Information Systems Security Manager_

Lexington

The Security Services Department’s overall mission is to identify and counter security threats to the MIT Lincoln Laboratory’s mission of development of game-changing technology in support of National Security, including guarding against compromise by foreign intelligence agencies and insider threats. To accomplish this mission, this department formulates and implements policies, plans, and actions designed to protect facilities against threats of vandalism, accidental destruction, and sabotage; and safeguards personnel, classified and unclassified information systems, personal identifiable information, property, and other assets from exploitation and recruitment by foreign intelligence agencies.

We foster a diverse and inclusive culture where security professionals from a wide range of backgrounds are empowered to solve complex security problems in close collaboration with Laboratory research teams and Government counterparts. Our people are our most important resource, and we encourage a casual and flexible opportunity-filled working environment that is technology-focused. Where mission needs can be met, the Security Services Department encourages flexible schedules and hybrid remote work arrangements.

Who are we?

MIT Lincoln Laboratory is a Federally Funded Research and Development Center (FFRDC) whose mission is research in support of National Security. * Mission - The Security Services Department’s (SSD) overall mission is to identify and counter security threats to the MIT Lincoln Laboratory’s mission of development of game-changing technology in support of national security, including guarding against compromise by foreign intelligence agencies and insider threats. * Culture – We foster an inclusive, opportunity-filled environment of empowered team members from diverse backgrounds.

What will you do?

Be responsible for maintaining the overall system security posture of several MIT Lincoln Laboratory programs, as well as the implementation of the DoD Risk Management Framework (RMF) within assigned areas of responsibility.

+ Oversee the cybersecurity program, to include policies and procedures for assigned areas of responsibility.

+ Develop and maintain System Security Plans (SSP) and associated artifacts such as the Plan of Action & Milestones (POA&M), Risk Assessment Report, and Continuous Monitoring Strategy.

+ Conduct security-focused configuration management activities for classified systems and networks in a variety of traditional, virtual, and cloud-based environments.

+ Ensure system information is protected while operated, maintained, and disposed of in accordance with organization security policies and procedures.

+ Ensure measures are taken to report, respond, and remediate security incidents and spillages.

+ Advise system owners of current cybersecurity policies and concepts when designing, procuring, adopting, and developing systems throughout the system life cycle.

+ Ensure audit records are collected and analyzed in accordance with the SSP.

+ Lead efforts to conduct network, system, and application vulnerability scanning, configuration assessment, risk assessment, continuous monitoring, and remediation.

+ Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures.

+ Implement an effective IS security education, training, and awareness program, to include providing training.

+ Lead efforts to prepare for and participate in periodic organization compliance assessments.

+ Provide account management oversight, and ensure related documentation is complete and updated.

+ Serve as a voting member of the Configuration Control Board (CCB).

+ Manage the daily workload and operations of ISSOs in area of responsibility.

How will you grow?

You will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, thrive and belong.

+ Leadership: Room to advance on your team or to lead cross-functional projects.

+ Growth Opportunities: Potential for lateral and vertical movement.

+ Education/Training: Management training, mentorship, in-house and external courses.

+ Exposure: Engagement with sponsors, stakeholders, Laboratory leadership and other Departments and Divisions.

+ Community: Participation is encouraged for Laboratory social events, Employee Resource Groups (ERGs), clubs and study groups, volunteering and community service projects.

What you need/Requirements?

To work with MITLL, all employees must meet certain basic requirements.

+ TS/SCI clearance.

+ **A minimum of 8 years of IT security experience in DoD Industrial Security is required, leadership skills relevant to this experience preferred.

+ **BS degree in Computer Science, Information Technology, Computer Information Systems, or related discipline is required.

+ Technical experience and skills, course work completed toward a degree, and industry IT certifications may be considered substitutes for education and DoD security experience.

+ Active knowledge of NISPOM, DAAPM, DISA Policy STIGs, and NIST RMF is required.

+ Demonstrated experience with vulnerability scanning and auditing tools and associated administrative processes.

+ Excellent written and verbal communication skills.

Ideally, you will have:

The Laboratory values experiences from diverse backgrounds and occupations. The most successful candidates will have the following skills and qualifications.

+ Possess a DoD 8570.01-M IAM Level II or III baseline certification, ISC2 CISSP preferred.

+ Technical experience securing multiple traditional and virtual systems including Windows Server 2016 and 2019, Windows 10, Red Hat Enterprise Linux, Ubuntu, Mac, etc. utilizing DISA STIGs and/or SRGs.

+ Experience and skills with virtualization, container, and cloud technologies.

+ Prior experience working in a collaborative team environment.

+ Prior experience working with classified government networks.

At MIT Lincoln Laboratory, our exceptional career opportunities include many outstanding benefits to help you stay healthy, feel supported, and enjoy a fulfilling work-life balance. Benefits offered to employees include: • Comprehensive health, dental, and vision plans • MIT-funded pension • Matching 401K • Paid leave (including vacation, sick, parental, military, etc.) • Tuition reimbursement and continuing education programs • Mentorship programs • A range of work-life balance options • ... and much more!

Please visit our Benefits page for more information. As an employee of MIT, you can also take advantage of other voluntary benefits, discounts, and perks. Selected candidate will be subject to a pre-employment background investigation and must be able to obtain and maintain a Secret-level DoD security clearance. MIT Lincoln Laboratory is an Equal Employment Opportunity (EEO) employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability status, or genetic information; U.S. citizenship is required.

Requisition ID: [[id]] #CJ