McLean, Virginia, USA
55 days ago
Lead Information Security Engineer

Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges—and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day—working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities, and a culture of innovation that embraces diversity, inclusion, flexibility, collaboration, and career growth. If this sounds like the choice you want to make, then choose MITRE—and make a difference with us.

MITRE InfoSec is the organization responsible for the unclassified information security program within MITRE. Our protection of MITRE covers both Operational and Services functions, ensuring an industry leading, comprehensive security and risk management program.

Roles & Responsibilities:

Security engineer provides cyber security expertise by developing and architecting security solutions that enhance MITRE’s on prem and cloud services security posture. Security engineer provides hands-on technical engineering to improve defensive and detective capabilities by evaluating security services and technologies as well as conducting assessments of actively deployed environments.Provide security application administration and support to ensure availability, performance, and security of systems.Gathering and building consensus on security product requirements and running product evaluations to ensure MITRE finds the right tools for its needsEvaluating, deploying, and maintaining COTS software along with open source and specialized home-grown toolsSupporting the InfoSec Monitoring & Response team during incident response investigations

Basic Qualifications:

Typically requires a minimum of 8 years of related experience with a Bachelor’s degree; or 6 years and a Master’s degree; or a PhD with 3 years’ experience; or equivalent combination of related education and work experience.

Ability to work both independently and as part of a collaborative team

Prior experience in one or more of the following:

Network Security Tools (e.g., firewall, web proxy, log servers)

Endpoint/Host Security Tools (e.g., Crowdstrike, CarbonBlack)

Security SEIM Tools (e.g., Splunk, CRIBL)

Securing Public Cloud Environments & Cloud Native Security Tooling (e.g., AWS, Azure, GCP)

Bachelor’s degree in Computer Science, Computer Engineering, or Cyber Security and 5-7 years of work experience, or equivalent combination of related education and work experience

Participates in efforts that tailor the company’s security policies for use in cloud environments.

Builds the infrastructure and tools needed for managing the day-to-day security operations for our data protection services. 

This includes but isn’t limited to automating security monitoring tools, log analytics, and enhancing InfoSec visibility in a hybrid cloud & on-prem environment.

Provides information security architecture and systems engineering consulting to other teams.

Stays current on emerging security threads, vulnerabilities, and controls as it pertains to our hybrid environment.

Must be able to be granted & hold a Secret clearance.

This position requires a minimum of 50% hybrid on-site.

Preferred Qualifications:

Hands-on experience with work as outlined in the position’s roles & responsibilities

Prior experience in one or more of the following:

Incident investigation

Packet brokers

Network intrusion detection

Experience with public cloud (AWS/Azure/GCP)

Python development knowledge

Crowdstrike Corporate administration experience

XSOAR (Security Orchestration & Automation) administration experience

SASE administration experience (e.g., ZScaler, Netskope, Prisma)

Minimum of 10 years of information security engineering experience

Able to demonstrate clear technical understanding of current cyber threats and how they can impact cloud and IT infrastructure

Ability to take initiative and accountability for achieving results

Identifies and implements new security technologies and best practices into cloud offerings

Evaluates new technologies against established requirements and validates the security of the technology

This requisition requires the candidate to have a minimum of the following clearance(s):

None

This requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s):

Secret

Work Location Type:

Hybrid

MITRE is proud to be an equal opportunity employer. MITRE recruits, employs, trains, compensates, and promotes regardless of age; ancestry; color; family medical or genetic information; gender identity and expression; marital, military, or veteran status; national and ethnic origin; physical or mental disability; political affiliation; pregnancy; race; religion; sex; sexual orientation; and any other protected characteristics. For further information please visit the Equal Employment Opportunity Commission website EEO is the Law Poster and Pay Transparency.

MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE’s employment process, please email recruitinghelp@mitre.org.

Copyright © 2024, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.

\nBenefits information may be found here
Confirm your E-mail: Send Email