Posted today
Top Secret/SCI
Unspecified
Unspecified
IT - Security
King of Prussia, PA (On-Site/Office)
Job Number 714180BR
Description:*** PLEASE NOTE THIS POSITION REQUIRES THE CANDIDATE TO EXPATRIATE FULL TIME TO GUAM FOR 6-12 MONTHS WITH POSSIBILITY OF EXTENSION***
IN ADDITION, THE SELECTED CANDIDATE WILL BE REQUIRED TO ATTEND TRAINING IN KING OF PRUSSIA, PA UPON ONBOARDING.
Who We Are:
Lockheed Martin is a pioneer in cyber security-partnering, innovating, and building cutting edge solutions. Our talented employees tackle the world's toughest engineering challenges every day, leveraging their unique skills and experiences to design and deliver breakthrough technology.
We empower our people to think big, perform with excellence, and create extraordinary products. If you have the passion and courage to dream boldly, join our culture and help build a better tomorrow. We provide the resources, inspiration, and focus you need to succeed.
The Work:
Lockheed Martin's Rotary & Mission Systems (RMS) division is seeking an experienced Information System Security Manager (ISSM) to protect mission critical OCONUS information systems. This role ensures confidentiality, integrity, and availability in line with DoD, NIST, and Lockheed Martin security policies, while providing day to day oversight across the system lifecycle.
The ISSM is responsible for the oversight of the information system's security posture. Emphasis is placed on the application and sustainment of the NIST security controls and ensures cyber security requirements are properly administered throughout the system. The ISSM serves as the principle advisor on all matters, technical and otherwise, related to the security of systems under their purview. Primary functions include development and maintenance of the body of evidence associated with the Risk Management Framework (RMF) process.
Effective communication and an ability to work collaboratively as well as independently are key attributes needed to be successful in this role. Frequent interaction with internal and external stakeholders is required. The ISSM provides clear direction and assists program management with decision making relevant to the cyber security requirements defined on the contract. Frequent communication with the government Security Control Assessor (SCA) is required to ensure compliance is being met. Routine collaboration and consultation with the Classified Cyber Security Manager regarding the design, development, integration, and analysis of classified information systems is required. The ISSM is also a primary stakeholder and facilitator of the continuous monitoring efforts that promote RMF compliance throughout the organization.
Key Responsibilities:
Security Oversight & Governance
- Direct day to day security management for classified systems.
- Perform day-to-day information system security operations including auditing the IS and reviewing hardware and software baselines.
- Maintain and update System Security Plans (SSPs), Authorization Packages, and Continuous Monitoring Strategies.
Risk Management & Assessment
- Conduct formal risk assessments, vulnerability analyses, and impact assessments; prioritize remediation actions and track mitigation status.
- Participate in internal/external security audits and inspections.
- Lead the preparation of Authority to Operate (ATO) packages and support periodic re authorizations.
Collaboration & Coordination
- Partner with program managers, engineers, acquisition personnel, and internal/external auditors to embed security controls early in the design and development phases.
- Assist in conducting investigations of computer security violations and incidents, reporting as necessary.
Audit & Compliance
- Facilitate internal and external audits, ensuring timely closure of findings and ongoing compliance with all applicable regulations.
- Ensure configuration management (CM) and IS security documentation is maintained.
Training & Awareness
- Assist the development and delivery of security awareness training.
Basic Qualifications:
All candidates must possess a Final Top Secret Clearance w/SCI.
All candidates must possess a DoD 8570 IAM Level II certification or higher (e.g., CASP CE, CISM, CISSP, GSLC, or equivalent).
Demonstrated experience applying and documenting policy and system configurations that satisfy NIST 800-53 Security Control requirements across all Control Families.
Ability to interpret the requirements necessary for the effective implementation of Security Controls. Technologies include but are not limited to Windows, Linux, Virtualization, Network Infrastructure, etc.
Ability to develop and update relevant RMF artifacts such as the System Security Plan (SSP), Plan of Actions and Milestones (POA&M), Security Controls Traceability Matrix (SCTM), as well as the associated security policies and procedures.
Ability to perform continuous monitoring activities using Industry Standard tools such as Tenable Nessus, Security Center, Splunk, ELK, ePO, etc.
Experience leveraging Defense Information System Agency (DISA) Security Technical Implementation Guides (STIGs) and configuration standards to support system hardening.
Desired Skills:
Experience working with and interpreting Security Directives, Policies, Publications and Regulations (e.g. ICD 503, JSIG, and/or DCSA Assessment and Authorization Guide (DAAG)).
Experience using cybersecurity tools such as Nessus, Splunk, SCAP, HBSS, STIG Viewer to support compliance and monitoring activities
Previous experience supporting SAP / SCI environments as an ISSM / ISSO.
Security Clearance Statement: This position requires a government security clearance, you must be a US Citizen for consideration.
Clearance Level: TS/SCI
Other Important Information You Should Know
Expression of Interest: By applying to this job, you are expressing interest in this position and could be considered for other career opportunities where similar skills and requirements have been identified as a match. Should this match be identified you may be contacted for this and future openings.
Ability to Work Remotely: Onsite Full-time: The work associated with this position will be performed onsite at a designated Lockheed Martin facility.
Work Schedules: Lockheed Martin supports a variety of alternate work schedules that provide additional flexibility to our employees. Schedules range from standard 40 hours over a five day work week while others may be condensed. These condensed schedules provide employees with additional time away from the office and are in addition to our Paid Time off benefits.
Schedule for this Position: 4x10 hour day, 3 days off per week
Lockheed Martin is an equal opportunity employer. Qualified candidates will be considered without regard to legally protected characteristics.
The application window will close in 90 days; applicants are encouraged to apply within 5 - 30 days of the requisition posting date in order to receive optimal consideration.
At Lockheed Martin, we use our passion for purposeful innovation to help keep people safe and solve the world's most complex challenges. Our people are some of the greatest minds in the industry and truly make Lockheed Martin a great place to work.
With our employees as our priority, we provide diverse career opportunities designed to propel, develop, and boost agility. Our flexible schedules, competitive pay, and comprehensive benefits enable our employees to live a healthy, fulfilling life at and outside of work. We place an emphasis on empowering our employees by fostering an inclusive environment built upon integrity and corporate responsibility.
If this sounds like a culture you connect with, you're invited to apply for this role. Or, if you are unsure whether your experience aligns with the requirements of this position, we encourage you to search on Lockheed Martin Jobs , and apply for roles that align with your qualifications.
Experience Level: Experienced Professional
Business Unit: RMS
Relocation Available: Possible
Career Area: Cyber Security Governance and Risk Compliance
Type: Full-Time
Shift: First
Description:*** PLEASE NOTE THIS POSITION REQUIRES THE CANDIDATE TO EXPATRIATE FULL TIME TO GUAM FOR 6-12 MONTHS WITH POSSIBILITY OF EXTENSION***
IN ADDITION, THE SELECTED CANDIDATE WILL BE REQUIRED TO ATTEND TRAINING IN KING OF PRUSSIA, PA UPON ONBOARDING.
Who We Are:
Lockheed Martin is a pioneer in cyber security-partnering, innovating, and building cutting edge solutions. Our talented employees tackle the world's toughest engineering challenges every day, leveraging their unique skills and experiences to design and deliver breakthrough technology.
We empower our people to think big, perform with excellence, and create extraordinary products. If you have the passion and courage to dream boldly, join our culture and help build a better tomorrow. We provide the resources, inspiration, and focus you need to succeed.
The Work:
Lockheed Martin's Rotary & Mission Systems (RMS) division is seeking an experienced Information System Security Manager (ISSM) to protect mission critical OCONUS information systems. This role ensures confidentiality, integrity, and availability in line with DoD, NIST, and Lockheed Martin security policies, while providing day to day oversight across the system lifecycle.
The ISSM is responsible for the oversight of the information system's security posture. Emphasis is placed on the application and sustainment of the NIST security controls and ensures cyber security requirements are properly administered throughout the system. The ISSM serves as the principle advisor on all matters, technical and otherwise, related to the security of systems under their purview. Primary functions include development and maintenance of the body of evidence associated with the Risk Management Framework (RMF) process.
Effective communication and an ability to work collaboratively as well as independently are key attributes needed to be successful in this role. Frequent interaction with internal and external stakeholders is required. The ISSM provides clear direction and assists program management with decision making relevant to the cyber security requirements defined on the contract. Frequent communication with the government Security Control Assessor (SCA) is required to ensure compliance is being met. Routine collaboration and consultation with the Classified Cyber Security Manager regarding the design, development, integration, and analysis of classified information systems is required. The ISSM is also a primary stakeholder and facilitator of the continuous monitoring efforts that promote RMF compliance throughout the organization.
Key Responsibilities:
Security Oversight & Governance
- Direct day to day security management for classified systems.
- Perform day-to-day information system security operations including auditing the IS and reviewing hardware and software baselines.
- Maintain and update System Security Plans (SSPs), Authorization Packages, and Continuous Monitoring Strategies.
Risk Management & Assessment
- Conduct formal risk assessments, vulnerability analyses, and impact assessments; prioritize remediation actions and track mitigation status.
- Participate in internal/external security audits and inspections.
- Lead the preparation of Authority to Operate (ATO) packages and support periodic re authorizations.
Collaboration & Coordination
- Partner with program managers, engineers, acquisition personnel, and internal/external auditors to embed security controls early in the design and development phases.
- Assist in conducting investigations of computer security violations and incidents, reporting as necessary.
Audit & Compliance
- Facilitate internal and external audits, ensuring timely closure of findings and ongoing compliance with all applicable regulations.
- Ensure configuration management (CM) and IS security documentation is maintained.
Training & Awareness
- Assist the development and delivery of security awareness training.
Basic Qualifications:
All candidates must possess a Final Top Secret Clearance w/SCI.
All candidates must possess a DoD 8570 IAM Level II certification or higher (e.g., CASP CE, CISM, CISSP, GSLC, or equivalent).
Demonstrated experience applying and documenting policy and system configurations that satisfy NIST 800-53 Security Control requirements across all Control Families.
Ability to interpret the requirements necessary for the effective implementation of Security Controls. Technologies include but are not limited to Windows, Linux, Virtualization, Network Infrastructure, etc.
Ability to develop and update relevant RMF artifacts such as the System Security Plan (SSP), Plan of Actions and Milestones (POA&M), Security Controls Traceability Matrix (SCTM), as well as the associated security policies and procedures.
Ability to perform continuous monitoring activities using Industry Standard tools such as Tenable Nessus, Security Center, Splunk, ELK, ePO, etc.
Experience leveraging Defense Information System Agency (DISA) Security Technical Implementation Guides (STIGs) and configuration standards to support system hardening.
Desired Skills:
Experience working with and interpreting Security Directives, Policies, Publications and Regulations (e.g. ICD 503, JSIG, and/or DCSA Assessment and Authorization Guide (DAAG)).
Experience using cybersecurity tools such as Nessus, Splunk, SCAP, HBSS, STIG Viewer to support compliance and monitoring activities
Previous experience supporting SAP / SCI environments as an ISSM / ISSO.
Security Clearance Statement: This position requires a government security clearance, you must be a US Citizen for consideration.
Clearance Level: TS/SCI
Other Important Information You Should Know
Expression of Interest: By applying to this job, you are expressing interest in this position and could be considered for other career opportunities where similar skills and requirements have been identified as a match. Should this match be identified you may be contacted for this and future openings.
Ability to Work Remotely: Onsite Full-time: The work associated with this position will be performed onsite at a designated Lockheed Martin facility.
Work Schedules: Lockheed Martin supports a variety of alternate work schedules that provide additional flexibility to our employees. Schedules range from standard 40 hours over a five day work week while others may be condensed. These condensed schedules provide employees with additional time away from the office and are in addition to our Paid Time off benefits.
Schedule for this Position: 4x10 hour day, 3 days off per week
Lockheed Martin is an equal opportunity employer. Qualified candidates will be considered without regard to legally protected characteristics.
The application window will close in 90 days; applicants are encouraged to apply within 5 - 30 days of the requisition posting date in order to receive optimal consideration.
At Lockheed Martin, we use our passion for purposeful innovation to help keep people safe and solve the world's most complex challenges. Our people are some of the greatest minds in the industry and truly make Lockheed Martin a great place to work.
With our employees as our priority, we provide diverse career opportunities designed to propel, develop, and boost agility. Our flexible schedules, competitive pay, and comprehensive benefits enable our employees to live a healthy, fulfilling life at and outside of work. We place an emphasis on empowering our employees by fostering an inclusive environment built upon integrity and corporate responsibility.
If this sounds like a culture you connect with, you're invited to apply for this role. Or, if you are unsure whether your experience aligns with the requirements of this position, we encourage you to search on Lockheed Martin Jobs , and apply for roles that align with your qualifications.
Experience Level: Experienced Professional
Business Unit: RMS
Relocation Available: Possible
Career Area: Cyber Security Governance and Risk Compliance
Type: Full-Time
Shift: First
group id: lckmtncx
We Are Lockheed Martin.
