Lockheed Martin Information Assurance/Cyber/Risk Management in Virginia Beach, Virginia
Description: At Lockheed Martin Rotary and Mission Systems (RMS), we are driven by innovation and integrity. We believe that by applying the highest standards of business ethics and visionary thinking, everything is within our reach – and yours as a Lockheed Martin employee. Lockheed Martin values your skills, training and education. Come and experience your future!
This position will support the following tasks:
1. Develop and maintain cybersecurity documentation to support DoD Information Assurance Certification and Accreditation Process (DIACAP), National Institute of Standards and Technology (NIST) Risk Management
Framework (RMF), and Navy Platform Information Technology (PIT) assessment and approval requirements to achieve an Authority to Operate (ATO) or PIT Risk Approval (PRA).
2. Develop and/or maintain a Plan of Action & Milestones (POA&M) of vulnerability findings for each C&A/A&A/PIT package in Navy eMASS and coordinate actions and milestones to achieve closure of each finding.
3. Monitor the lifecycle of the IT/PIT system to verify the implementation of ongoing vulnerability assessment & remediation efforts in accordance with the system Configuration Management Plan.
4. Review Key Performance Parameters (KPPs) and Key System Attributes (KSAs) of the IT/PIT system and (1) develop applicable cybersecurity test procedures, (2) execute applicable best security practices (e.g. STIGs), and (3) Monitor and implement (as appropriate) policies and guidance from DoD/Navy/NAVSEA to mitigate cybersecurity risk to the system.
5. Collaborate with system engineers, and software developers to ensure that cybersecurity controls are implemented throughout the acquisition lifecycle of the IT/PIT system and documented in eMASS during the C&A/A&A/PRA process to include security control development, implementation, execution and reporting. Additionally, the contractor should apply mitigations to security controls as applicable.
6. Validate the IT/PIT system’s compliance with all applicable IA Controls for an assigned DON system, including developing the appropriate test procedures if necessary, executing the test procedures and documenting the results of security testing in eMASS.
7. Collaborate with system administrators to conduct compliance and vulnerability assessments of IT/PIT systems utilizing automated DOD cybersecurity tools (e.g. Assured Compliance Assessment Solution (ACAS), SCAP Compliance Checker (SCC), and DISA STIG Viewer) throughout the acquisition lifecycle of the system.
8. Collaborate with system administrators to maintain a detailed inventory of all software and hardware components within a C&A/A&A/PRA package for systems prior to and after fielding.
Desired Skills: Although not required, a Navy Validator certification would strengthen a candidates position.
Prior experience with the development and maintenance of cybersecurity documentation to support assessment and approval leading to Authority to Operate (ATO) or PIT Risk Approval (PRA).
Some familiarity with the Risk Management Framework (RMF).
Current Security+ CE and LINUX+ certifications, or the ability to obtain the necessary certs within 6 months of hire.
Must have at a minimum an active Final Secret Clearance.
Lockheed Martin is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
As a leading technology innovation company, Lockheed Martin’s vast team works with partners around the world to bring proven performance to our customers’ toughest challenges. Lockheed Martin has employees based in many states throughout the U.S., and Internationally, with business locations in many nations and territories.
Join us at Lockheed Martin, where we’re engineering a better tomorrow.