Information System Security Engineer

MIT Lincoln Laboratory

  • Lexington, MA
  • Permanent
  • Full-time
  • 16 days ago
The Security Services Department's overall mission is to identify and counter security threats to the MIT Lincoln Laboratory's mission of development of game-changing technology in support of National Security, including guarding against compromise by foreign intelligence agencies and insider threats. To accomplish this mission, this department formulates and implements policies, plans, and actions designed to protect facilities against threats of vandalism, accidental destruction, and sabotage; and safeguards personnel, classified and unclassified information systems, personal identifiable information, property, and other assets from exploitation and recruitment by foreign intelligence agencies.We foster a culture where security professionals are empowered to solve complex security problems in close collaboration with Laboratory research teams and Government counterparts. Our people are our most important resource, and we encourage a casual and flexible opportunity-filled working environment that is technology-focused. Where mission needs can be met, the Security Services Department encourages flexible schedules and hybrid remote work arrangements.**This position is based in Massachusetts. While a hybrid work schedule is available, any remote work must be performed from within Massachusetts. This role is not eligible for out-of-state work arrangements.Who are we?MIT Lincoln Laboratory is a Federally Funded Research and Development Center (FFRDC) whose mission is research in support of National Security.
  • Mission - The Security Services Department's (SSD) overall mission is to identify and counter security threats to the MIT Lincoln Laboratory's mission of development of game-changing technology in support of national security, including guarding against compromise by foreign intelligence agencies and insider threats.
  • Culture - We foster an inclusive, opportunity-filled environment of empowered team members from diverse backgrounds.
What will you do?
  • Assist in the security design and configuration of classified systems and networks in a variety of traditional and virtual environments including Linux, Mac, and Windows.
  • Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.
  • Integrate, test, and configure Free and Open Software (FOSS), Commercial-off-the-Shelf (COTS), Government-off-the-Shelf (GOTS), and custom software
  • Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels or transfer of information through Cross Domain Solutions (CDS). Provide security direction to design and development teams, monitor progress and productivity through planning and the use of metrics
  • Assist in developing System Security Plans (SSPs) and associated artifacts such as network diagrams, architectural plans, operating system baselines, and standardized configurations
  • Provide input and direction within DevSecOps programs from application security testing toolset selection (SAST, DAST, dependency analysis) to application security assessments.
  • Apply Protected Distribution System (PDS) requirements and TEMPEST concepts to existing and planned infrastructure.
  • Lead efforts focused on Cloud and Cross Domain Solution technologies
  • Analyze network, system, and application vulnerability scanning, configuration assessment, and remediation for improvements to strategies.
  • Act as Laboratory information security representative to multiple DOD Agencies
  • Lead efforts to prepare for technical parts of periodic organization compliance assessments
  • Perform information security policy gap analysis and formulate corrective actions.
  • Create/update technical policies for configurations for security relevant applications defining organizational mission requirements
  • Assist ISSM team as needed with compliance audits, system authorization, sanitization, and incident response.
  • Assist Information Security Management in performing oversight of information security operations for Collateral systems.
How will you grow?You will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, thrive and belong.
  • Leadership: Room to advance on your team or to lead cross-functional projects.
  • Growth Opportunities: Potential for lateral and vertical movement.
  • Education/Training: Management training, mentorship, in-house and external courses.
  • Exposure: Engagement with sponsors, stakeholders, Laboratory leadership and other Departments and Divisions.
  • Community: Participation is encouraged for Laboratory social events, Employee Resource Groups (ERGs), clubs and study groups, volunteering and community service projects.
What you need/Requirements:To work with MITLL, all employees must meet certain basic requirements.
  • The ability to obtain and maintain a Top-Secret/SCI clearance.
  • Must be a U.S. Citizen.
  • A minimum of 6 years of IT security experience in DoD Industrial Security is required
  • BS degree in Computer Science, Information Technology, Computer Information Systems, or related discipline is required.
  • Technical experience and skills, course work completed toward a degree, and industry IT certifications may be considered substitutes for education and DoD security experience.
  • Active knowledge of NISPOM, DAAPM, DISA Policy STIGs, and NIST RMF is required
  • Technical skills in securing multiple traditional and virtual systems including Windows Server 2016 and 2019, Windows 10, Red Hat Enterprise Linux, Ubuntu, Mac, etc.
  • Experience with Cloud and Cross Domain Solution technologies
  • Experience developing and integrating Video teleconferencing, VOIP, firewalls, and VPN equipment
  • Experience developing and integrating Data Loss Prevention strategies utilizing Endpoint Security solutions
  • Demonstrated capabilities in presenting ideas written and orally within a cross-functional environment required
  • Must stay current with emerging technologies
Ideally, you will have:The Laboratory values experiences from diverse backgrounds and occupations. The most successful candidates will have the following skills and qualifications.
  • Leadership skills relevant to this experience
  • Possess a DoD 8570.01-M IASAE Level II baseline certification, ISC2 CISSP
  • Experience and skill developing and integrating various sized network environments, to include various network infrastructure products such as routers and switches is desired
  • Prior experience working in a collaborative team environment
  • Prior experience working with classified government network
At MIT Lincoln Laboratory, our exceptional career opportunities include many outstanding benefits to help you stay healthy, feel supported, and enjoy a fulfilling work-life balance.Benefits offered to employees include:
  • Comprehensive health, dental, and vision plans
  • MIT-funded pension
  • Matching 401K
  • Paid leave (including vacation, sick, parental, military, etc.)
  • Tuition reimbursement and continuing education programs
  • Mentorship programs
  • A range of work-life balance options
  • ... and much more!
Please visit our Benefits page for more information. As an employee of MIT, you can also take advantage of other voluntary benefits, discounts, and perks.
Selected candidate will be subject to a pre-employment background investigation and must be able to obtain and maintain a Secret-level DoD security clearance.
MIT Lincoln Laboratory is an Equal Employment Opportunity (EEO) employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability status, or genetic information; U.S. citizenship is required.Requisition ID: 42226#LI-JL1

MIT Lincoln Laboratory