F-35 Information System Security Manager - MCAS Yuma

Lockheed Martin•Yuma, AZ

9d•Onsite

About The Position

Lockheed Martin’s, Rotary & Mission Systems (LM RMS), F-35 Cyber Security invites you to step up to one of today’s most daunting challenges: the protection of exquisite government capabilities leading to warfighter supremacy against our peer and near peer adversaries. As a cybersecurity professional at Lockheed Martin, you’ll safeguard the sensitive information and warfighting capabilities that our citizens and the world depend upon to protect U.S. and ally interests. Here, you’ll work alongside other cybersecurity experts, related departments, and military members to support their military operational objectives by providing them with a safe and secure operating environment. In this fast-paced, real-world environment, you’ll draw on all your education and experience as well as the resources of Lockheed Martin to keep these exquisite capabilities protected. The Work: This Information System Security Manager (ISSM) position is responsible for the F-35 cybersecurity program at MCAS Yuma and leads the Information System Security Officer(s) (ISSO) in developing, maintaining, and overseeing the cybersecurity of assigned classified and/or unclassified F-35 systems. Assigned systems may vary in classification, capabilities, and complexity. Mission requirements may require other than first-shift work and additional responsibilities as assigned. Who we are: Lockheed Martin is a Cyber Security pioneer, partner, innovator, and builder. In support of our many customers, the amazing members of our team are responsible for providing all aspects of cybersecurity support in a complex environment. In a rapidly growing enterprise, this role offers the opportunity to grow and hone the unique skills and experiences required as a cybersecurity expert to create, design, and build solutions to some of the world’s hardest engineering problems.

Requirements

Final Transferable Secret security clearance; last Periodic Reinvestigation must be within the last five (5) years or enrollment in Continuous Vetting program.
Ability to obtain and maintain Special Access Program (SAP) access.
Possess a valid certification that meets or exceeds DoD 8570.01-M IAM II requirements. Meets: CASP+ CE, CGRC, CISM, CISSP (or Assc), GSLC, CCISO, HCISPP
Prior experience in a cyber workforce role, as categorized by the NICE or DoD workforce frameworks.
Prior experience as an ISSO, ISSM or related DoD Cyber Workforce Role on one or more F-35 information systems.
Prior experience ensuring compliance with applicable laws, regulations, guidance and policies as they relate to DoD cybersecurity and SAPs (e.g., DoDI 8510.01, JSIG, DoDM 5205.07, NIST SP 800 series).
Prior experience with the system authorization process, associated artifacts and their requirements (e.g., SSP, SCTM, Security CONOPs, SOPs).

Responsibilities

Developing and maintaining the site’s F-35 cybersecurity program for assigned systems.
Leading and managing assigned ISSO(s) in successful execution of the site’s F-35 cybersecurity program, to include assuming responsibilities of the ISSO(s) in their absence.
Ensuring all applicable cybersecurity policy, plans and procedures are followed.
Ensuring required cybersecurity controls are implemented and validated, to include continuous monitoring actions for assigned systems.
Developing and maintaining cybersecurity related plans, procedures and guidance.
Monitoring and recognizing non-compliance, suspicious and anomalous activity (i.e., threats), and effectively reporting such activity and associated risks to the appropriate parties.
Ensuring plans of actions and milestones or remediation plans are in place for vulnerabilities identified during monitoring activity, audits, inspections, etc. and implementing, or overseeing, required corrective actions.
Conducting role-based cybersecurity training for assigned users.
Creating, collecting and retaining data to meet reporting requirements.
Monitoring and correlating data (e.g., logs, events, activity, etc.) from a variety of sources (e.g., Splunk, ELA, ePO, ESS, ACAS, etc.) to identify and mitigate threats, vulnerabilities and non-compliance.
Investigating, analyzing and responding to cyber events, incidents and non-compliance, to include trend analysis, assembling detailed written reports and briefing the appropriate parties.
Identifying, implementing, and enforcing overall security requirements for the proper handling and storage of Government data and electronic media.
Conducting self-inspections and preparing for customer inspections.
Communicating and interacting professionally during the enforcement of security policy and procedures.