Cyber Systems Security Engineer - Level 4

About the position

Join our team of innovative engineers at Lockheed Martin Aeronautics, where we're pushing the boundaries of technology to design and develop cutting-edge air vehicles and aircraft. As a Cyber Systems Security Engineer, you'll play a critical role in ensuring the cyber security of our platforms, from design to implementation. Your expertise will help us create cyber-resilient security design solutions that meet the needs of our customers and protect our systems from emerging threats.

Responsibilities

• Collaborate with cross-functional teams, including other Subject Matter Experts (SMEs), to define, decompose, allocate, and implement cyber security requirements throughout the product development lifecycle
• Participate in working groups, design reviews, and formal artifact reviews to ensure that cyber security is considered early in the design process
• Conduct a range of cyber risk analyses and security assessment methods to identify potential vulnerabilities and threats
• Implement patches and Security Technical Implementation Guides (STIGs) to address cyber vulnerabilities, feature changes, or obsolescence
• Develop documentation for specific installations and configurations necessary to obtain Authorizations to Operate (ATOs) in support of program schedules
• Contribute to and implement Plans of Actions and Milestones (POA&Ms) to mitigate open cyber risks and ensure compliance with security regulations and standards
• Communicate effectively with technical and non-technical stakeholders, including engineering teams, program managers, and customers
• Foster a collaborative and inclusive environment that promotes open communication, itemized planning, and prioritization of tasks to drive efficient execution of objectives

Requirements

• Strong technical background in cyber security, with a focus on system security engineering and risk analysis
• Experience with security frameworks, regulations, and standards, including NIST, DoD, and industry-specific requirements
• Familiarity with security technologies, including firewalls, intrusion detection systems, and encryption
• Excellent problem-solving and analytical skills, with the ability to think critically and creatively
• Strong communication and collaboration skills, with the ability to work effectively with diverse stakeholders
• Ability to work in a fast-paced, dynamic environment with multiple priorities and deadlines

Nice-to-haves

• B.S. degree in a technical discipline such as Computer Science, Computer Engineering, Electrical Engineering, Computer Security, or Information Technology - or equivalent applied experience
• Experience utilizing Joint Special Access Program (SAP) Implementation Guide (JSIG), Committee on National Security Systems Instruction (CNSSI) 1253, and NIST SP 800-37 Risk Management Framework (RMF) to design and harden information systems commensurate with customer needs
• Ownership of, or ability to acquire and maintain, a CAC Card is strongly desired
• Experienced with ACAS software (Nessus and Tenable.SC)
• Ability to troubleshoot ACAS software (Nessus and Tenable.SC)
• Experienced with SCC SCAP tool to conduct compliance assessment
• Ability to troubleshoot SCC SCAP tool
• Have knowledge of Group Policy Management
• STIG experience
• Work alongside software team to find common ground on STIGs
• Experience analyzing, decomposing, and allocating security controls into executable security requirements at the system, sub-system and component level
• Experience with secure software development concepts (e.g. static code analysis, dynamic code analysis, STIG/SRG hardening, etc.) as applied to high-level programming languages (C, C++, Java)
• Experience with engineering change processes and/or configuration control processes
• Extensive experience developing and maintaining core security documentation artifacts for A&A Packages including Security Control Traceability Matrix (SCTM), System Security Plan (SSP) and/or Information Assurance Standard Operating Procedures (IA SOP), Plan of Action & Milestones (POA&M), and Risk Assessment Report (RAR)
• Extensive knowledge of DoD Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs)
• Background/knowledge working with information systems/environments that utilize the Open Mission Systems (OMS) standard and Universal Command and Control Standards Initiative (UCI) message set
• Expertise/knowledge in both compliance testing and penetration testing methodologies.
• Experience with Real-Time Embedded Operating Systems (e.g. GreenHills INEGRITY, LynxOS, VxWorks, Yocto)
• Experience with Agile project management tools (JIRA, VersionOne, etc.)
• Experience conducting technical trade studies and assessments
• Must be willing to mentor junior-level team members
• Experience with creating and presenting technical information to senior-level executives and customers
• Demonstrated problem-solving and troubleshooting skills
• Proficient technical writing skills
• Strong analytical and organizational skills with excellent communication skills (written and verbal communications) and have the ability to work in a dynamic work environment
• Experience working in an aerospace design environment with exposure to DoD customers and their accrediting authorities.

Benefits

• Flexible work schedules
• Comprehensive benefits investing in your future and security