Information System Security Manager; ISSM KOP

Overview

Lockheed Martin’s Rotary and Mission Systems (RMS) Classified Cyber Security organization is looking for a Classified Cyber Security Manager who will serve as the on site cyber leader for our classified programs. In this role you will own the day to day security posture of the site’s classified systems and infrastructure, serve as the facility Information Systems Security Manager (ISSM), and provide authoritative guidance on all matters of confidentiality, integrity, and availability.

You will lead a team of cyber professionals, partner with engineering and program leads, and ensure that security governance, risk management, and compliance are embedded into every operational and development activity across the site.

• Own the execution of business enablement initiatives, embedding 21st Century Security into the Classified Cyber program to effectively manage risk while ensuring seamless alignment with customer requirements and successful program execution.
• Leadership and stewardship of Classified Cyber Security Professionals.
• Serve as the ISSM for the site’s classified environment.
• Mentor, train, and develop the cyber talent pool to sustain a high performing, classified cyber security capability.
• Develop, enforce, and continuously improve security policies, standards, and processes that meet DoD, DISA, and RMS requirements.
• Oversee the implementation and validation of security controls, ensuring they are applied consistently across all classified assets.
• Lead risk based assessments, vulnerability management, and incident response activities for the site.
• Provide expert guidance to program and engineering teams on secure architecture, system hardening, and compliance with NIST SP800 53, DISA STIGs, and other applicable frameworks.

• Minimum Final Secret Clearance Required
• Minimum 8+ years of progressive experience in cybersecurity, with at least 3+ years in an ISSM or site leadership role for classified systems.
• Key Responsibilities (listed in description) — see responsibilities section for details.
• Practical experience with industry standard Information Assurance tools required for DCSA system authorizations, including:
• Vulnerability scanning tools (e.g., Tenable)
• Endpoint protection platforms (e.g., Trellix)
• SIEM/auditing solutions (e.g., Splunk)
• Bachelor’s degree from an accredited college in a relevant discipline plus 8+ years of professional cybersecurity experience.
• SME level expertise with authorization package submission tools (e.g., eMASS) leading to successful Authorization to Operate (ATO) and Authority to Connect (ATC).
• Direct experience with the DCSA Assessment and Authorization Guide (DAAG) or the DCSA Assessment and Authorization Process Manual.
• Familiarity with one or more of the following frameworks and guides:
• Joint Special Access Program (SAP) Implementation Guide (JSIG)
• Committee on National Security Systems Instruction (CNSSI)1253
• NIST SP800 37 Risk Management Framework (RMF)
• NIST SP800 53 Security and Privacy Control Requirements.

By applying to this job, you are expressing interest in this position and could be considered for other career opportunities where similar skills and requirements have been identified as a match. Should this match be identified you may be contacted for this and future openings.

Onsite Full-time:
The work associated with this position will be performed onsite at a designated Lockheed Martin facility.