Kaitlin E. Illidge

Industrial Security Analyst | Facility Security Officer

Overview

Katie Illidge is a trusted authority in cleared contracting compliance, specializing in guiding companies through facility clearance approvals and National Industrial Security Program (NISP) compliance. As an Industrial Security Analyst as well as the Facility Security Officer at Crowell & Moring, she helps contractors navigate complex security regulations, such as DCSA audits, Insider Threat Program development, and implementing Foreign, Ownership, Control, and Influence (FOCI) mitigation agreements. With deep expertise in NISPOM, DFARS, and cybersecurity requirements such as NIST 800-171 and CMMC, she ensures businesses meet federal security standards with confidence. Whether securing a new facility clearance or strengthening over compliance, Katie delivers strategic security solutions that keep contractors mission ready.

Career & Education

    • Department of Defense
      Personnel Security Specialist, Defense Counterintelligence Security Agency, 2013–2014
    • Department of Defense
      Personnel Security Specialist, Defense Counterintelligence Security Agency, 2013–2014
    • Facility Security Officer/Insider Threat Program Director, Crowell & Moring, 2019–Present
    • Industrial Security Consultant, Beast Code, 2015–2016
    • Corporate Security Officer, ROI Defense Associates, 2014–2019
    • PEO Security Specialist, DXC Technology (Formerly CSC), 2009–2013
    • Facility Security Officer/Insider Threat Program Director, Crowell & Moring, 2019–Present
    • Industrial Security Consultant, Beast Code, 2015–2016
    • Corporate Security Officer, ROI Defense Associates, 2014–2019
    • PEO Security Specialist, DXC Technology (Formerly CSC), 2009–2013
    • Wake Forest University, B.A.
    • Wake Forest University, B.A.
    • Member, Crowell & Moring Security Committee
    • National Classification Management Society (NCMS)
    • Security Industry Association (SIA), Certified Security Program Manager (CSPM) Certified, 2024
    • Capital Industrial Security Awareness Council (CISAC)
    • Member, Crowell & Moring Security Committee
    • National Classification Management Society (NCMS)
    • Security Industry Association (SIA), Certified Security Program Manager (CSPM) Certified, 2024
    • Capital Industrial Security Awareness Council (CISAC)

Kaitlin's Insights

Client Alert | 3 min read | 05.16.25

New SF-328 Released and Embedded Guidance Seeks More Information Up Front

On May 12, 2025, the Defense Counterintelligence and Security Agency (DCSA) released a new SF-328[1] consisting of 9 questions and 6 pages of instructions that detail the types of supporting documentation requested and identify information required by different responding entities (e.g., corporate, non-profit, academic, etc.). With this SF-328, DCSA is seeking certain frequently requested information and documents with initial SF-328 submissions rather than obtaining these documents through communications or revised SF-328 submissions. Additionally, when completed, the new SF-328 is considered Controlled Unclassified Information (CUI)....

Representative Matters

  • Advised a major cloud service through the creation of their cleared subsidiary and FOCI mitigation strategy, to allow their expansion into the federal classified contracts market.
  • Represented and advised a leading supplier of custom radio frequency components in an appeal to an FCL suspension decision. Through strategic policy development and timely mitigating response, successfully obtained FCL reinstatement from DCSA within 30 days.
  • Advised a top global management consulting firm in the development of their organization-wide Insider Threat program.

Kaitlin's Insights

Client Alert | 3 min read | 05.16.25

New SF-328 Released and Embedded Guidance Seeks More Information Up Front

On May 12, 2025, the Defense Counterintelligence and Security Agency (DCSA) released a new SF-328[1] consisting of 9 questions and 6 pages of instructions that detail the types of supporting documentation requested and identify information required by different responding entities (e.g., corporate, non-profit, academic, etc.). With this SF-328, DCSA is seeking certain frequently requested information and documents with initial SF-328 submissions rather than obtaining these documents through communications or revised SF-328 submissions. Additionally, when completed, the new SF-328 is considered Controlled Unclassified Information (CUI)....

Kaitlin's Insights

Client Alert | 3 min read | 05.16.25

New SF-328 Released and Embedded Guidance Seeks More Information Up Front

On May 12, 2025, the Defense Counterintelligence and Security Agency (DCSA) released a new SF-328[1] consisting of 9 questions and 6 pages of instructions that detail the types of supporting documentation requested and identify information required by different responding entities (e.g., corporate, non-profit, academic, etc.). With this SF-328, DCSA is seeking certain frequently requested information and documents with initial SF-328 submissions rather than obtaining these documents through communications or revised SF-328 submissions. Additionally, when completed, the new SF-328 is considered Controlled Unclassified Information (CUI)....