MIT Lincoln Laboratory Assistant Information Security Manager in Lexington, Massachusetts
The Security Services Department's overall mission is to ensure a safe and secure environment and protect MIT Lincoln Laboratory at all facilities in which staff members perform their mission of research and development. To accomplish this mission, this department formulates and implements policies, plans, and actions designed to protect facilities against threats of vandalism, accidental destruction, and sabotage; and safeguards personnel, classified and unclassified information systems, personal identifiable information, property, and other assets from exploitation and recruitment by foreign intelligence agencies.
Assistant Manager - Information Security - Risk Assessment & Forensics
The Information Security Group provides Cybersecurity and Risk Assessment services to the Laboratory. The four functional areas include the Forensic Analysis Center (FAC), consisting of Forensic Analysis and Cybersecurity Risk Assessment Services, Special Programs Information Assurance (IA), Collateral Information System Security, and Communications Security (COMSEC).
The Assistant Manager - Information Security - Risk Assessment & Forensics reports directly to the Laboratory's Information Security Manager (ISM). This position is responsible for leading, coordinating and providing daily work direction for Risk Assessment and Forensic Analysts assigned to the Laboratory’s Forensic Analysis Center (FAC).
FAC Forensic Analysts provide specialized technical and operational computer forensic, incident response, threat intelligence and analysis capabilities in support of many challenging technical security issues. The Risk Assessment Team is primarily responsible for conducting security compliance audits, advanced network security engineering, information security risk assessments and policy, process and procedure development in accordance with cognizant DoD standards, as well as information security industry best practices. The team performs audits of classified and unclassified Information Systems (IS) to ensure that they are in compliance with applicable laws and government regulations, to include the National Industrial Security Program Operation Manual (NISPOM) and DoD Risk Management Framework (RMF) guidelines regarding the protection of classified information systems, National Institute of Standards and Technology (NIST) standards and special publications and Laboratory Information System Security Procedures.
Primary Duties Include:
Will oversee daily activities of the FAC, to include incident response, computer forensic examinations, systems of interest (SOIs), data identification and recovery, investigations of alleged policy violations, network forensic examinations, malware analysis, analytic and statistical reporting, mobile device analysis and testing, calibration and maintenance of forensic systems and software.
Will conduct research and development (R&D) of computer forensic and intrusion analysis methods and procedures.Directly responsible for the accuracy, adequacy and timeliness of FAC computer and network forensic examinations and incidents, intrusion detection and malware analysis activities, and case reports provided to SSD, Laboratory leadership and outside agencies as required.
Will play a prominent role in computer security incident response, providing guidance on response options and mitigations as required.
Will work closely with the IT department in collaboration of incident response and other enterprise activities and security requirements
Will lead and participate in the Laboratory’s Information Security inspection and review program as directed by the Information Security Manager.This includes Unclassified and Classified Information System (IS) inspections, including Government Inspections, Self-Inspections, Information System Reviews, Staff Assistance Visits, wireless scan audits, perimeter compliance inspections, network vulnerability testing and remediation, as well as security assessments for new devices and technologies
Will lead teams to validate the configuration, maintenance and accreditation activities of the Laboratory's SIPRNET environment and validate Command Cyber Readiness Inspection (CCRI) preparedness
Will evaluate and understand multiple networked computer environments and determine whether the appropriate level of security measures are in-effect based on applicable security best practices and/or governing policies and regulations
Will assist in planning, organizing and leading IT security projects related to network, system and data security, to include insider threat detection, enterprise information security reporting, auditing, as well as system risk management and mitigation
Will participate in ongoing meetings with Laboratory management and present briefings and reports regarding risk assessments, evaluations of emerging technology, information security incidents and ongoing investigations
Bachelor’s degree in Computer Science, Information Technology, Computer Information Systems, or related field is required.
A minimum of five (5) or more years of management experience in a Department of Defense (DoD) Industrial Security setting is desired, with related work in the following areas: Information Assurance, Risk Assessment, IT Security, Computer Forensics and Incident Response.
Technical experience, skills and industry IT certifications may be considered substitutes for DoD security experience.
Working knowledge of computer intrusion identification, forensic investigative procedures, digital evidence collection, examination and preservation, rules of evidence, and chain-of-custody requirements. Working knowledge of incident response processes, malware analysis and incident handling tools is required
Demonstrated knowledge of technology testing and evaluation methods and procedures, including the development of techniques for system acceptability testing and evaluation by establishing test criteria and data to ensure program modules and outputs are validated appropriately validated
Demonstrated knowledge of Certification, Accreditation and Authorization requirements identified in the National Industrial Security Operations Manual (NISPOM) and the regarding the protection of classified information systems, as well as the Department of Defense IT Security Assessment and Authorization Process, based on the Risk Management Framework (RMF), NIST 800-53 control
Thorough understanding of National Institute of Standards and Technology (NIST) standards, Federal Information System Modernization Act (FISMA) processes, and The Federal Risk and Authorization Management Program (FedRAMP) requirements for cloud security and Defense Federal Acquisition Regulation Supplement (DFARS) requirements for protecting DoD Contractor information systems
Demonstrated managerial skills, including direct supervision, hiring, training, and staff development are required.
Excellent oral, written and presentation skills.Proven ability to influence outcomes without direct authority is needed.Demonstrated ability to multi task projects/programs and to redirect priorities as needed.
The position has a direct interface and coordination role with members of the IT Department and must have demonstrated ability to work across organizational units and with customers
Selected candidate must be a reliable self-starter who makes sound, well-informed and objective decisions, works independently under minimal supervision, with the demonstrated ability to manage complex situations, follow-up and solve problems
The candidate will be required to obtain a CISSP or CISM certification within 6 months of assuming the position
Other desired certifications include Security+, EnCE, CFCE, GCFA, GREM, GCIH, CEH, CISA
Excellent interpersonal communication, organizational, and customer service skills
Position may require local and some overnight travel.
The successful candidate will be subject to pre-employment investigation and must meet all eligibility requirements for access to classified information including compartmented programs.
Ability to obtain and maintain a government security clearance is required.
MIT Lincoln Laboratory is an Equal Employment Opportunity (EEO) employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability status, or genetic information; U.S. citizenship is required.