Information System Security Engineer

MIT Lincoln Laboratory is a Federally Funded Research and Development Center (FFRDC) whose mission is research in support of National Security.
* Mission - The Security Services Department's (SSD) overall mission is to identify and counter security threats to the MIT Lincoln Laboratory's mission of development of game-changing technology in support of national security, including guarding against compromise by foreign intelligence agencies and insider threats.
* Culture - We foster an inclusive, opportunity-filled environment of empowered team members from diverse backgrounds.

* Assist in the security design and configuration of classified systems and networks in a variety of traditional and virtual environments including Linux, Mac, and Windows.
* Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.
* Integrate, test, and configure Free and Open Software (FOSS), Commercial-off-the-Shelf (COTS), Government-off-the-Shelf (GOTS), and custom software
* Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels or transfer of information through Cross Domain Solutions (CDS). Provide security direction to design and development teams, monitor progress and productivity through planning and the use of metrics
* Assist in developing System Security Plans (SSPs) and associated artifacts such as network diagrams, architectural plans, operating system baselines, and standardized configurations
* Provide input and direction within DevSecOps programs from application security testing toolset selection (SAST, DAST, dependency analysis) to application security assessments.
* Apply Protected Distribution System (PDS) requirements and TEMPEST concepts to existing and planned infrastructure.
* Lead efforts focused on Cloud and Cross Domain Solution technologies
* Analyze network, system, and application vulnerability scanning, configuration assessment, and remediation for improvements to strategies.
* Act as Laboratory information security representative to multiple DOD Agencies
* Lead efforts to prepare for technical parts of periodic organization compliance assessments
* Perform information security policy gap analysis and formulate corrective actions.
* Create/update technical policies for configurations for security relevant applications defining organizational mission requirements
* Assist ISSM team as needed with compliance audits, system authorization, sanitization, and incident response.
* Assist Information Security Management in performing oversight of information security operations for Collateral systems.

You will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, thrive and belong.
* Leadership: Room to advance on your team or to lead cross-functional projects.
* Growth Opportunities: Potential for lateral and vertical movement.
* Education/Training: Management training, mentorship, in-house and external courses.
* Exposure: Engagement with sponsors, stakeholders, Laboratory leadership and other Departments and Divisions.
* Community: Participation is encouraged for Laboratory social events, Employee Resource Groups (ERGs), clubs and study groups, volunteering and community service projects.

To work with MITLL, all employees must meet certain basic requirements.

* The ability to obtain and maintain a Top-Secret/SCI clearance.
* Must be a U.S. Citizen.
* A minimum of 6 years of IT security experience in DoD Industrial Security is required
* BS degree in Computer Science, Information Technology, Computer Information Systems, or related discipline is required.
* Technical experience and skills, course work completed toward a degree, and industry IT certifications may be considered substitutes for education and DoD security experience.
* Active knowledge of NISPOM, DAAPM, DISA Policy STIGs, and NIST RMF is required
* Technical skills in securing multiple traditional and virtual systems including Windows Server 2016 and 2019, Windows 10, Red Hat Enterprise Linux, Ubuntu, Mac, etc.
* Experience with Cloud and Cross Domain Solution technologies
* Experience developing and integrating Video teleconferencing, VOIP, firewalls, and VPN equipment
* Experience developing and integrating Data Loss Prevention strategies utilizing Endpoint Security solutions
* Demonstrated capabilities in presenting ideas written and orally within a cross-functional environment required
* Must stay current with emerging technologies

The Laboratory values experiences from diverse backgrounds and occupations. The most successful candidates will have the following skills and qualifications.

* Leadership skills relevant to this experience
* Possess a DoD 8570.01-M IASAE Level II baseline certification, ISC2 CISSP
* Experience and skill developing and integrating various sized network environments, to include various network infrastructure products such as routers and switches is desired
* Prior experience working in a collaborative team environment
* Prior experience working with classified government network