Find your next cybersecurity opportunity


Information System Security Manager

MIT Lincoln Laboratory

MIT Lincoln Laboratory

Lexington, MA, USA
Posted on Tuesday, August 22, 2023

The Security Services Department’s overall mission is to identify and counter security threats to the MIT Lincoln Laboratory’s mission of development of game-changing technology in support of National Security, including guarding against compromise by foreign intelligence agencies and insider threats. To accomplish this mission, this department formulates and implements policies, plans, and actions designed to protect facilities against threats of vandalism, accidental destruction, and sabotage; and safeguards personnel, classified and unclassified information systems, personal identifiable information, property, and other assets from exploitation and recruitment by foreign intelligence agencies.

We foster a diverse and inclusive culture where security professionals from a wide range of backgrounds are empowered to solve complex security problems in close collaboration with Laboratory research teams and Government counterparts. Our people are our most important resource, and we encourage a casual and flexible opportunity-filled working environment that is technology-focused. Where mission needs can be met, the Security Services Department encourages flexible schedules and hybrid remote work arrangements.

Who are we?

MIT Lincoln Laboratory is a Federally Funded Research and Development Center (FFRDC) whose mission is research in support of National Security.
* Mission - The Security Services Department’s (SSD) overall mission is to identify and counter security threats to the MIT Lincoln Laboratory’s mission of development of game-changing technology in support of national security, including guarding against compromise by foreign intelligence agencies and insider threats.
* Culture – We foster an inclusive, opportunity-filled environment of empowered team members from diverse backgrounds.

What will you do?

* Supervise a team of Information System Security Officers (ISSOs). Provide leadership, mentoring, guidance, training, and primary supervisory support.
* Develop System Security Plans (SSP), associated Body of Evidence (BoE) documentation, and ensure systems are built, operated, maintained, and sanitized in accordance with approved policy.
* Implement technical, operational and managerial security controls, and is directly responsible for the cybersecurity of assigned programs, systems and enclaves.
* Execute in-depth computer security principles and practices in order to execute a comprehensive information security program servicing a diverse enterprise environment of ESXi, Linux, and Windows systems.
* Execute of security vulnerability assessments and ensure action is taken to address vulnerabilities and Plans of Action and Milestones (POA&Ms) in a timely manner, meeting both internal governance and external sponsor requirements.
* Establish and oversee Configuration Management and Continuous Monitoring policies and procedures are established, approved, and maintained.
* Monitor and directly manage the application of security principles and policies, to include the Risk Management Framework (RMF); Joint Special Access Program (SAP) Implementation Guide (JSIG); Intelligence Community Directive 503 (ICD-503); and Security Technical Implementation Guides (STIGs)
* Provide information systems security support to several independent MIT Lincoln Laboratory programs.
* Assist in the security configuration and management of Special Programs classified systems and networks in a variety of traditional and virtual environments including Linux, Unix, Sun, Mac, and Windows.
* Report on key cybersecurity metrics related to overall health of your assigned information systems and strength of your implemented security controls.
* Interface with the Program Manager, SCA, PSO, and DAO, as needed, to ensure your team is providing exceptional cybersecurity support to MIT LL research initiatives.
* Lead and participate in government inspection preparation, execution, and post-inspection action items. Assist in building and maintaining a Corrective Action Plan to capture and communicate MIT LL’s progress on required follow-on actions.
* ISSMs are expected to achieve a passing score on government inspections in order to maintain MIT LL’s ability to conduct mission-critical research.

How will you grow?

You will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, thrive and belong.
* Leadership: Room to advance on your team or to lead cross-functional projects.
* Growth Opportunities: Potential for lateral and vertical movement.
* Education/Training: Management training, mentorship, in-house and external courses.
* Exposure: Engagement with sponsors, stakeholders, Laboratory leadership and other Departments and Divisions.
* Community: Participation is encouraged for Laboratory social events, Employee Resource Groups (ERGs), clubs and study groups, volunteering and community service projects.

What you need/Requirements:

To work with MITLL, applicants for this role must meet certain basic requirements.
* A Top-Secret clearance with SCI.
* Must be a U.S. Citizen.
* Successfully pass a background check and consent to undergoing a government polygraph examination.
* Bachelor's degree in Computer Science, Information Technology, Computer Information Systems, Cybersecurity or related discipline is required.
* A minimum of six (6) years of experience working in the Cybersecurity field, preferably within Special Access and Sensitive Compartmented Information Programs. Technical experience and skills, course work completed toward a degree, and industry IT certifications may be considered substitutes for education requirements
* Possess a DoD 8570.01-M IAM III baseline certification within six (6) months of hire, CISSP or CISM preferred.
* Demonstrated working of the JSIG, DISA Policy STIGs, and NIST RMF is required. Familiarity of information security risk management principles is required.
* Technical experience and skills in securing multiple operating systems such as Windows Server and clients, RedHat Linux, and virtualization technologies.
* Strong knowledge of network environments and various network infrastructure products such as routers and switches, Firewall/VPN equipment and Data Loss Prevention strategies utilizing Endpoint Security solutions.
* Demonstrated capabilities in leading cross-functional teams and presenting ideas written and orally within a collaborative team environment is required.
* Experience with virtualization technologies is preferred.
* Technical experience securing networks and systems utilizing DISA STIGs and/or SRGs is highly desired.
* Demonstrated experience with vulnerability scanning and auditing tools and processes is required.
* Possess strong organizational skills and the ability to work and establish priorities under pressure in a self-directed, multi-tasking, fast-paced work environment.
* Excellent written and verbal communication skills are required.

Ideally, you will have

The Laboratory values experiences from diverse backgrounds and occupations. The most successful candidates will have the following skills and qualifications.
* Previous supervisory experience (1-5 people).
* Strong aptitude for leadership of people and effective management of projects.
* Strong interpersonal skills and be able to manage stress in a professional manner.
* Strong technical skills and be able to respond to off-hours emergencies.
* Position requires occasional local and overnight travel.

For Benefits Information, click http://hrweb.mit.edu/benefits

Selected candidate will be subject to a pre-employment background investigation and must be able to obtain and maintain a Secret level DoD security clearance.

To safeguard our health and well-being, MIT Lincoln Laboratory requires COVID-19 vaccination for all employees. Individuals may request exemption from the vaccine requirement for medical or religious reason.

MIT Lincoln Laboratory is an Equal Employment Opportunity (EEO) employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability status, or genetic information; U.S. citizenship is required.

Requisition ID 40384 #CJ