Description:Lockheed Martin Enterprise Information Technology (Enterprise IT) Corporate Information Security (CIS) is seeking an experienced Information Assurance / Security Engineer who also has experience with cloud technologies such as Amazon Web Services (AWS). In this role, you will work with individuals from a variety of technical and functional disciplines to provide guidance on cloud-based solutions that meet overall business needs while also embedding necessary security controls from end-to-end.
Duties of this position will include:
- Performing security evaluations of AWS services to understand the capabilities of the services and hence the security controls that may be required and/or recommended for secure use of the service.
- Engaging on cloud development, deployment, or migration projects to ensure end-to-end security of business solutions.
- Designing and validating security standards, policies, and solutions that align with the dynamic and agile nature of cloud environments.
- Documenting and communicating the security standards, policies, and solutions to allow for quicker and easier adoption.
- Automating security solutions using tools standard in the cloud / DevOps industry.
- Developing governance models for cloud-based solutions including IaaS, PaaS, and SaaS.
Lockheed Martin Corporate Information Security offers a dynamic, fast-paced environment where quick ramp-up and the ability to effectively manage multiple priorities is expected. The ability to work effectively in a virtual team will be required to enable success for the individual in this role and within the team.
LOCATION: Work location can be at any major US LM facility.
CANDIDATES MUST BE ELIGIBLE TO GET A SECURITY CLEARANCE AT SECRET LEVEL AT A MINIMUM.
- Proven ability to interpret security and information protection policies into executable requirements.
- Demonstrated knowledge of a wide range of IT disciplines including software, hardware, network engineering.
- Demonstrated experience in Information Assurance and security engineering principles involving application security, security testing, communications / network security, computer security and other areas of Information Assurance.
- Experience developing or testing web applications or web services.
- Experience performing security risk assessments.
- Proven successful experience interacting with internal customers and project co-workers.
- Proven successful experience interacting with external vendors / suppliers / partners.
- Effective written and oral communication skills.
- Experience following standardized engineering life-cycle processes and tailoring processes when appropriate.
- Knowledge of LM Corporate security policies.
- Current active DoD Secret Security Clearance preferred
- CISSP, CISM or other relevant security certification
- Understanding of OWASP Top 10 Web Application Security Risks and their countermeasures
- Understanding of the SANS Top 25 Most Dangerous Software Errors and their countermeasures
- Experience evaluating the security of SaaS / 3rd party vendors and negotiating enhancements to their practices, when appropriate
- Experience with Cloud technologies
- Experience with solutions in the HR and Health & Wellness domain
- Knowledge of regulatory requirements related to HIPAA, PCI and Privacy
Job ID: 466893BR