hero

Find your next cybersecurity opportunity

238
companies
234
Jobs

Deputy Chief Information Security Officer

MIT Lincoln Laboratory

MIT Lincoln Laboratory

IT
Lexington, MA, USA
Posted on Tuesday, July 2, 2024

The Security Services Department’s overall mission is to identify and counter security threats to the MIT Lincoln Laboratory’s mission of development of game-changing technology in support of National Security, including guarding against compromise by foreign intelligence agencies and insider threats. To accomplish this mission, this department formulates and implements policies, plans, and actions designed to protect facilities against threats of vandalism, accidental destruction, and sabotage; and safeguards personnel, classified and unclassified information systems, personal identifiable information, property, and other assets from exploitation and recruitment by foreign intelligence agencies.

We foster a diverse and inclusive culture where security professionals from a wide range of backgrounds are empowered to solve complex security problems in close collaboration with Laboratory research teams and Government counterparts. Our people are our most important resource, and we encourage a casual and flexible opportunity-filled working environment that is technology-focused. Where mission needs can be met, the Security Services Department encourages flexible schedules and hybrid remote work arrangements.

Who are we?

MIT Lincoln Laboratory is a Federally Funded Research and Development Center (FFRDC) whose mission is research in support of National Security.
Mission - The Security Services Department’s (SSD) overall mission is to identify and counter security threats to the MIT Lincoln Laboratory’s mission of development of game-changing technology in support of national security, including guarding against compromise by foreign intelligence agencies and insider threats.
Culture – We foster a diverse and inclusive culture where security professionals from a wide range of backgrounds are empowered to solve complex security problems in close collaboration with Laboratory research teams and Government counterparts. Our people are our most important resource, and we encourage a casual and flexible opportunity-filled working environment that is technology-focused. Where mission needs can be met, the Security Services Department encourages flexible schedules and hybrid remote work arrangements.

What will you do?

We are seeking a dynamic and experienced cybersecurity professional to join us as Deputy Chief Information Security Officer (DCISO). This position requires a strategic thinker with a strong technical background, exceptional leadership skills, and a deep understanding of the evolving cybersecurity landscape.


The DCISO reports to the Chief Information Security Officer (CISO) and is instrumental in helping to shape and execute our cybersecurity vision. You will assist in overseeing and managing the Laboratory’s Cybersecurity program and play a critical role in the development and operational implementation of cybersecurity strategies, policies, processes and procedures to protect Laboratory assets. The position requires a deep understanding of all aspects of cybersecurity operations, risk management and regulatory compliance measures within the Defense Industry, involving the protection of both Classified and Controlled Unclassified Information (CUI). This is an exciting opportunity for a strategic leader with a passion for cybersecurity to make a significant impact in a rapidly evolving technological environment in support of National Security.

What will you do continued:

Key Responsibilities Include:

  • Assist the CISO in leading a large team of intra-departmental cybersecurity professionals, providing guidance, strategic direction and risk management oversight.
  • Serve as a key advisor to the CISO regarding cybersecurity matters
  • Help foster a culture of security awareness and compliance across the organization.
  • Ensure compliance with industry regulations, standards, and best practices, including FAR, DFARS, NIST, FISMA, and other relevant security requirements.
  • Develop cybersecurity risk management strategies to ensure appropriate mitigation efforts are implemented in a timely manner.
  • Maintain documentation and reporting to support compliance efforts.
  • Collaborate and partner with key Laboratory stakeholders, to include executive, research and operations department leadership, IT practitioners, legal counsel, and other operations personnel, to ensure appropriate teaming and a holistic approach to cybersecurity matters in support the Laboratory’s mission.
  • Communicate cybersecurity policies, procedures and events to employees and stakeholders effectively.
  • Oversee the development and maintenance of incident response plans and procedures.
  • Coordinate cyber incident investigations and responses to security incidents, breaches, and other threats.
  • Ensure timely and effective communication of security incidents to all relevant stakeholders.
  • Collaborate with product and development teams to integrate security into the design and development process.
  • Participate in developing, implementing, and maintaining a comprehensive cybersecurity strategy, based on government and Laboratory strategic directions.
  • Participate in the creation of cybersecurity policies, standards, and procedures to protect sensitive data and ensure compliance with regulatory requirements.
  • Ensure the appropriate execution of Laboratory-wide cybersecurity risk management processes to identify vulnerabilities and develop mitigation strategies.
  • Represent the organization in both internal external forums, committees, industry groups, and government regulatory bodies as needed.
  • Support enterprise digital business transformation efforts by ensuring proper cybersecurity business process documentation.
  • Manage the cybersecurity budget, ensuring optimal allocation of resources to support security initiatives.
  • Implement and oversee governance processes to ensure consistent application of security policies and standards across the organization

How will you grow?

You will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, thrive and belong.
* Leadership: Room to advance on your team or to lead cross-functional projects.
* Growth Opportunities: Potential for lateral and vertical movement.
* Education/Training: Management training, mentorship, in-house and external courses.
* Exposure: Engagement with sponsors, stakeholders, Laboratory leadership and other Departments and Divisions.
* Community: Participation is encouraged for Laboratory social events, Employee Resource Groups (ERGs), clubs and study groups, volunteering and community service projects.

What you need/ Requirements:

To work with MITLL, all employees must meet certain basic requirements.

  • Minimum of seven (5) years’ cybersecurity leadership and supervisory experience in a government or regulated industry environment, with demonstrated security process maturity outcomes.
  • Bachelor's degree in Computer Science, Information Technology, Computer Information Systems, or related discipline required with a minimum of ten (10) years’ experience working in the Cybersecurity field.
  • A demonstrated working knowledge and technical application of government regulatory requirements, and cybersecurity frameworks, to include: National Institute of Standards and Technology (NIST) Special Publications, Defense Federal Accusation Regulation Supplement (DFARS), National Industrial Security Program (NISP), Cybersecurity Maturity Model Certification (CMMC), Defense Assessment and Authorization Program Manual (DAAPM) and Joint Special Access Program (SAP) Implementation Guide (JSIG).
  • Demonstrated execution of cybersecurity operations principles, to include: Leadership, incident response, risk management, strategy development, staff development, education and training, policy development.
  • Demonstrated capabilities in leading cross-functional teams and presenting ideas written and orally within a collaborative team environment is required.
  • Possess strong organizational skills and the ability to work and establish priorities under pressure in a self-directed, multi-tasking, fast-paced work environment.
  • Relevant DoD 8140 (8570) IAM III baseline certifications such as CISSP, CISM, or CISA are preferred.
  • Proven track record of developing and implementing cybersecurity strategies and managing security incidents.
  • Excellent leadership, communication, and interpersonal skills.
  • Must be a U.S. Citizen.
  • Selected candidate will be subject to a pre-employment background investigation and must be able to obtain and maintain a Top Secret level DoD security clearance with compartmented program eligibility.

Ideally, you will have:

The Laboratory values experiences from diverse backgrounds and occupations. The most successful candidates will have a wide range of skills and qualifications.

  • Regulatory compliance experience: A demonstrated working knowledge and application of government regulations, policies and procedures to include: Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012, NIST Special Publication 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations, NIST Special Publication 800-171 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations, Federal Information Security Modernization Act (FISMA), International Organization for Standardization (ISO) Standards, Control Objectives for Information and Related Technologies (COBIT), DoD SAP/SCI Community and Intelligence Community directives and manuals, NISPOM 32 CFR Part 117, applicable ICDs, etc.).
  • Valued competencies: Interpersonal, organizational, written and verbal communication skills.
  • Technical skills: Demonstrated understanding and execution of Cloud and Network Security Concepts, Zero Trust, Data Loss Prevention (DLP), Forensics and Malware Analysis, Business Continuity and Disaster Recovery (BC/DR), Penetration Testing, DevSecOps, Security Architecture, Vulnerability Management, Threat Intelligence, Network Segmentation.
  • Flexibility: Comfortable responding to off-hours emergencies and local/overnight travel as needed (infrequent, but a possibility).
  • DoD or Industrial Security Leadership experience, to include within Special Access and Sensitive Compartmented Information Programs.

At MIT Lincoln Laboratory, our exceptional career opportunities include many outstanding benefits to help you stay healthy, feel supported, and enjoy a fulfilling work-life balance. Benefits offered to employees include:

  • Comprehensive health, dental, and vision plans
  • MIT-funded pension
  • Matching 401K
  • Paid leave (including vacation, sick, parental, military, etc.)
  • Tuition reimbursement and continuing education programs
  • Mentorship programs
  • A range of work-life balance options
  • ... and much more!

Please visit our Benefits page for more information. As an employee of MIT, you can also take advantage of other voluntary benefits, discounts and perks.

Selected candidate will be subject to a pre-employment background investigation and must be able to obtain and maintain a Secret level DoD security clearance.

MIT Lincoln Laboratory is an Equal Employment Opportunity (EEO) employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability status, or genetic information; U.S. citizenship is required.

Requisition ID: 41228