Lockheed Martin RMF Information Systems Security Manager (ISSM) / Moorestown, NJ in Moorestown, New Jersey
At Lockheed Martin Rotary and Mission Systems (RMS), we are driven by innovation and integrity. We believe that by applying the highest standards of business ethics and visionary thinking, everything is within our reach – and yours as a Lockheed Martin employee. Lockheed Martin values your skills, training and education. Come and experience your future!
Will perform as an Risk Management Framework (RMF) Information Systems Security Manager (ISSM)) dedicated to program with DSS authorization under NISPOM or Navy authorization under JSIG or DIACAP. Dutes include, but are not limited to the following: In close coordination with the Information Systems Security Officer (if assigned), employ detailed knowledge and expertise required to manage the cybersecurity aspects of the computing environment, to include day-to-day security operations and monitoring a system and its operational environment. Develop and update the system security plan (SSP), managing and controlling changes to the system, and assessing the security impact of those changes. Coordinates, implements and monitors Information System Security controls such as policies and procedures plus technical configurations, in accordance with Risk Management Framework per the Joint Special Access Program Implementation Guide and/or National Institute of Standards and Technology (NIST) publications, National Industrial Security Program Operating Manual (NISPOM), Defense Information Systems Agency (DISA) Security Technical Information Guides (STIG), and other DoD issuances.
Prepare security plans, procedures and other artifacts in accordance with company and government standards. Evaluate information technology security mechanisms and processes against corporate and government regulations to include assessment or certification of technical configurations, consulting as required with information technology architects, administrators, and functional experts who are responsible to accomplish the engineering, design, operation and hands-on implementation of computing environments.
Under general guidance from management, collaborate with other business unit and Corporate staff in Security, IT, and line business organizations to develop and implement efficient and appropriate technology, user training, processes, procedures, and compliance programs that are integrated seamlessly with day-to-day operations of complex and large-scale computing infrastructure.
As needed, perform day-to-day operations, such as review of audit logs and continuous monitoring tools for IT systems to identify anomalies, hacking, or insider threats. Work with peers in related Security disciplines to develop, coordinate, publish, and maintain a common body of training materials, standards, directives, policies and procedures to enhance the local security program protecting classified and sensitive information. Build strong relationships with Program Managers, within the Security organization and IT staff to hone best practices and drive consistency. Train and consult with fellow ISSMs, plus ISSOs and IT support who accomplish day-to-day tasks involved with administering and operating information systems. Accomplish assessment and authorization support tasks, additionally develop and implement information security procedures for the operation of multiple networked and standalone computers to ensure program information confidentiality, integrity, and availability. Perform compliance audits, participate in incident handling and lead or assist investigations into security anomalies.
On occasion, work extended hours (other than normal business hours) to support contractual requirements to meet customer needs. Accomplish other duties as assigned.
Basic Qualifications Secret clearance or higher. Knowledge of, or experience with Joint Special Access Program Implementation Guide (JSIG) Risk Management Framework (RMF) and continuous monitoring implementation, along with working knowledge of Windows, UNIX and Linux operating systems in a compliance role. Demonstrated experience as Information Systems Security Manager (ISSM), Information Systems Security Officer (ISSO), Information Assurance Manager (IAM), Information Assurance Officer (IAO), or equivalent. At least one certification that qualifies under per DoDD 8570 at level 1 IAM such as: Certified Information Systems Security Professional (CISSP), CompTIA Advanced Security Practitioner (CASP), Security+, Network+, SANS GIAC Security Essentials Certification (GSEC), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM). Experience completing System Security Plans per the JSIG RMF, National Industrial Security Operating Manual (NISPOM), Joint Air Force Army Navy (JAFAN) 6-3 or similar. Well-developed communication skills, including speaking and writing.
Desired skills Knowledge of, or experience with "mobile systems" under DSS authorization and/or test event plans supported with transportation of systems under JSIG, ideally with Navy afloat or shore locations. At least one certification that qualifies under per DoDD 8570 at level 2 IAM such as: Certified Authorization Professional (CAP), Certified Information Systems Security Professional (CISSP), CompTIA Advanced Security Practitioner (CASP), Certified Information Security Manager (CISM), GIAC Security Leadership (GSLC). Ability to work effectively with others, establishing or following common processes and procedures, demonstrating creativity and contributions to a larger organization. Technical, organizational, project lead and incident handling skills; familiarity with Defense Security Service (DSS), 800 Series NIST, NISPOM, US Department of Defense Cybersecurity, Information Security or Information Assurance compliance programs. Equivalent experience or knowledge of systems operating under DSS, NAVY or JSIG guidelines. Experience with administrative methods and security-type tasks, such as tasks listed in the Job Description section. Functional skills at the “power user” level with UNIX (Sun, HP, Linux) and Windows Operating systems. Experience with classified "mobile systems" such as transportation plans, and associated package submissions.
As a leading technology innovation company, Lockheed Martin’s vast team works with partners around the world to bring proven performance to our customers’ toughest challenges. Lockheed Martin has employees based in many states throughout the U.S., and Internationally, with business locations in many nations and territories.
Join us at Lockheed Martin, where we’re engineering a better tomorrow.
Lockheed Martin is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
Job Location(s): Moorestown New Jersey