Lockheed Martin - Las Vegas, NV
posted 16 days ago
Full-time - Mid Level
Las Vegas, NV
Transportation Equipment Manufacturing
About the position
Join our team of innovative engineers at Lockheed Martin Aeronautics, where we're pushing the boundaries of technology to design and develop cutting-edge air vehicles and aircraft. As a Cyber Systems Security Engineer, you'll play a critical role in ensuring the cyber security of our platforms, from design to implementation. Your expertise will help us create cyber-resilient security design solutions that meet the needs of our customers and protect our systems from emerging threats.
Responsibilities
- Collaborate with cross-functional teams, including other Subject Matter Experts (SMEs), to define, decompose, allocate, and implement cyber security requirements throughout the product development lifecycle
- Participate in working groups, design reviews, and formal artifact reviews to ensure that cyber security is considered early in the design process
- Conduct a range of cyber risk analyses and security assessment methods to identify potential vulnerabilities and threats
- Implement patches and Security Technical Implementation Guides (STIGs) to address cyber vulnerabilities, feature changes, or obsolescence
- Develop documentation for specific installations and configurations necessary to obtain Authorizations to Operate (ATOs) in support of program schedules
- Contribute to and implement Plans of Actions and Milestones (POA&Ms) to mitigate open cyber risks and ensure compliance with security regulations and standards
- Communicate effectively with technical and non-technical stakeholders, including engineering teams, program managers, and customers
- Foster a collaborative and inclusive environment that promotes open communication, itemized planning, and prioritization of tasks to drive efficient execution of objectives
Requirements
- Strong technical background in cyber security, with a focus on system security engineering and risk analysis
- Experience with security frameworks, regulations, and standards, including NIST, DoD, and industry-specific requirements
- Familiarity with security technologies, including firewalls, intrusion detection systems, and encryption
- Excellent problem-solving and analytical skills, with the ability to think critically and creatively
- Strong communication and collaboration skills, with the ability to work effectively with diverse stakeholders
- Ability to work in a fast-paced, dynamic environment with multiple priorities and deadlines
Nice-to-haves
- B.S. degree in a technical discipline such as Computer Science, Computer Engineering, Electrical Engineering, Computer Security, or Information Technology - or equivalent applied experience
- Experience utilizing Joint Special Access Program (SAP) Implementation Guide (JSIG), Committee on National Security Systems Instruction (CNSSI) 1253, and NIST SP 800-37 Risk Management Framework (RMF) to design and harden information systems commensurate with customer needs
- Ownership of, or ability to acquire and maintain, a CAC Card is strongly desired
- Experienced with ACAS software (Nessus and Tenable.SC)
- Ability to troubleshoot ACAS software (Nessus and Tenable.SC)
- Experienced with SCC SCAP tool to conduct compliance assessment
- Ability to troubleshoot SCC SCAP tool
- Have knowledge of Group Policy Management
- STIG experience
- Work alongside software team to find common ground on STIGs
- Experience analyzing, decomposing, and allocating security controls into executable security requirements at the system, sub-system and component level
- Experience with secure software development concepts (e.g. static code analysis, dynamic code analysis, STIG/SRG hardening, etc.) as applied to high-level programming languages (C, C++, Java)
- Experience with engineering change processes and/or configuration control processes
- Extensive experience developing and maintaining core security documentation artifacts for A&A Packages including Security Control Traceability Matrix (SCTM), System Security Plan (SSP) and/or Information Assurance Standard Operating Procedures (IA SOP), Plan of Action & Milestones (POA&M), and Risk Assessment Report (RAR)
- Extensive knowledge of DoD Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs)
- Background/knowledge working with information systems/environments that utilize the Open Mission Systems (OMS) standard and Universal Command and Control Standards Initiative (UCI) message set
- Expertise/knowledge in both compliance testing and penetration testing methodologies.
- Experience with Real-Time Embedded Operating Systems (e.g. GreenHills INEGRITY, LynxOS, VxWorks, Yocto)
- Experience with Agile project management tools (JIRA, VersionOne, etc.)
- Experience conducting technical trade studies and assessments
- Must be willing to mentor junior-level team members
- Experience with creating and presenting technical information to senior-level executives and customers
- Demonstrated problem-solving and troubleshooting skills
- Proficient technical writing skills
- Strong analytical and organizational skills with excellent communication skills (written and verbal communications) and have the ability to work in a dynamic work environment
- Experience working in an aerospace design environment with exposure to DoD customers and their accrediting authorities.
Benefits
- Flexible work schedules
- Comprehensive benefits investing in your future and security
