MIT Lincoln Laboratory Information System Security Officer (ISSO) in Lexington, Massachusetts
The Security Services Department's overall mission is to ensure a safe and secure environment and protect MIT Lincoln Laboratory at all facilities in which staff members perform their mission of research and development. To accomplish this mission, this department formulates and implements policies, plans, and actions designed to protect facilities against threats of vandalism, accidental destruction, and sabotage; and safeguards personnel, classified and unclassified information systems, personal identifiable information, property, and other assets from exploitation and recruitment by foreign intelligence agencies.
The Information Systems Security Officer (ISSO) - ITS Level III will provide IT security support to several programs within the Intelligence and Decision Technologies group and the ISR and Tactical Systems Division. This includes: development of IS security programs and policies; monitoring and auditing the group’s information systems; ensuring development projects incorporate cybersecurity controls and protocols; developing and maintaining System Security Plans (SSP); ensuring that systems are operated, maintained, and disposed of in accordance with SSPs and other relevant requirements; ensuring configuration management is maintained and documented; and conducting periodic reviews and auditing to ensure compliance with the SSPs. The successful candidate will work with engineering and security teams, and will interact with Laboratory management. The successful candidate will have sufficient technical experience to recommend and implement security requirements. The ISSO will assist in compliance inspections and reviews and conduct audits as required. The ISSO must be able to respond to occasional off-hour emergencies. The position requires some overnight travel.
• BS degree in Computer Science, Information Technology, Computer Information Systems, or related field.
• A minimum of 4 years of IT security experience with DoD information systems is required. Technical experience and skills, course work completed towards a degree, and industry IT certifications may be considered substitutes for education and DoD security experience. • The ability to obtain and maintain a government (DoD) Top Secret security clearance is required.
• Strong written and verbal communication skills are required, since this position involves advising engineering managers and other leaders on risks and benefits of many cybersecurity approaches.
• CompTIA Security+, CISSP, or similar DoD Approved 8570 Baseline Certifications are strongly desired. The ability to obtain and maintain these certifications is required.
• Experience directly related to certification and authorization using the Risk Management Framework (RMF) is strongly desired. • Experience analyzing, evaluating, and assessing compliance with Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs) is strongly desired.
• Experience using vulnerability scanning tools such as Nessus and SCAP is desired.
• Experience using auditing tools and endpoint security product is desired. • Prior experience in working in a collaborative software environment with agile or devops methodology is desired. • Experience with the National Industrial Security Program Operating Manual (NISPOM) is a plus.
• Technical experience with Windows and Linux operating systems, and VMWare virtualization tools is a plus.
• The successful candidate will be subject to pre-employment investigation and must meet all eligibility requirements for access to classified information including compartmented programs.
For Benefits Information, click http://hrweb.mit.edu/benefits
MIT Lincoln Laboratory is an Equal Employment Opportunity (EEO) employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability status, or genetic information
U.S. citizenship is required.
Requisition ID: [[id]]