / People Ops leader with security remit (or PERSEC-aligned HR)
Part 3 – Integrating IT & Cyber Workflows
Speaker: IT / ISSM / Cyber Risk Manager with shared oversight responsibility
Part 4 — Moderated Audience Q&A
90-minutes • Integrated Discussion Featuring 2-3 Speakers
Part 1 – Making Shared Accountability Real (Security-led)
Speaker: Corporate FSO / Director of Industrial Security (or equivalent)
Part 2 – Building the HR & Personnel Connection
Speaker: HR / Personnel / People Ops leader with security remit (or PERSEC-aligned HR)
Part 3 – Integrating IT & Cyber Workflows
Speaker: IT / ISSM / Cyber Risk Manager with shared oversight responsibility
Part 4 — Moderated Audience Q&A
Core Issue
Shared responsibility is aspirational, but very often not operational. Security needs practical models for turning collaboration into defined, measured, and documented joint work.
Shared responsibility is aspirational, but very often not operational. Security needs practical models for turning collaboration into defined, measured, and documented joint work.
Value
It’s extremely difficult to be accountable for readiness outcomes when you cannot deliver alone. Critical pieces of the load sit in HR (eligibility, onboarding, self-reporting), IT/cyber (access, CUI controls, incident evidence), and Program operations (gates, execution tempo). When accountability is vague, work lands back on Security, handoffs get dropped, and inspections expose the gaps.
This session platforms enterprise leaders who have designed shared systems of work—SLAs, RACIs, workflows, and governance rhythms—that make readiness a joint obligation across Security, HR, IT, and Program, with evidence to prove it.
It’s difficult to be accountable for readiness outcomes when you have dependencies on others to deliver. Critical pieces of the load sit in HR (eligibility, onboarding, self-reporting), IT/cyber (access, CUI controls, incident evidence), and Program operations (gates, execution tempo). When accountability is vague, work lands back on Security, handoffs get dropped, and inspections expose the gaps.
This session platforms enterprise leaders who have designed shared systems of work—SLAs, RACIs, workflows, and governance rhythms—that make readiness a joint obligation across Security, HR, IT, and Program, with evidence to prove it.
Potential Takeaways
- Making the case, getting started
- Solving, avoiding roadblocks
- Insights and ideas that optimize even mature programs
- Making the case, getting started
- Solving, avoiding roadblocks
- Insights and ideas that optimize even mature programs
Trusted Workforce at Scale: Managing Continuous Vetting and SEAD-3 Across Thousands
Trusted Workforce at Scale: Managing Continuous Vetting and SEAD-3 Across Thousands – 90 Minutes
Format & Speaker Plan
90-minutes • Integrated Discussion Featuring 2-3 Speakers
Part 1 –Engineering the Enterprise Trust Framework
Speaker: Corporate PERSEC Director / VP, Industrial Security / Enterprise Trusted Workforce Lead
Part 2 – Wiring Continuous Vetting to SEAD-3 and Insider Threat
Speaker: Senior Governance Lead or Insider Threat Program Manager / ITPSO
Part 3 –Sustaining Performance Under Pressure
Speaker: Security Operations Lead or CV Program Manager (large enterprise or FFRDC)
Part 4 — Moderated Audience Q&A
90-minutes • Integrated Discussion Featuring 2-3 Speakers
Part 1 –Engineering the Enterprise Trust Framework
Speaker: Corporate PERSEC Director / VP, Industrial Security / Enterprise Trusted Workforce Lead
Part 2 – Wiring Continuous Vetting to SEAD-3 and Insider Threat
Speaker: Senior Governance Lead or Insider Threat Program Manager / ITPSO
Part 3 –Sustaining Performance Under Pressure
Speaker: Security Operations Lead or CV Program Manager (large enterprise or FFRDC)
Part 4 — Moderated Audience Q&A
Core Issue
Operations leaders in large (and growing) contractors are no longer asking “Do we have CV and SEAD-3?” They need practical models for turning Trusted Workforce from a set of tasks into a living, auditable trust framework.
Operations leaders in large (and growing) contractors are no longer asking “Do we have CV and SEAD-3?” They need practical models for turning Trusted Workforce from a set of tasks into a living, auditable trust framework.
Value
Trusted Workforce reforms are reshaping personnel security oversight, but large enterprises struggle to keep continuous vetting (CV) and SEAD-3 reporting coherent, timely, and provable across thousands of records. This session platforms leaders able to show how mature programs run Trusted Workforce as an operating system—with clear ownership, integrated workflows, and evidence that stands up to inspection.
Trusted Workforce reforms are reshaping personnel security oversight, but large enterprises struggle to keep continuous vetting (CV) and SEAD-3 reporting coherent, timely, and provable across thousands of records. This session platforms leaders able to show how mature programs run Trusted Workforce as an operating system—with clear ownership, integrated workflows, and evidence that stands up to inspection.
Potential Takeaways
- Making the case, getting started
- Solving, avoiding roadblocks
- Insights and ideas that optimize even mature programs
- Making the case, getting started
- Solving, avoiding roadblocks
- Insights and ideas that optimize even mature programs
Building an Enterprise Evidence COE: Turning Readiness Data into a Living System
Building an Enterprise Evidence COE: Turning Readiness Data into a Living System – 90 Minutes
Format & Speaker Plan
90-minutes • Integrated Discussion Featuring 2-3 Speakers
Part 1 –Designing the Evidence Framework
Speaker: Corporate Director of Governance, Assurance & Readiness
Part 2 – From Collection to Connection
Speaker: Enterprise Data Systems or Program Analytics Lead
Part 3 –Embedding a Culture of Evidence
Speaker: Enterprise Security Operations or Continuous Improvement Lead
Part 4 — Moderated Audience Q&A
90-minutes • Integrated Discussion Featuring 2-3 Speakers
Part 1 –Designing the Evidence Framework
Speaker: Corporate Director of Governance, Assurance & Readiness
Part 2 – From Collection to Connection
Speaker: Enterprise Data Systems or Program Analytics Lead
Part 3 –Embedding a Culture of Evidence
Speaker: Enterprise Security Operations or Continuous Improvement Lead
Part 4 — Moderated Audience Q&A
Core Issue
Readiness data is episodic, not systemic. Security needs a way to treat evidence as a continuous operational asset, not just a by-product of inspections.
Readiness data is episodic, not systemic. Security needs a way to treat evidence as a continuous operational asset, not just a by-product of inspections.
Value
Large and upper-mid contractors generate huge amounts of inspection, audit, and CAP data, but most of it lives in one-off folders, spreadsheets, and people’s heads. Operations teams are expected to demonstrate continuous readiness, yet their evidence environment can be fragmented, fragile, and difficult to explain to DCSA or internal executives.
This session platforms operational leaders who are building Enterprise Evidence Centers of Excellence (COEs)—shared structures that turn scattered artifacts into a living, governed readiness system that can be defended at any moment, not just right before an inspection.
Large and upper-mid contractors generate huge amounts of inspection, audit, and CAP data, but most of it lives in one-off folders, spreadsheets, and people’s heads. Operations teams are expected to demonstrate continuous readiness, yet their evidence environment can be fragmented, fragile, and difficult to explain to DCSA or internal executives.
This session platforms operational leaders who are building Enterprise Evidence Centers of Excellence (COEs)—shared structures that turn scattered artifacts into a living, governed readiness system that can be defended at any moment, not just right before an inspection.
Potential Takeaways
- Making the case, getting started
- Solving, avoiding roadblocks
- Insights and ideas that optimize even mature programs
- Making the case, getting started
- Solving, avoiding roadblocks
- Insights and ideas that optimize even mature programs
JML and IAM Integration for Security: Making Access and Readiness Move in Sync
JML and IAM Integration for Security: Making Access and Readiness Move in Sync – 90 Minutes
Format & Speaker Plan
90-minutes • Integrated Discussion Featuring 2-3 Speakers
Part 1 — Building the Backbone: Designing the Integrated Architecture
Speaker: Enterprise Security/Governance leader who owns the JML–security integration outcome.
Part 2 — Automation Meets Accountability
Speaker: Enterprise IAM/IT Security architect or owner
Part 3 — Readiness in Motion: Operating the Loop
Speaker: Program/FSM-level leader who lives with the results
Part 4 — Moderated Audience Q&A
90-minutes • Integrated Discussion Featuring 2-3 Speakers
Part 1 — Building the Backbone: Designing the Integrated Architecture
Speaker: Enterprise Security/Governance leader who owns the JML–security integration outcome.
Part 2 — Automation Meets Accountability
Speaker: Enterprise IAM/IT Security architect or owner
Part 3 — Readiness in Motion: Operating the Loop
Speaker: Program/FSM-level leader who lives with the results
Part 4 — Moderated Audience Q&A
Core Issue
Readiness breaks where systems and owners don’t align. Security needs a practical way to pull JML and IAM into a single, auditable loop that supports mission speed instead of fighting it.
Readiness breaks where systems and owners don’t align. Security needs a practical way to pull JML and IAM into a single, auditable loop that supports mission speed instead of fighting it.
Value
For larger cleared organizations, the biggest readiness risk isn’t just individual mistakes—it’s systemic drift between HR actions, IAM access, PERSEC eligibility, and facility/program controls. When JML (Join–Move–Leave) events don’t translate cleanly into security reality, you get stale access, bad evidence, and painful inspections. This session platforms the operational leaders of mature programs that treat JML + IAM as a readiness system, not an IT project—aligning security, HR, and IT so access, eligibility, and readiness move together and can be defended.
For larger cleared organizations, the biggest readiness risk isn’t just individual mistakes—it’s systemic drift between HR actions, IAM access, PERSEC eligibility, and facility/program controls. When JML (Join–Move–Leave) events don’t translate cleanly into security reality, you get stale access, bad evidence, and painful inspections. This session platforms the operational leaders of mature programs that treat JML + IAM as a readiness system, not an IT project—aligning security, HR, and IT so access, eligibility, and readiness move together and can be defended.
Potential Takeaways
- Making the case, getting started
- Solving, avoiding roadblocks
- Insights and ideas that optimize even mature programs
- Making the case, getting started
- Solving, avoiding roadblocks
- Insights and ideas that optimize even mature programs
Strategies to Build and Sustain a High-Performing Security Team
Strategies to Build and Sustain a High-Performing Security Team – 90 Minutes
Format & Speaker Plan
90-minutes • Integrated Discussion Featuring 2-3 Speakers
Part 1 — Designing for Performance
Speaker: Director of Industrial Security or Corporate Security Leader
Part 2 — Building Culture and Capability
Speaker: Senior Manager of Security Operations or Learning & Development–aligned Security Leader
Part 3 — Sustaining Excellence Through Change
Speaker: Executive or Program Leader from a Large Contractor or FFRDC
Part 4 — Moderated Audience Q&A
90-minutes • Integrated Discussion Featuring 2-3 Speakers
Part 1 — Designing for Performance
Speaker: Director of Industrial Security or Corporate Security Leader
Part 2 — Building Culture and Capability
Speaker: Senior Manager of Security Operations or Learning & Development–aligned Security Leader
Part 3 — Sustaining Excellence Through Change
Speaker: Executive or Program Leader from a Large Contractor or FFRDC
Part 4 — Moderated Audience Q&A
Core Issue
Leaders know they need teams that can operate at a high level year after year, not just survive the next inspection—where can they get concrete examples of how other security leaders have built and sustained such teams in real cleared environments?
Leaders know they need teams that can operate at a high level year after year, not just survive the next inspection—where can they get concrete examples of how other security leaders have built and sustained such teams in real cleared environments?
Value
Even the best systems, SPPs, and tools won’t hold under inspection if the team running them is stretched, unstable, or misaligned. The pressure is real to deliver compliance, readiness, and cross-functional credibility with teams that are often under-resourced, under-developed, and constantly changing.
This session platforms leaders who’ve put the work into thinking of “high-performing security teams” as an intentional system that sustains performance through turnover, growth, and shifting oversight expectations.
Even the best systems, SPPs, and tools won’t hold under inspection if the team running them is stretched, unstable, or misaligned. The pressure is real to deliver compliance, readiness, and cross-functional credibility with teams that are often under-resourced, under-developed, and constantly changing.
This session platforms leaders who’ve put the work into thinking of “high-performing security teams” as an intentional system that sustains performance through turnover, growth, and shifting oversight expectations.
Potential Takeaways
- Making the case, getting started
- Solving, avoiding roadblocks
- Insights and ideas that optimize even mature programs
- Making the case, getting started
- Solving, avoiding roadblocks
- Insights and ideas that optimize even mature programs
NSI IMPACT ’26
APRIL 20-22
WESTFIELDS MARRIOTT
CHANTILLY, VA