MIT Lincoln Laboratory Information Systems Security Manager in Lexington, Massachusetts
The Security Services Department's overall mission is to ensure a safe and secure environment and protect MIT Lincoln Laboratory at all facilities in which staff members perform their mission of research and development. To accomplish this mission, this department formulates and implements policies, plans, and actions designed to protect facilities against threats of vandalism, accidental destruction, and sabotage; and safeguards personnel, classified and unclassified information systems, personal identifiable information, property, and other assets from exploitation and recruitment by foreign intelligence agencies.
The Division Information System Security Manager (ISSM) - ITS Level II will perform as an ISSM and will provide information security support to several independent Laboratory research groups. The ISSM will develop and maintain a formal information systems (IS) security program with associated policies protecting classified and unclassified computer systems in a heterogeneous computer environment which could consist of any variation of Linux, Unix, Sun, Mac, or Windows systems. Will manage daily operations of assigned Information Systems Security Officers (ISSO). Will develop and maintain multiple System Security Plans (SSP); ensuring systems are operated, maintained, and disposed of according to the approved SSP. Will conduct security compliance audits, IS audits, and perform security vulnerability assessments on Laboratory IS. Will coordinate IS security inspections, tests, and reviews. Will establish and maintain configuration management policies and procedures. Will ensure users and ISSOs are subject to an effective IS security education, training, and awareness program. Will facilitate and oversee the accreditation of new systems, provide support for the re-accreditation of existing systems, and coordinate the proper de-certification and sanitization of classified systems and media. Will have an in-depth knowledge of computer security principles and policies to include the National Industrial Security Operations Manual (NISPOM) and the Defense Security Service (DSS) Assessment and Authorization Manual (DAAPM). Will be able to implement and test IT security policies/procedures as part of a fully integrated IT security program. Will coordinate and participate in the investigation and mitigation of information system adverse events. Will assume ISSO responsibilities in the absence of the ISSO. Must be able to respond to off-hour emergencies as needed. Must have demonstrated ability to follow-up and solve problems. Position requires some local and overnight travel.
Bachelor's degree in Computer Science, Information Technology, Computer Information Systems, or relevant work experience or related field desired.
A minimum of 5 years of IT security experience in DoD Industrial Security is strongly desired, preferably in a compartmented program environment.
Technical experience and skills, course work completed toward a degree, and industry IT certifications may be considered substitutes for education and DoD security experience.
Familiarity with Risk Management Framework (RMF), NISPOM Chapter 8, DAAPM, NIST SP 800-53r4 and other associated NIST publications is desired
Technical experience and skills in securing multiple operating systems such as Windows Server and clients, Linux, Solaris, and virtualization technologies.
Ability to achieve DoD 8570 IAM Level II Baseline Certification within 6 months of appointment; preferably candidate possesses ISC2 CISSP.
Demonstrated capabilities in presenting ideas written and orally within a cross-functional environment required.
Prior experience working in a collaborative team environment desired.
Prior experience working with SIPRNet or other classified government networks is desired
The successful candidate will be subject to pre-employment investigation and must meet all eligibility requirements for access to classified information.
The ability to obtain and maintain a government (DoD) security clearance is required.
MIT Lincoln Laboratory is an Equal Employment Opportunity (EEO) employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability status, or genetic information; U.S. citizenship is required.