Information System Security Manager (ISSM)

Lockheed Martin•King of Prussia, PA

4d•Onsite

About The Position

Lockheed Martin is a pioneer in cyber security—partnering, innovating, and building cutting edge solutions. Our talented employees tackle the world’s toughest engineering challenges every day, leveraging their unique skills and experiences to design and deliver breakthrough technology. We empower our people to think big, perform with excellence, and create extraordinary products. If you have the passion and courage to dream boldly, join our culture and help build a better tomorrow. We provide the resources, inspiration, and focus you need to succeed. At Lockheed Martin Rotary and Mission Systems, we are driven by innovation and integrity. We believe that by applying the highest standards of business ethics and visionary thinking, everything is within our reach and yours as a Lockheed Martin employee. Lockheed Martin values your skills, training, and education. As a cyber security professional at Lockheed Martin, you'll be part of a team that's shaping the future of national security and defense. You'll have the opportunity to work on complex and challenging projects that require expertise in security and compliance. You'll collaborate with cross-functional teams to ensure the secure development, production, and deployment of our products and services. Your contributions will help protect sensitive information and critical assets and support the success of our customers and partners. The ISSM is responsible for the oversight of the information system’s security posture. Emphasis is placed on the application and sustainment of the NIST security controls to ensure cyber security requirements are properly administered throughout the system. The ISSM serves as the principle advisor on all matters, technical and otherwise, related to the security of systems under their purview. Primary functions include development and maintenance of the body of evidence associated with the Risk Management Framework (RMF) process. Effective communication and an ability to work independently are key attributes needed to be successful in this role. The ISSM will frequently interact with internal and external stakeholders, provide cybersecurity oversight and drive compliance standards for the information systems. The ISSM partners with Security Engineers and System Administrators to ensure security patches and secure configurations are in place and functioning properly on the information systems. The ISSM is also a primary stakeholder and helps the ISSOs facilitate the continuous monitoring efforts used to promote RMF compliance throughout the organization. An ability to plan effectively and prioritize projects is a required function of the ISSM role. Our flexible schedules, competitive pay and comprehensive benefits enable you to live a healthy, fulfilling life at work and home. Learn more about Lockheed Martin’s competitive and comprehensive benefits package. We support our employees, so they can support our mission.

Requirements

All candidates must possess a Final Top Secret Clearance w/SCI.
All candidates must possess a DoD 8570 IAM Level II certification or higher (e.g., CASP CE, CISM, CISSP, GSLC, or equivalent).
Demonstrated experience applying and documenting policy and system configurations that satisfy NIST 800-53 Security Control requirements across all Control Families.
Ability to interpret the requirements necessary for the effective implementation of Security Controls. Technologies include but are not limited to Windows, Linux, Virtualization, Network Infrastructure, etc.
Ability to develop and update relevant RMF artifacts such as the System Security Plan (SSP), Plan of Actions and Milestones (POA&M), Security Controls Traceability Matrix (SCTM), as well as the associated security policies and procedures.
Ability to perform continuous monitoring activities using Industry Standard tools such as Tenable Nessus, Security Center, Splunk, ELK, ePO, etc.
Experience leveraging Defense Information System Agency (DISA) Security Technical Implementation Guides (STIGs) and configuration standards to support system hardening.

Nice To Haves

Experience working with and interpreting Security Directives, Policies, Publications and Regulations (e.g. ICD 503, JSIG, and/or DCSA Assessment and Authorization Guide (DAAG)).
Experience using cybersecurity tools such as Nessus, Splunk, SCAP, HBSS, STIG Viewer to support compliance and monitoring activities
Previous experience supporting SAP / SCI environments as an ISSO / ISSE.

Responsibilities

The ISSM is responsible for the oversight of the information system’s security posture.
Emphasis is placed on the application and sustainment of the NIST security controls to ensure cyber security requirements are properly administered throughout the system.
The ISSM serves as the principle advisor on all matters, technical and otherwise, related to the security of systems under their purview.
Primary functions include development and maintenance of the body of evidence associated with the Risk Management Framework (RMF) process.
The ISSM will frequently interact with internal and external stakeholders, provide cybersecurity oversight and drive compliance standards for the information systems.
The ISSM partners with Security Engineers and System Administrators to ensure security patches and secure configurations are in place and functioning properly on the information systems.
The ISSM is also a primary stakeholder and helps the ISSOs facilitate the continuous monitoring efforts used to promote RMF compliance throughout the organization.
An ability to plan effectively and prioritize projects is a required function of the ISSM role.