Manage the implementation of strategic Corporate Information Security programs, ensuring effective cyber security risk management practices, and engaging with business unit members on a wide range of cyber security matters to achieve overall business objectives.

Provide security consultation, direction and guidance to business partners that meet security policy requirements, standards, best practices and reduced risk. Work with Security leadership and key stakeholders to gain risk acceptance on security risk matters when needed. Work with application, technical and business teams to inform and educate on security policies, risks and threats.As part of the Information Security Officer team, function as a Subject Matter Expert (SME) on security… Show more Provide security consultation, direction and guidance to business partners that meet security policy requirements, standards, best practices and reduced risk. Work with Security leadership and key stakeholders to gain risk acceptance on security risk matters when needed. Work with application, technical and business teams to inform and educate on security policies, risks and threats.As part of the Information Security Officer team, function as a Subject Matter Expert (SME) on security frameworks and requirements, utilizing this knowledge to advise business units, support policy development, and conduct risk analysis. ➢ Review new federal and state cybersecurity regulations, providing feedback to Business Operations team and Legal. Based upon analysis, develop recommendations on security controls to address gaps➢ Evaluate business unit implementation of key security frameworks and provide recommendations to address alignment.➢ Perform detailed risk assessments and provide recommendations to the business.➢ Determine if security risk factors exist and help stakeholders understand the risk factors and design compensating controls that meet Corporate Information Security Standards.➢ Collaborate with the core business partners and other security teams to improve controls via creative process design which meet the evolving business needs for customer experience and efficiency.➢ Collaborate and build relationships with key business partners for continued security education and awareness.➢ Provide guidance for new technologies and methodologies as business needs evolve.➢ Assist in cyber events and investigations, including but not limited to, data discovery & analysis and customer notification, as needed.➢ Assist in budget governance processes for the CIS project portfolio, including vendor statement of work and project portfolio oversight. Show less

Providing security solutions in support of Lockheed Martin F-35 program JSF RMF/JSIG Transition Team Supporting F-35 Risk Management Framework (RMF)/Joint Special Access Implementation Guide (JSIG) recertification & accreditation effort

Design, tests, implement state-of-the-are secure operating systems, networks, and database products. Conducts risk assessment and provide recommendations for application design. Provide guidance on a wide range ofsecurity issues including architectures, firewalls, electronic data traffic, and network access. Provide guidance for defining and reviewing security implementation across key areas such as:Developed Flexible Secure Network Environments Layered Network… Show more Design, tests, implement state-of-the-are secure operating systems, networks, and database products. Conducts risk assessment and provide recommendations for application design. Provide guidance on a wide range ofsecurity issues including architectures, firewalls, electronic data traffic, and network access. Provide guidance for defining and reviewing security implementation across key areas such as:Developed Flexible Secure Network Environments Layered Network Security Architectures Mobile Device / Data Protection Assured Identity (AI)Focused on implementing consistent Security Controls throughout Business and Program Lifecycles Enhanced User Awareness (Security and Privacy) Business Process Security (Export Controls) Log Monitoring, Hard Drive Retention Standards, Data Execution Prevention, and CEWL (Critical Environment Watch List)Enhanced the Maturity Models of Security for Existing Environments Environment Vulnerability Scanning (Web, Database, and OS) BA SPOC Audit/ComplianceImproved Information Assurance (IA) and Operation Processes LM Smart Badge Certificates and USG Customer Application Access (PKI, Federated Trust Certificates, and Email Encryption)Developed strong partnerships with internal and external customers Strengthen Relationships between Security and Business Functions Improve Security Awareness with DOD/DIB Partners, and external suppliers Information Security vendor assessment specialist Show less