People of Lockheed Martin: Meet Cyber Experts

Name: Tom

Years at Lockheed Martin: 25

Current Position: Fellow of Cyber Security

Day-to-day Responsibilities: Deputy Technical Director for the National Cyber Range.

What advice would you give students coming out of college today who are interested in cyber careers?
Keep these discriminators in mind:
What cyber coursework have you taken? The more the better – Intro to cyber; Forensics; Network Security; Encryption; etc.
Are you involved in cyber clubs or activities such as Hack@UCF, capture the flag events, attending cyber conferences? If not, be sure to start.
Did you get any certifications while in school such as Security+, Linux+, CCNA, etc? Again, the more the better.

What inspired you to choose the cyber field?
I saw cyber as “the next big thing” back in the mid-2000s. It was fresh and exciting, and great place to learn. It was a great time to get ahead and become an expert in an area that really had no experts yet. It was a natural extension of what I already was involved with such as computers and networks so it made sense to pivot at that time. And I’ve never looked back. 

Can you tell us about your journey to becoming a cyber professional?
I started as a network engineer back in the late 90s. “Cyber” was mainly first born out of protecting the perimeter so it became a network responsibility and the term network security was born. From there it grew into computers and software and then the whole system now has to be ‘cyber aware.’ Being cyber aware is understanding what threats are around you and taking the right steps to prevent them. So, it was an evolution over 10+ years before any of us realized we became cyber engineers.

How have the certifications you’ve obtained help shape your career?
For my position, I had to get my Certified Information Systems Security Professional (CISSP) certification and that helped focus my direction into cyber architectures.

Are there any cyber-related activities that you participate in outside of work?
Yes. I volunteer for the (ISC)2 Central Florida Chapter which is a cyber professional society. We meet monthly and offer the community topics and training to keep everyone aware of current trends and technologies. I also volunteer for the Center for Cyber Safety and Education. Their mission is to mainly teach school children about online and personal cyber safety. Last year we taught over 6,500 fourth graders in the central Florida area for Cyber Safety Day Orlando!

Name: Sharif, PhD

Years at Lockheed Martin: Almost 20

Current Position: Cyber Test Exploitation Sr Manager

Day-to-day Responsibilities: Managing a bright and highly technical advanced team, which conducts cyber exploitation and testing via emulating the cyber adversary. Our scope of work includes the Lockheed Martin enterprise, the Department of Defense (DoD) National Cyber Range, and working side-by-side with several DoD Red Teams on many of the DoD products we produce such as F-35.

What advice would you give students coming out of college today who are interested in cyber careers?
Cyber has many unique areas to dive into. Try to take a stab at what area you think you may want to try and prepare yourself by having the right technical foundation and researching the focus area. If you jump into cyber and do not particularly like what you are doing, try another slice of the pie. Policy/governance, incidents response and defense, testing, engineering, architecture, access controls, vulnerability analysis, forensics, and many more.

What inspired you to choose the cyber field?
It really boils down to knowing what a computing device is supposed to do and what it can actually do. Being a computer nerd since I was 10, I was fascinated first by how technology communicated. I dove into how computers communicated and what sorts of things they can do over a network. This led me to figuring out how could I make the computer communicate in ways they were not supposed to. Eventually, this extended into other areas such as operating systems, applications, bulletin board systems, etc. The rest is history.  

Can you tell us about your journey to becoming a cyber professional?
I started working in cyber before that was even a used term. One of my first assignments was conducting some of the first vulnerability scans across Lockheed Martin. I was fascinated at just how easy it was to manipulate a computing device causing it to perform tasks not intended. This led to the creation of the security testing team (eventually Red Team) in subsequent years.

How have the certifications you’ve obtained help shape your career?
There really were not many cyber related certifications when I was first working computer security. I did take the Certified Ethical Hacker (CEH) certification in 2005 and it further confirmed my interest in cyber exploitation and testing.

Are there any cyber related activities that you participate in outside of work?
Any STEM-related activity that helps draw interest into the next generation of cyber professionals. As a University of Central Florida alumnus (I received two of my degrees from UCF), I have participated/presented on cyber related activities at UCF. I’ve also worked with the university on possible LM/UCF cyber opportunities.  

Name: Jose

Years at Lockheed Martin: 12

Current Position: Cyber Architect Manager

Day-to-day Responsibilities: Performing threat/risk assessments, reviewing cyber requirements, architecture and design; standing up software assurance/DevSecOps practices in the software development pipelines.

What advice would you give students coming out of college today who are interested in cyber careers?
Never lose your passion for learning. This is true for many professions, but especially so in cyber security. Whether you get into forensics, enterprise security, data analytics, penetration testing or any of the other many cyber professions, only knowing your role limits what you are capable of. You should always strive to expand your knowledge and ability, and it will almost certainly impact your future in a very positive way.

What inspired you to choose the cyber field?
The vast depth of highly technical knowledge to learn, the challenging and increasingly clever competitions, the welcoming and supportiveness of the security community, and the impact this knowledge was having on my job were more than enough reasons for me.

Can you tell us about your journey to becoming a cyber professional?
In 2012, I was asked to introduce a network to a legacy system that had not previously had cyber requirements. It was obvious that doing this would have cyber impacts, but I knew I would need to learn cybersecurity in order to ensure I was protecting the system adequately. I took a class, which led to several more, and I spent a ton of time researching and experimenting after work and on weekends.  

How have the certifications you’ve obtained help shape your career?
I’ve pursued five certifications now, and none have really changed my course. I developed a passion for cybersecurity and have had anti-tamper assignments. The two build off the same foundational knowledge and there is a good amount of overlap. The difference is really in the focus and intent.

Are there any Cyber related activities that you participate in outside of work?
I am a staff member for Bsides Orlando, member of the Orlando chapter of (ISC)2, and frequently attend DC407 and CitrusSec. I still enjoy doing boxes on hack the box (HTB), or random capture the flag (CTF) from time to time when I can make time.

Are you interested in joining the Lockheed Martin Cyber team? If so, a career at Lockheed Martin might be for you.