Information System Security Manager (Advanced)

Description: In this role, the candidate will function as the Information System Security Manager (ISSM) for multiple programs. The ISSM performs as a technical liaison with oversight of the security standards and requirements relevant to the NIST Risk Management Framework (RMF). The desired candidate will possess a working understanding of the NIST 800-53 Security and Privacy Controls for Federal Information Systems and Organizations combined with a high degree of technical skills obtained through systems engineering or systems administration. The candidate must have working experience with the development, implementation, and maintenance of the Linux and/or Microsoft Windows operating systems and supporting applications.

Overall, the ISSM is responsible for the oversight of the information system's security posture with emphasis placed on the application and sustainment of the security controls and ensuring the cyber security program is properly administered throughout the program. The ISSM serves as the principle advisor on all matters, technical and otherwise, related to the security of systems under their purview. Primary functions include development and maintenance of the body of evidence associated with the RMF processes. Development and implementation of relevant security policies and procedures required by assessment and authorization activities also apply based on any of the following guidance directives:

• Intelligence Community Directive 503 (ICD-503)

• DCSA Assessment and Authorization Process Manual (DAAPM)

• National Industrial Security Program Operating Manual (NISPOM Chapter 8)

• Joint Special Access Program (SAP) Implementation Guide (JSIG)

Effective communication is a key attribute within this role. The ISSM provides clear direction and assists program management with decision making relevant to the cyber security requirements defined on the contract. Frequent communication with the government Security Control Assessors (SCA) is required to ensure compliance is being met. Routine collaboration and consultation with the Classified Cyber Security Manager regarding the design, development, integration, and analysis of classified information systems is required. The ISSM is also a primary stakeholder and facilitator of the continuous monitoring efforts that promote RMF compliance throughout the organization.

Primary support activities include

• Perform routine self-inspection reviews of the information systems.

• Perform comprehensive investigations of computer security incidents and ensuring proper measures are taken post discovery of the incident / event.

• Design, manage and execute the information security continuous monitoring requirements relevant to the system.

• Assist the ISSO(s) with the oversight of the compliance of security settings within operating systems and applications integrated in the classified information systems under the candidate's purview.

• Ensure that configuration management policies and procedures are followed while authorizing the use of hardware / software on an information system and perform assessments of those changes.

• Ensure compliance with current cyber security policies, concepts, and measures when designing, procuring, adopting, and developing a new system.

• Develop and implementing an effective system security education, training, and awareness program.

• Act as a liaison with government agency representatives, such as the Defense Counterintelligence Security Agency (DCSA) Information System Security Professionals (ISSP), Advanced / Special Program Security Control Assessors (SCA), and other external / internal customers.

Basic Qualifications:

• Hands on experience with Windows and/or Linux operating systems.

• Practical application of Security Technical Implementation Guides (STIGs) and experience performing vulnerability analysis.

• Final Top-Secret Clearance w/SCI.

• CISSP, CISM or equivalent DoD Directive 8570 / 8140 Information Assurance Management Level II - III certification.

• Understanding of the Risk Management Framework (RMF) process & requirements.

• Excellent written and verbal communication skills with an ability to interface with numerous cognizant security agencies, customers, and senior managers.

• Knowledge of other security disciplines and how they impact and interact with information systems security.

Desired Skills:

• Experience working with classified information systems.

• Previous experience supporting SAP / SCI environments.

• Relevant ISSM / ISSO / ISSE experience within the cybersecurity career field.

• Knowledge of the Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and configuration standards.

• Experience interpreting Security Directives, Policies, Publications and Regulations and applying those in a practical way for a cybersecurity program.

Security Clearance Statement: This position requires a government security clearance, you must be a US Citizen for consideration.

Clearance Level: Top Secret

Other Important Information You Should Know

Expression of Interest: By applying to this job, you are expressing interest in this position and could be considered for other career opportunities where similar skills and requirements have been identified as a match. Should this match be identified you may be contacted for this and future openings.

Ability to Work Remotely: Onsite Full-time: The work associated with this position will be performed onsite at a designated Lockheed Martin facility.

Work Schedules: Lockheed Martin supports a variety of alternate work schedules that provide additional flexibility to our employees. Schedules range from standard 40 hours over a five day work week while others may be condensed. These condensed schedules provide employees with additional time away from the office and are in addition to our Paid Time off benefits.

Schedule for this Position: 4x10 hour day, 3 days off per week

Lockheed Martin is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

The application window will close in 90 days; applicants are encouraged to apply within 5 - 30 days of the requisition posting date in order to receive optimal consideration.

At Lockheed Martin, we use our passion for purposeful innovation to help keep people safe and solve the world's most complex challenges. Our people are some of the greatest minds in the industry and truly make Lockheed Martin a great place to work.

With our employees as our priority, we provide diverse career opportunities designed to propel, develop, and boost agility. Our flexible schedules, competitive pay, and comprehensive benefits enable our employees to live a healthy, fulfilling life at and outside of work. We place an emphasis on empowering our employees by fostering an inclusive environment built upon integrity and corporate responsibility.

If this sounds like a culture you connect with, you're invited to apply for this role. Or, if you are unsure whether your experience aligns with the requirements of this position, we encourage you to search on Lockheed Martin Jobs , and apply for roles that align with your qualifications.

Experience Level: Experienced Professional

Business Unit: RMS

Relocation Available: Possible

Career Area: Cyber Security Governance and Risk Compliance

Type: Full-Time

Shift: First