Cyber Security Manager
MIT Lincoln Laboratory - Lexington, MA
Apply NowJob Description
The Security Services Department's overall mission is to identify and counter security threats to the MIT Lincoln Laboratory's mission of development of game-changing technology in support of National Security, including guarding against compromise by foreign intelligence agencies and insider threats. To accomplish this mission, this department formulates and implements policies, plans, and actions designed to protect facilities against threats of vandalism, accidental destruction, and sabotage; and safeguards personnel, classified and unclassified information systems, personal identifiable information, property, and other assets from exploitation and recruitment by foreign intelligence agencies. We foster a diverse and inclusive culture where security professionals from a wide range of backgrounds are empowered to solve complex security problems in close collaboration with Laboratory research teams and Government counterparts. Our people are our most important resource, and we encourage a casual and flexible opportunity-filled working environment that is technology-focused. Where mission needs can be met, the Security Services Department encourages flexible schedules and hybrid remote work arrangements. Who are we? MIT Lincoln Laboratory is a Federally Funded Research and Development Center (FFRDC) whose mission is research in support of National Security. Mission - The Security Services Department's (SSD) overall mission is to identify and counter security threats to the MIT Lincoln Laboratory's mission of development of game-changing technology in support of national security, including guarding against compromise by foreign intelligence agencies and insider threats. Culture - We foster an inclusive, opportunity-filled environment of empowered team members from diverse backgrounds. What will you do? Provide leadership, management, and direction to ensure effective execution of the cybersecurity primary focal point and supervisor for a team of Information System Security Managers (ISSMs) and Information Systems Security Officers (ISSOs) assigned to the Security Services Department in support of the Laboratory's primary research sponsor. Responsible for closely monitoring and overseeing the application of security principles and policies, to include the Risk Management Framework (RMF) and managing a large portfolio of Laboratory Classified Collateral Information Systems in accordance with the National Industrial Security Program Operations Manual (NISPOM) and Defense Counterintelligence and Security Agency (DCSA) Defense Assessment and Authorization Manual (DAAPM). Monitor and oversee the development of System Security Plans (SSP) produced by the team, and ensure systems are operated, maintained, and disposed of appropriately. Accountable for the execution of security compliance audits and security vulnerability assessments on Laboratory and Government information systems, ensuring action is taken to address vulnerabilities and Plans of Action and Milestones (POA&Ms) in a timely manner, and meeting both internal governance and external sponsor requirements. Conducts prospective candidate screening and hiring actions, participates in personnel retention efforts for assigned staff, and conducts other supervisory duties as assigned including scheduling and conducting interviews and identifying opportunities for professional staff development. Additional responsibilities include confirming configuration management and continuous monitoring policies and procedures are established and maintained, and ensuring team members participate in an effective cybersecurity education, training and awareness program. How will you grow? You will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, thrive and belong. Leadership: Room to advance on your team or to lead cross-functional projects. Growth Opportunities: Potential for lateral and vertical movement. Education/Training: Management training, mentorship, in-house and external courses. Exposure: Engagement with sponsors, stakeholders, Laboratory leadership and other Departments and Divisions. Community: Participation is encouraged for Laboratory social events, Employee Resource Groups (ERGs), clubs and study groups, volunteering and community service projects. What you need/ Requirements: To work with MITLL, all employees must meet certain basic requirements. Bachelor's degree in Computer Science, Information Technology, Computer Information Systems, or related discipline required with a minimum of ten (10) years' experience working in the Cybersecurity field, preferably within Special Access and Sensitive Compartmented Information Programs. A minimum of seven (7) years' leadership and supervisory experience in a DoD or Industrial Security environment, with demonstrated security process maturity outcomes. A demonstrated working knowledge and technical experience with NISPOM and DAAPM is a requirement Possess strong organizational skills and the ability to work and establish priorities under pressure in a self-directed, multi-tasking, fast-paced work environment. Technical experience and skills in securing multiple operating systems such as Windows Server and clients, Linux, Solaris, and virtualization technologies. Strong knowledge of network environments and various network infrastructure products such as routers and switches, Firewall/VPN equipment and Data Loss Prevention strategies utilizing Endpoint Security solutions. Demonstrated capabilities in leading cross-functional teams and presenting ideas written and orally within a collaborative team environment is required. Technical experience and skills, course work completed toward a degree, and industry IT certifications may be considered substitutes for education requirements. Selected candidate will be subject to a pre-employment background investigation and must possess a current in scope Top Secret level security clearance with compartmented program eligibility. We are committed to fostering a diverse and inclusive workplace where everyone is valued and empowered. Ideally, you will have: The Laboratory values experiences from diverse backgrounds and occupations. The most successful candidates will have the following skills and qualifications. Ability to develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities. Ability to tailor technical and planning information to a customer's level of understanding. Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). Adept at nonlinear thinking in complex environments, with an ability to detect and respond to micro-transmissions in the market related to future technology, opportunities, and threats. At MIT Lincoln Laboratory, our exceptional career opportunities include many outstanding benefits to help you stay healthy, feel supported, and enjoy a fulfilling work-life balance. Benefits offered to employees include: Comprehensive health, dental, and vision plans MIT-funded pension Matching 401K Paid leave (including vacation, sick, parental, military, etc.) Tuition reimbursement and continuing education programs Mentorship programs A range of work-life balance options ... and much more Please visit our Benefits page for more information. As an employee of MIT, you can also take advantage of other voluntary benefits, discounts, and perks. Selected candidate will be subject to a pre-employment background investigation and must be able to obtain and maintain a Secret-level DoD security clearance. MIT Lincoln Laboratory is an Equal Employment Opportunity (EEO) employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability status, or genetic information; U.S. citizenship is required. Requisition ID: [[id]] #CJ #LI-JL1
Created: 2024-11-02