MIT Lincoln Laboratory CO-OP Student in Lexington, Massachusetts

Security Services

The Security Services Department's overall mission is to ensure a safe and secure environment and protect MIT Lincoln Laboratory at all facilities in which staff members perform their mission of research and development. To accomplish this mission, this department formulates and implements policies, plans, and actions designed to protect facilities against threats of vandalism, accidental destruction, and sabotage; and safeguards personnel, classified and unclassified information systems, personal identifiable information, property, and other assets from exploitation and recruitment by foreign intelligence agencies.

Leadership Enrichment and Development (LEAD) Cooperative Student Information Security, Cybersecurity Risk Assessment and Forensics

The Security Services Department's overall mission is to ensure a safe and secure environment and protect MIT Lincoln Laboratory at all facilities in which staff members perform their mission of research and development. To accomplish this mission, this department formulates and implements policies, plans, and actions designed to protect facilities against threats of vandalism, accidental destruction, and sabotage; and safeguards personnel, classified and unclassified information systems, personal identifiable information, property, and other assets from exploitation and recruitment by foreign intelligence agencies.

The Massachusetts Institute of Technology Lincoln Laboratory (MIT LL), a national leader in scientific research and development, located outside Boston, Massachusetts is seeking a Forensics and Cybersecurity Risk Assessment Cooperative Student within the Security Services Department. The six (6) month Leadership Enrichment and Development (LEAD) experience will provide current cooperative educational program students with real world opportunities to gain experience in a fast paced industrial security environment.

The Security Services Department’s Forensic Analysis Center (FAC) is a Tier-3 technical analysis section within the Information Security Group. Comprised of two highly trained teams of professionals (Forensics and Cybersecurity Risk Assessment), it provides specialized technical and operational threat intelligence and analysis capabilities in support of many challenging technical security issues within the Laboratory. FAC team members are encouraged to meet their full human potential and professional growth by being provided career opportunities that challenge and maximize the limits of their existing skill sets. FAC staff members maintain proficiency through a wide variety of training opportunities, collaborative efforts and the analysis of difficult problems in support of national security.

Under the daily leadership of highly trained and certified information security professionals within the FAC, the Forensics and Cybersecurity Risk Assessment Cooperative Student will support the Forensics and Compliance teams equally as well as liaison with other information security and cyber research organizations within the Laboratory.

The position requires a high level of technical expertise and the ability to conduct open source and internal research to identify current threat indicators, exploits and vulnerabilities.

Training/briefing experience is desired. Excellent writing skills are required as the majority of work includes documentation output / deliverables. Candidate must have excellent follow-up and problem solving skills.

FAC Cybersecurity Risk Assessment Team Support:

  • Work with research staff customers to provide timely and quality guidance and oversight

  • Perform PKI audits, wireless security scans, perimeter compliance inspections

  • Support Laboratory Infosec Governance, Risk, and Compliance (GRC) efforts

  • Assist in maintaining auditing programs to validate Infosec policy compliance

  • Conduct Cybersecurity risk assessment and

  • Support the investigation and remediation of network contaminations

  • Document information security policy, processes and procedures

  • Help manage cyber threat intelligence and indicators

  • Produce security risk and impact assessment reports

  • Support incident response and remediation efforts

  • Support DoD-mandated security risk assessments

  • Provide Staff Security Awareness and Training

  • Assist innetwork vulnerability assessments

  • Perform Information Systems (IS) Audits

FAC Forensic Team Support:

  • Participate as a member of the Laboratory Cyber Incident Response Team (CSIRT)

  • Assist in the analysis of malicious or anomalous activity across the enterprise

  • Provide written summaries and analysis of incidents for management review

  • Develop training and operational report and communications products

  • Assist the development of new forensic procedures and techniques

  • Assist in the cyber intrusion discovery and remediation processes

  • Collect and manage forensic artifacts (host and network)

  • Conduct malware analysis and signature generation

  • Collaborate with Laboratory cyber research staff

  • Process internal and external threat intelligence

  • Assist in post-event system remediation and coordinate malware removal

  • Support host system forensics

Preferred competencies:

  • Highly motivated, interested in the fields of cyber defense and cyber research, inquisitive, and able to research new highly technical subjects

  • Experience with forensic tools including EnCase, FTK, NetWitness, WireShark, etc

  • Experience with cyber risk assessments

  • Experience compliance auditing, security reviews or vulnerability assessments is desired.

  • Familiar with sound forensic principles, techniques, and processes.

  • Malware analysis skills, with a general understanding of reverse engineering techniques.

  • Advanced understanding of Windows internals and Windows networks.

  • Understanding of enterprise networks, security infrastructure, and common protocols

  • Moderate understanding of Mac OSX and/or Linux systems

  • Able to distill complex technical subjects into business terms for decision makers

  • Experience with Snort or other network-based signature development.

  • Experience with Yara, OpenIOC, or other host-based signature development

  • Experience with one or more programming languages, preferably at least one high level and one low level language. Examples include Perl, Python, Ruby, Java, C, and x86 ASM

  • Experience with mobile device (iOS/Android) security environments

Requirements:

  • Active participation in an accredited bachelor’s / master's degree program in Computer Science, Information Technology, Computer Information Systems

  • Familiarity with the operation of and forensic artifacts associated with modern operating systems (Windows, Mac OS X, Linux) is required.

  • Demonstrated capability in presenting ideas written and orally within a cross-functional environment is required.

  • The successful candidate will be subject to pre-employment investigation and must meet all eligibility requirements for access to classified information.

  • The ability to obtain and maintain a government (DoD) security clearance is required.

MIT Lincoln Laboratory is an Equal Employment Opportunity (EEO) employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability status, or genetic information; U.S. citizenship is required.