Information Systems Security Engineer III; MIT Lincoln Laboratory; Lexington, MA
Posted by David Gentes on March 13, 2018
To apply to this job, contact David Gentes.
MIT Lincoln Laboratory is a Federally Funded Research and Development Center operated by MIT for the Department of Defense and other government agencies. The organization has received Superior Security Ratings for 10 consecutive years and is known as a leader in technology and security. Employees receive a generous benefits program including exceptional retirement and time off policies. Relocation assistance is provided.
The Information Systems Security Engineer (ISSE) – ITS Level III will provide specialized information security support to several independent Laboratory research groups and serve as the primary integrator working with a multitude of strategic cybersecurity projects and initiatives. The successful candidate will work independently and as a team member, and must be a quick learner, self-motivated, reliable, and able to balance multiple tasks simultaneously. Candidate must have strong interpersonal skills and be able to manage challenging situations in a professional manner. Candidate must possess an in-depth knowledge of information security principles and policies to include the Risk Management Framework (RMF) as presented by the National Institute of Standards and Technology (NIST), Joint Special Access Program (SAP) Implementation Guide (JSIG), Intelligence Community Directive 503 (ICD-503), and all applicable Security Technical Implementation Guides (STIGs). Candidate must have very strong technical skills and be able to respond to off-hours emergencies as needed. Position requires some local and overnight travel.
- Primary integrator for special programs cybersecurity initiatives and projects
- Analyze and offer solutions to technical challenges of core information security operations and processes across multiple sponsor classified operating environments
- Assist in the security design and configuration of classified systems and networks in a variety of traditional and virtual environments including Linux, Unix, Sun, Mac, and Windows.
- Integrate, test, and configure Free and Open Software (FOSS), Commercial-off-the-Shelf (COTS), Government-off-the-Shelf (GOTS), and custom software
- Conduct technical analysis and formulate solutions for complex infrastructure and integration challenges
- Provide security direction to design and development teams, monitor progress and productivity through the use of metrics
- Assist in developing System Security Plans (SSPs) and associated artifacts such as the Plan of Action & Milestones (POA&M), Risk Assessment Report, and Continuous Monitoring Strategy
- Apply Protected Distribution System (PDS) requirements and TEMPEST concepts to existing and planned infrastructure.
- Conduct network, system, and application vulnerability scanning, configuration assessment, and remediation.
- Perform information security policy gap analysis and formulate corrective actions.
- Assist ISSM team as needed with compliance audits, system authorization, sanitization, and incident response.
- Assist Information Security Manager in performing oversight of special programs information security operations
- Bachelor’s degree in Computer Science, Information Technology, Computer Information Systems, or relevant work experience or related field desired.
- A minimum of 10 years of IT security experience in DoD Industrial Security is strongly desired, preferably in a compartmented program environment.
- Technical experience and skills, course work completed toward a degree, and industry IT certifications may be considered substitutes for education and DoD security experience.
- Active participation and knowledge of Risk Management Framework (RMF), JSIG, ICD 503, NIST SP 800-53 and other associated NIST publications is desired
- Technical experience and skills in securing multiple operating systems such as Windows Server and clients, Linux, Solaris, and virtualization technologies.
- Experience and skill developing and integrating various sized network environments.
- Experience utilizing various network infrastructure products such as routers and switches.
- Experience developing and integrating Video teleconferencing and VOIP equipment.
- Experience configuring and integrating Firewall/VPN equipment.
- Experience developing and integrating Data Loss Prevention strategies utilizing Endpoint Security solutions.
- Ability to achieve DoD 8570 IAM Level III Baseline Certification within 6 months of appointment; preferably candidate possesses ISC2 CISSP.
- Demonstrated capabilities in presenting ideas written and orally within a cross-functional environment required.
- Prior experience working in a collaborative team environment desired.
- Prior experience working with classified government networks is desired.
- The successful candidate will be subject to pre-employment investigation and must meet all eligibility requirements for access to classified information.
- The ability to obtain and maintain a government (DoD) security clearance is required.
- Salary: Not provided
- Clearance Required: No
- Spouse Friendly: No