McLean, VA, 22102, USA
5 days ago
Cyber Risk Management (Intelligence Center)
Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges—and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day—working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities, and a culture of innovation that embraces diversity, inclusion, flexibility, collaboration, and career growth. If this sounds like the choice you want to make, then choose MITRE—and make a difference with us. Within MITRE’s Intelligence Center, the Adversary Intelligence Department has the mission to provide deep technical and regional analysis on emerging threats to the United States and its interests in support of USG policy, strategy, integrated capabilities, test & evaluation, and resource investments. Our vision is to enable national security policymakers to anticipate and prepare for future adversarial threats by revolutionizing intelligence analysis and capabilities, empowering them to see beyond the horizon and confidently navigate emerging national and global challenges. The Department is accountable and responsible for programs with the Office of the Director of National Intelligence (ODNI) and the Defense Intelligence Agency (DIA). Roles & Responsibilities: The Adversary Intelligence Department harnesses the power of advanced tools and innovative techniques to address complex challenges faced by the US government. You will have the opportunity to collaborate with experienced IT professionals in a vibrant and dynamic setting, making a substantial contribution to resolving some of the government's most intricate issues. We are seeking a highly skilled and motivated Lead Cyber Security Engineer to join our team in support of our mission and vision. The ideal candidate will have a background in cyber security engineering, knowledge and data management, cyber mitigation techniques, and must be comfortable working directly with multiple senior-level government sponsors implementing the risk management framework and cyber security best practices. In this role, you will work alongside a dynamic team, playing a pivotal part in designing, developing, and refining our security assessment and authorization processes to align with our sponsor's current mission objectives. You should possess a blend of technical expertise, analytical skills, and a proactive mindset to effectively safeguard an organization’s digital assets. This is an opportunity for you to expand your technical skills while contributing to a distinctive project with cross-cutting Intelligence Community and greater national security enterprise impact. This position requires initiative, creativity, and a proactive approach to problem-solving, as you will be at the forefront of developing solutions that have significant implications for national security. The selected candidate will support government sponsors implementing cyber security within their organizations, environments, systems, and networks. Primary functions are as follows: + Assist sponsor with review, application, and maintenance of cyber security policies and procedures. + Assist sponsor with review and maintenance of assessment plans and authorization body of evidence documentation. + Perform security analyses and risk/vulnerability assessments. + Participate in security assessments and testing evaluations. + Participate in planning and supporting security engineering for new projects to include technology selection, categorization, and control selection. + Working knowledge of the Intelligence Community (IC) structure and system acquisition. + Knowledge of system security engineering and Systems Engineering in Identity and Access Control, applying Security Controls in a Linux OS, and audit configuration/insider-threat detection. + Ability to apply system security engineering techniques to mitigate cyber vulnerabilities. Basic Qualifications: + Typically requires a minimum of 8 years of related experience with a Bachelor’s degree; or 6 years and a Master’s degree; or a PhD with 3 years’ experience; or equivalent combination of related education and work experience. + Active TS/SCI with Full-Scope Poly security clearance. + Minimum 6 years’ experience with RMF of system, networks, and sites that operate in SCI or other Classified environments. + Knowledge of Cyber Security technologies as well as roles, responsibilities, and methodologies. + Ability to document and/or present ideas and findings such that others can easily learn from or make decisions based upon the material + Demonstrable knowledge of security technologies and their applications (e.g., operating system features, guards, firewalls, security tools, etc.). + Ability to convey Cyber/Information Assurance policy and supporting technologies to Senior Government officials. + This position has an on-site requirement of 5 days a week on-site. Preferred Qualifications: + Demonstrated knowledge of Cyber Security and enterprise Cyber Security solutions + Configure Centralized Audit Services (e.g. Splunk, SolarWinds). + Demonstrable understanding of the application of cyber security processes, procedures, and roles supporting Army, Navy, Air Force, IC Agency (ODNI, CIA, DIA, NGA, NSA, NRO). + Ability to identify cyber risks and identify potential technical or procedural mitigation of the risks. + Experience in performing or participating in security assessment test and evaluations. + Experience in planning and implementing confirmation management approaches. + Experience with security engineering principles in an Agile development environment. + Executing vulnerability scanning tools and customization of tools to an organizational environment. + Ability to perform an analysis of alternatives in the selection of scanning tools. + Provide guidance on ensuring systems are designed, developed and implemented with required security features and safeguards. + Strong verbal and written skills. This requisition requires the candidate to have a minimum of the following clearance(s): Top Secret/SCI/Polygraph This requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s): Top Secret/SCI/Polygraph Work Location Type: Onsite MITRE is proud to be an equal opportunity employer. MITRE recruits, employs, trains, compensates, and promotes regardless of age; ancestry; color; family medical or genetic information; gender identity and expression; marital, military, or veteran status; national and ethnic origin; physical or mental disability; political affiliation; pregnancy; race; religion; sex; sexual orientation; and any other protected characteristics. For further information please visit the Equal Employment Opportunity Commission website EEO is the Law Poster (https://www.eeoc.gov/sites/default/files/2022-10/22-088\_EEOC\_KnowYourRights\_10\_20.pdf) and Pay Transparency (https://www.dol.gov/sites/dolgov/files/OFCCP/pdf/pay-transp\_%20English\_formattedESQA508c.pdf) . MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE’s employment process, please email recruitinghelp@mitre.org . Copyright © 2024, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only. Benefits information may be found here (https://careers.mitre.org/us/en/benefits)
Confirm your E-mail: Send Email