Information System Security Officer
Lockheed Martin •
Position Type: Permanent
Job Description:
Description:This position requires the candidate to function as the Information System Security Officer (ISSO) for multiple programs and performs as a technical liaison in support of the security standards and requirements relevant to the NIST Risk Management Framework (RMF) Step 1 thru Step 6 for the information systems. The desired candidate will possess a working understanding of the NIST 800-53 Security and Privacy Controls for Federal Information Systems and Organizations combined with a high degree of technical skills obtained through systems engineering or systems administration. The candidate must have working experience with the development, implementation, and maintenance of either the Linux and/or Microsoft Windows operating systems and supporting applications.
The ISSO is responsible for the oversight of the information system’s security posture with emphasis placed on the application and sustainment of the security controls. In doing so, the primary functions include development and maintenance of the System Security Plan (SSP), Plan of Action and Milestones (POA&M), and Security Controls Traceability Matrix (SCTM) as primary RMF deliverables. The ISSO also performs routine system auditing as well as vulnerability and compliance scanning throughout the entire lifecycle of the system. Development and implementation of relevant security policies and procedures required by assessment and authorization activities also apply based on any of the following guidance directives:
• Intelligence Community Directive 503 (ICD-503)
• DCSA Assessment and Authorization Process Manual (DAAPM)
• National Industrial Security Program Operating Manual (NISPOM Chapter 8)
• Joint Special Access Program (SAP) Implementation Guide (JSIG)
Effective communication is a key attribute within this role. The ISSO provides clear direction and assists programmatic IT and infrastructure support personnel with the application of security patches and secure configurations commensurate with Security Technical Implementation Guides (STIGs). Routine collaboration and consultation with the Information System Security Manager (ISSM) regarding the design, development, integration, and analysis of classified information systems is required. Working knowledge of Industry Standard tools for purposes of audit reduction, vulnerability scanning, and malware analysis is preferred. Relevant tools include but are not limited to: Splunk, Tenable Nessus, Host Based Security System (HBSS) components, Security Content Automation Protocol (SCAP) Checker and STIG viewer.
The ISSO is also a primary stakeholder and facilitator of the continuous monitoring efforts that promote RMF compliance throughout the organization. In doing so, the ISSO will routinely monitor the applicable security controls assigned to programs and systems using a blend of automated and manual techniques. This ensures that the security controls are: (1) being met and (2) implemented correctly with respect to the environment. Deficiencies and weaknesses identified throughout the process will be reported back to the ISSM.
Primary support activities include:
• Perform routine self-inspection reviews of the information systems.
• Perform comprehensive investigations of computer security incidents and ensuring proper measures are taken post discovery of the incident / event.
• Manage and execute the information security continuous monitoring requirements relevant to the system.
• Oversee the compliance of security settings within operating systems and applications integrated in the classified information systems.
Basic Qualifications:
• Hands on experience with Windows and/or Linux operating systems.
• Final Top-Secret Clearance.
• Security + or equivalent DoD Directive 8570 / 8140 Information Assurance Management Level I – III certification.
• Understanding of the Risk Management Framework (RMF) process & requirements.
• Excellent written and verbal communication skills with an ability to interface with numerous cognizant security agencies, customers, and senior managers.
• Knowledge of other security disciplines and how they impact and interact with information systems security.
Desired Skills:
• Experience working with classified information systems.
• Previous experience supporting SAP / SCI environments.
• Relevant ISSO / ISSE experience within the DoD or Intelligence Community.
• Knowledge of the Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and configuration standards.
• Experience with Security Directives, Policies, Publications and Regulations.
Security Clearance Statement: This position requires a government security clearance, you must be a US Citizen for consideration.
Clearance Level: Top Secret
Other Important Information You Should Know
Expression of Interest: By applying to this job, you are expressing interest in this position and could be considered for other career opportunities where similar skills and requirements have been identified as a match. Should this match be identified you may be contacted for this and future openings.
Ability to Work Remotely: Onsite Full-time: The work associated with this position will be performed onsite at a designated Lockheed Martin facility.
Work Schedules: Lockheed Martin supports a variety of alternate work schedules that provide additional flexibility to our employees. Schedules range from standard 40 hours over a five day work week while others may be condensed. These condensed schedules provide employees with additional time away from the office and are in addition to our Paid Time off benefits.
Schedule for this Position: 4x10 hour day, 3 days off per week
Lockheed Martin is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
The application window will close in 90 days; applicants are encouraged to apply within 5 - 30 days of the requisition posting date in order to receive optimal consideration.
At Lockheed Martin, we use our passion for purposeful innovation to help keep people safe and solve the worlds most complex challenges. Our people are some of the greatest minds in the industry and truly make Lockheed Martin a great place to work.
With our employees as our priority, we provide diverse career opportunities designed to propel, develop, and boost agility. Our flexible schedules, competitive pay, and comprehensive benefits enable our employees to live a healthy, fulfilling life at and outside of work. We place an emphasis on empowering our employees by fostering an inclusive environment built upon integrity and corporate responsibility.
If this sounds like a culture you connect with, you’re invited to apply for this role. Or, if you are unsure whether your experience aligns with the requirements of this position, we encourage you to search on Lockheed Martin Jobs, and apply for roles that align with your qualifications.
Experience Level: Experienced Professional
Business Unit: RMS
Relocation Available: Possible
Career Area: Cyber Security Governance and Risk Compliance
Type: Full-Time
Shift: First
• Experience working with classified information systems.
• Previous experience supporting SAP / SCI environments.
• Relevant ISSO / ISSE experience within the DoD or Intelligence Community.
• Knowledge of the Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and configuration standards.
• Experience with Security Directives, Policies, Publications and Regulations.
Job Ident #:
59722549488
(Job and company information not to be copied, shared, scraped, or otherwise disseminated/distributed without explicit consent of JSfirm, LLC)