Massachusetts Jobs

MassHire JobQuest Logo

Job Information

MIT Lincoln Laboratory Information Systems Security Manager - Collateral in Lexington, Massachusetts

Security Services

The Security Services Department's overall mission is to ensure a safe and secure environment at MIT Lincoln Laboratory facilities and locations where staff members conduct cutting edge research in support of national security. To accomplish this mission, the Security Services Department formulates and implements policies, plans, and procedures designed to protect against threats of vandalism, accidental destruction, and sabotage; safeguards personnel, classified and unclassified information systems, personally identifiable information, property, and other assets from exploitation and recruitment by foreign intelligence agencies.

Job Summary

The Information Systems Security Manager (ISSM) – IT IC Level 4 (Collateral) is responsible for maintaining the overall system security posture of several MIT Lincoln Laboratory programs, as well as the implementation of the DoD Risk Management Framework (RMF) within assigned areas of responsibility.

The successful candidate will work independently, perform as a team leader and as a team member, must be a quick learner, self-motivated, reliable, and able to balance multiple tasks simultaneously. Candidate must have strong interpersonal skills and be able to manage stress in a professional manner. Candidate must be knowledgeable in computer security principles and policies, to include the DoD RMF, DISA Security Technical Implementation Guides (STIGs), National Industrial Security Program Operating Manual (NISPOM), and Defense Counterintelligence Security Agency Service (DCSA) Assessment and Authorization Manual (DAAPM). Candidate must have strong technical skills and be able to respond to off-hours emergencies. Position requires occasional local and overnight travel.

Core Responsibilities

  • Oversee the information security program, to include policies and procedures for assigned areas of responsibility

  • Develop and maintain System Security Plans (SSP) and associated artifacts such as the Plan of Action & Milestones (POA&M), Risk Assessment Report, and Continuous Monitoring Strategy

  • Conduct security-focused configuration management activities for classified systems and networks in a variety of traditional, virtual, and cloud-based environments

  • Ensure system information is protected while operated, maintained, and disposed of in accordance with organization security policies and procedures

  • Ensure measures are taken to report, respond, and remediate security incidents and spillages

  • Advise system owners of current cyber security policies and concepts when designing, procuring, adopting, and developing systems throughout the system life cycle

  • Ensure audit records are collected and analyzed in accordance with the SSP

Core Responsibilities (cont.)

  • Lead efforts to conduct network, system, and application vulnerability scanning, configuration assessment, risk assessment, continuous monitoring, and remediation

  • Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures

  • Implement an effective IS security education, training, and awareness program, to include providing training

  • Lead efforts to prepare for and participate in periodic organization compliance assessments

  • Provide account management oversight, and ensure related documentation is complete and updated

  • Serve as a voting member of the Configuration Control Board (CCB)

  • Manage the daily workload and operations of ISSOs in area or responsibility

Requirements

  • Selected candidate will be subject to a pre-employment background investigation and must be able to obtain and maintain a Top Secret level DoD security clearance

  • BS degree in Computer Science, Information Technology, Computer Information Systems, or related discipline is required, MS is preferred

  • A minimum of 8 years of IT security experience in DoD Industrial Security is required, leadership skills relevant to this experience preferred

  • Technical experience, skills, and additional course work completed towards a Graduate Degree, or industry IT certifications may be considered in lieu of DoD security experience requirements

  • Possess a DoD 8570.01-M IAM II or III baseline certification, ISC2 CISSP preferred

Requirements (cont.)

  • Familiarity with the NISPOM, DAAPM, DISA STIGs, and DoD RMF

  • Experience and familiarity with multiple operating systems such as MS Windows and Server, Red Hat Enterprise Linux, and other *nix platforms

  • Experience with virtualization and cloud technologies

  • Technical experience securing networks and systems utilizing DISA STIGs and/or SRGs

  • Demonstrated experience with vulnerability scanning and auditing tools, and associated administrative processes

  • Excellent written and verbal communication skills

For Benefits Information, click http://hrweb.mit.edu/benefits

Selected candidate will be subject to a pre-employment background investigation and must be able to obtain and maintain a Secret level DoD security clearance.

MIT Lincoln Laboratory is an Equal Employment Opportunity (EEO) employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability status, or genetic information; U.S. citizenship is required.

Requisition ID: [[id]] #CJ

DirectEmployers