Information Systems Security Officer
King of Prussia, Pennsylvania
Lockheed Martin is the leader of cyber security defense, cyber operations and sensitive data protection. We employ the world's best cyber minds from diverse fields – people who are passionate about and empowered by our customers' missions. Lockheed Martin's best-in-cyber teams are experts in thinking like the enemy – identifying adversary activity and anticipating advanced persistent threats to strengthen platform defenses, inside and out of our networks.
Our Commitment to Sustainability: We foster innovation, integrity and security to preserve the environment, strengthen diverse communities and propel growth.
Here, the possibilities are endless because we offer:
- Full Time
- Level: Entry, Mid, Senior
- Travel: Minimal, dependent on role
What does a successful Cyber Security employee at Lockheed Martin look like?
Check out the info below to see if you have what it takes.
Advancing technologies and out of the box thinking that enable cyber operations, resulting in inventing solutions that will keep us safe today and into the future.
Natural curiosity is an absolutely essential trait. Curiosity leads to continual learning which allows you to stay one step ahead of the threat.
The ability to anticipate hackers’ intent and disrupt their next move is key. Seeking out new weaknesses before they become weaknesses. Proactively learning and updating systems is how we stay ahead of the threat.
We have hard problems to solve and we look for people who thrive at solving them, who can see problems from both the defensive and offensive sides.
Whatever you know today could be different tomorrow as security is constantly changing. Possessing strong technical skills and intellectual depth along with a willingness to continually learn from others is important to adapt to and address the Advanced Persistent Threat.
The ability to analyze and disseminate threat intelligence. The ability to analyze and address the root cause, learn from the attack and anticipate the hacker’s next move.
“Cyber is the most exciting career field! Every day, there's new cyber threat information that we leverage to shape our courses of action when identifying, assessing, developing, integrating, and continuously evaluating the effectiveness of defensive measures.”Dr. Dawn B., Senior Fellow
Medical, Dental and Vision coverage is available for employees who opt-in.
Our 401(k) plan features generous matching and company contributions.
We support our employees through mentoring, internal & external educational programs, networking, skills enhancement and career-building programs, funding for cyber certifications.
Maternity and Paternity Leave
Our generous parental leave policies support your journey into parenthood. When you return to work, our facilities offer mother's rooms to support your transition and work/life balance.
Paid Time Off
We offer PTO, paid holidays and paid time off for jury duty and military obligations.
Depending on the position, we offer flexible work schedules.
Information Systems Security Officer
King of Prussia, Pennsylvania
This position requires the candidate to function as the Information Systems Security Officer (ISSO) for multiple programs and performs as a technical liaison in support of the security standards and requirements relevant to the NIST Risk Management Framework (RMF) Step 1 thru Step 6 for the information systems. The desired candidate will possess a working understanding of the NIST 800-53 Security and Privacy Controls for Federal Information Systems and Organizations combined with a high degree of technical skills obtained through systems engineering or systems administration. The candidate must have working experience with the development, implementation, and maintenance of either the Linux and/or Microsoft Windows operating systems and supporting applications.
The ISSO is responsible for the oversight of the information system’s security posture with emphasis placed on the application and sustainment of the security controls. In doing so, the primary functions include development and maintenance of the System Security Plan (SSP), Plan of Action and Milestones (POA&M), and Security Controls Traceability Matrix (SCTM) as primary RMF deliverables. The ISSO also performs routine system auditing as well as vulnerability and compliance scanning throughout the entire lifecycle of the system. Development and implementation of relevant security policies and procedures required by assessment and authorization activities also apply based on any of the following guidance directives:
• Intelligence Community Directive 503 (ICD-503)
• DCSA Assessment and Authorization Process Manual (DAAPM)
• National Industrial Security Program Operating Manual (NISPOM Chapter 8)
• Joint Special Access Program (SAP) Implementation Guide (JSIG)
Effective communication is a key attribute within this role. The ISSO provides clear direction and assists programmatic IT and infrastructure support personnel with the application of security patches and secure configurations commensurate with Security Technical Implementation Guides (STIGs). Routine collaboration and consultation with the Information Systems Security Manager (ISSM) regarding the design, development, integration, and analysis of classified information systems is required. Working knowledge of Industry Standard tools for purposes of audit reduction, vulnerability scanning, and malware analysis is preferred. Relevant tools include but are not limited to: Splunk, Tenable Nessus, Host Based Security System (HBSS) components, Security Content Automation Protocol (SCAP) Checker and STIG viewer.
The ISSO is also a primary stakeholder and facilitator of the continuous monitoring efforts that promote RMF compliance throughout the organization. In doing so, the ISSO will routinely monitor the applicable security controls assigned to programs and systems using a blend of automated and manual techniques. This ensures that the security controls are: (1) being met and (2) implemented correctly with respect to the environment. Deficiencies and weaknesses identified throughout the process will be reported back to the ISSM.
Primary support activities include:
• Perform routine self-inspection reviews of the information systems.
• Perform comprehensive investigations of computer security incidents and ensuring proper measures are taken post discovery of the incident / event.
• Manage and execute the information security continuous monitoring requirements relevant to the system.
• Oversee the compliance of security settings within operating systems and applications integrated in the classified information systems under the candidate’s purview.
• Hands on experience with Windows and/or Linux operating systems.
• Final Top-Secret Clearance.
• Security + or equivalent DoD Directive 8570 / 8140 Information Assurance Management Level I – III certification.
• Understanding of the Risk Management Framework (RMF) process & requirements.
• Knowledge of other security disciplines and how they impact and interact with information systems security.
• Experience working with classified information systems.
• Previous experience supporting SAP / SCI environments.
• Relevant ISSO / ISSE experience within the DoD or Intelligence Community.
• Knowledge of the Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and configuration standards.
• Experience with Security Directives, Policies, Publications and Regulations.
• Excellent written and verbal communication skills with an ability to interface with numerous cognizant security agencies, customers, and senior managers. Other Important Information You Should Know Expression of Interest: By applying to this job, you are expressing interest in this position and could be considered for other career opportunities where similar skills and requirements have been identified as a match. Should this match be identified you may be contacted for this and future openings.Ability to Work Remotely: Onsite Full-time: The work associated with this position will be performed onsite at a designated Lockheed Martin facility.Work Schedules: Lockheed Martin supports a variety of alternate work schedules that provide additional flexibility to our employees. Schedules range from standard 40 hours over a five day work week while others may be condensed. These condensed schedules provide employees with additional time away from the office and are in addition to our Paid Time off benefits.Schedule for this Position: 4x10 hour day, 3 days off per weekSecurity Clearance Statement: This position requires a government security clearance, you must be a US Citizen for consideration.Clearance Level: Top Secret with an investigation within 5 years Lockheed Martin is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status. Join us at Lockheed Martin, where your mission is ours. Our customers tackle the hardest missions. Those that demand extraordinary amounts of courage, resilience and precision. They’re dangerous. Critical. Sometimes they even provide an opportunity to change the world and save lives. Those are the missions we care about.
As a leading technology innovation company, Lockheed Martin’s vast team works with partners around the world to bring proven performance to our customers’ toughest challenges. Lockheed Martin has employees based in many states throughout the U.S., and Internationally, with business locations in many nations and territories.Experience Level: Experienced ProfessionalBusiness Unit: RMSRelocation Available: PossibleCareer Area: Cyber Security Governance and Risk Compliance Type: Full-Time Shift: First
Together, Let's Change The World For The Better.
From green energy to aerospace, there are so many ways you can make a difference with us.