Classified Cyber Security Staff

Lockheed Martin•Liverpool, NY

1d•Onsite

About The Position

At Lockheed Martin Rotary and Mission Systems, we are driven by innovation and integrity. We believe that by applying the highest standards of business ethics and visionary thinking, everything is within our reach and yours as a Lockheed Martin employee. Lockheed Martin values your skills, training, and education. Lockheed Martin Rotary and Mission Systems (RMS) safeguards the nation’s most sensitive data and war fighting capabilities. As a senior member of the Classified Cyber Security Staff (Level 4) you will work side by side with the Information System Security Manager (ISSM), cyber experts, military operators, and program teams to advise on design and architecture for continuous monitoring, risk based security, and supply chain assurance across our Syracuse, NY programs. Your mission is to embed robust security controls directly into the development, build, and deployment processes so that the environment remains protected without manual admin intervention.

Requirements

Active Secret security clearance.
DoD 8570/8140 IAT Level II certification (e.g., Security+ CE, CySA+, CCNA Security, CND).
Ability to work independently with leadership direction and able to build and maintain effective team and customer relationships.
Strong technical root cause analysis skills with a track record of developing corrective actions, policies, and procedures to resolve discrepancies.
Experience conducting risk and vulnerability assessments in line with applicable regulations, such as the DCSA Assessment and Authorization Guide (DAAG), National Industrial Security Program Operating Manual (NISPOM), NIST Special Publication (SP) 800-53, and various DISA Security Technical Implementation Guides (STIGs)
Proven hands on experience with industry standard cybersecurity tools, including vulnerability scanners (e.g., Tenable), Security Incident and Event Management (SIEM) and auditing platforms (e.g., Splunk), endpoint protection solutions (e.g., Trellix), and package submission tools (e.g., eMASS, XACTA)

Nice To Haves

DoD 8570/8140 IAM Level II certification (e.g., CISSP, CISM, CASP+/SecurityX).
In depth knowledge of the NISPOM and the DAAG.
Familiarity with key security frameworks and guidelines, including the Joint Special Access Program (JSIG) Implementation Guide, CNSSI 1253, and NIST SP 800 37 (Risk Management Framework)
Bachelor’s degree from an accredited institution in a relevant discipline, supplemented by 8 + years of professional experience in the field.

Responsibilities

Holistic risk orchestration – Seek unified solutions for aggregated data from all cyber tools into a single risk view across programs wherever able.
Continuous monitoring architecture – Design end to end monitoring (Splunk, Qmulos) to normalize security events from classified hosts, networks, and applications.
Security as code pipelines – Automate security checks (config compliance, vulnerability scans, integrity verification) in CI/CD with Ansible and ePO.
Vulnerability scanning – Integrate Nessus scans; automate scheduling, parsing, and remediation tracking.
Application & hardware whitelisting – Define approved software and hardware baselines; embed validation into build and procurement pipelines.
Q Compliance – Automate control mapping/reporting (NIST 800 53, DoD 8500, CNSSI 1253) and generate evidence for DCSA, DAAPM.
Ivanti SSCM – Manage configuration baselines and patch deployment; produce audit ready records.
Supply chain risk reviews – Work with the CI Review Team to assess acquisitions, evaluate supplier artifacts, and recommend mitigations.
Advanced risk assessments – Conduct threat modeling, attack surface analysis, and RMF assessments; translate findings into codified architectural improvements.
Metrics & dashboards – Define KPIs/KRIs and publish executive dashboards (e.g., Splunk) to drive continuous improvement.
Threat hunting – Use analytics to uncover hidden activity; refine detection rules and automated response playbooks.
Security control design – Engineer network segmentation, DLP, Trellix endpoint protection, and encryption; verify via automated testing and reviews.
Compliance coordination – Ensure monitoring meets RMF, NIST 800 137; prepare evidence for oversight bodies.
Incident response automation – Create run books and orchestration scripts to reduce MTTD and MTTR for classified incidents.
Stakeholder collaboration – Primary technical liaison for security reviews, ATO sustainment, and joint exercises; brief leadership.
Knowledge base maintenance – Author and update SSPs, SOPs, and policy artifacts reflecting current capabilities.
Mentorship & SETA – Provide SETA training on monitoring, threat hunting, whitelisting, and ATT&CK; guide junior staff.
Reporting – Issue status reports, risk analyses, and executive summaries.
Other classified cybersecurity duties as assigned.