Lockheed Martin Info Assurance Engineer in Manassas, Virginia
Description: This position is for an Information Assurance Professional in the Rotary & Mission Systems Technical Operations organization, located in Manassas, VA. Information Assurance Engineer will be responsible for designing, developing, and implementing security controls to preserve the confidentiality, integrity and availability of information systems. Assist in successfully integrating security configuration procedures and tools on Linux and Windows platforms. This includes evaluating requirements, selecting/implementing security controls, reviewing installation procedures, conducting verification and validation of test procedures and script changes, tailoring and configuring security controls for specific product use, security assessment plan preparation, test procedure preparation, test execution and reporting, performing security vulnerability assessments using Assured Compliance Assessment Solution (ACAS), and performing SCAP security assessment/configuration. Identify issues and recommend solutions for the integration team, customers, and suppliers.
Act in a supporting role as the technical interface with customers, vendors, suppliers, and internal organization for related issues. Support project schedule management, earned value management, and basis of estimate (BOEs) preparation. Identify technological and functional risks inherent in system functionality, system exposure, and data sensitivity to determine the required security controls. Adhere to IT security guidance specific to the systems in support of federal mandates and system missions. Provide security engineering leadership and expertise in assisting with the development and delivery of security documentation packages consistent with federal requirements, specifically the DOD 8500 series, NIST SP 800-53 and ICD 503. Perform certification and accreditation activities with various government authorities and certification agents to obtain and maintain official Authorization to Operate (ATO) or Interim Authorization to Test on Enterprise and Platform IT (PIT) systems. Participate in architecture, design and code reviews and provide secure coding guidance and input to the software development team.
Perform certification and accreditation activities with various government authorities and certification agents to obtain and maintain official Authorization to Operate (ATO) or Interim Authorization to Test on Enterprise and Platform IT (PIT) systems. Information Assurance Engineer, Sr will provide secure coding guidance and input to the software development team to minimize programmatic vulnerabilities.
1. Minimum of current Secret clearance to start.
2. Bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field or master’s degree in software engineering.
3. Experience in RedHat Linux as a power user (i.e., knowledgeable of some UNIX admin commands and functions).
4. Knowledge of remediation methods using various cybersecurity controls for systems and networks.
1. Experience with or knowledge of the Risk Management Framework (RMF) and the DOD Information Assurance Certification & Accreditation Process (DIACAP) methods.
2. Software development experience in Java or C++ and/or system administration experience in RedHat Linux.
3. Experience integrating computing systems into an enterprise environment.
4. Experience using automated static analysis tools along with manual code review.
5. Familiarity with high-performance/cloud computing and storage concepts/technologies (Hadoop, GlusterFS, OpenStack).
6. Knowledge of DBMS and SQL (i.e. Oracle Database, PostgreSQL).
7. Knowledge of Directory Services (i.e. Active Directory and OpenLDAP).
8. Knowledge of Web Servers / Services (i.e. Apache HTTP, Apache Tomcat, Eclipse Jetty) and web applications.
9. Understanding of encryption concepts. Ability to communicate secure coding concepts and identify potential software defects/flaws.
10. Familiarity with using Bash/Shell to produce hardening scripts and workable knowledge of using utilities such as SCAP and ACAS to identify system vulnerabilities.
11. Experience in application and OS hardening using Puppet modules.
12. Risk Management Framework planning and implementation working experience is considered a plus.
13. CISSP certification or the pursuit thereof is a plus.
14. The ability to work independently without much peer guidance.
15. Solid verbal and written communication skills.
16. Ability to obtain a TS/SCI clearance.
Lockheed Martin is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
As a leading technology innovation company, Lockheed Martin’s vast team works with partners around the world to bring proven performance to our customers’ toughest challenges. Lockheed Martin has employees based in many states throughout the U.S., and Internationally, with business locations in many nations and territories.
Join us at Lockheed Martin, where we’re engineering a better tomorrow.