Classified Cyber Security Sr​/ISSO​/Ocala

Description

Lockheed Martin MFC is also embarking on a transformational journey – destination the future. Digital Transformation (DT) is Lockheed Martin’s path to the future with its interconnected environment where data becomes information and information drives decisions that create value across the entire lifecycle. This includes how our workforce will operate, as well. To help us along this journey MFC is seeking a qualified candidate for the position of Workforce Programs Lead.

We’re looking for someone with passion and enthusiasm in leading us on programs to build and enable the future workforce. This position can be summarized in this way. Classified Cybersecurity helps secure lifesaving products and critical state-of-the‑art engineering and manufacturing systems by applying cutting‑edge cybersecurity principles. Rising to the challenge of building a more secure world for the warfighter, space exploration, climate sustainability and commercial use.

The Cybersecurity will partner with the security team, program, and government customers to perform as an Information Systems Security Officer (ISSO) in Ocala.

As the ISSO, you will be responsible for overseeing day‑to‑day information system security operations, ensuring compliance with internal and customer security requirements, and maintaining the security and integrity of our systems.

• Oversee day‑to‑day information system security operations including auditing the information system, hardware, and software implementations and RMF package authorizations.
• Carry out technical administration of IS in accordance with internal LM and customer security requirements, primarily Risk Management Framework (RMF).
• Upkeep, monitor, analyze, and respond to network and security events.
• Document compliance actions with the ISSM to address non‑compliance in the allotted time frame.
• Ensure systems are operated, maintained, and disposed of in accordance with internal security policies and practices.
• Participate in internal/external security audits/inspections; perform risk assessments.
• Ensure records are maintained for workstations, software, servers, routers, firewalls, network switches, telephony equipment, etc. throughout the information system’s life cycle.
• Evaluate proposed changes or additions to the information system, and advise the ISSM of their security relevance.
• Ensure configuration management (CM) for security relevant IS software, hardware, and firmware is maintained and documented.
• Assist in conducting investigations of computer security violations and incidents, reporting as necessary.
• Ensure proper protection and/or corrective measures have been taken when an incident or vulnerability has been discovered.
• Communicate, implement and manage a formal Information Security / Information Systems Security Program together with ISSM and Program Security.

• Ability to obtain and maintain a Secret clearance (Interim Secret required to start).
• Bachelor’s degree in Cybersecurity (or related discipline) or similar experience.
• DoD 8570/8140 IAT Level II baseline certification (CCNA
  - Security, CySA+ *, GICSP, GSEC, Security+ CE, CND, SSCP) or ability to obtain within 6 months of employment.
• Experience with developing, reviewing, and maintaining RMF artifacts.
• Experience with classified information system auditing and investigations.

• Collateral: previous experience supporting classified information systems; SAP:
  Previous experience supporting SAP/SCI classified information systems.
• Knowledge of system accreditation requirements and NIST 800‑53 (DAAG/JSIG) RMF implementation.
• Experience implementing/validating STIG application, system hardening, analysis, and vulnerability management.
• Knowledge of other security disciplines and how they impact and interact with information system security.
• Demonstrated technical experience in Windows, Linux operating systems and command line use.
• Demonstrated technical experience with industry standard Information Assurance tools (Splunk, Nessus/Tenable/ACAS, STIGViewer/SCAP Compliance Checker/eSTIG, McAfee ePO, McAfee DLP).
• Understanding of network concepts and Type 1 encryption devices,…