MIT Lincoln Laboratory
Cyber Security Manager
MIT Lincoln Laboratory, Lexington, Massachusetts, United States, 02173
Select how often (in days) to receive an alert:
JOIN OUR TALENT NETWORK
Cyber Security Manager
Apply now
Date:
Nov 7, 2024
Location:Lexington, MA, US
Company:MIT Lincoln Laboratory
Position DescriptionThe Cyber Security Vulnerability Management Team Lead will provide leadership and direction in the day-to-day management of the vulnerability assessment, tracking, and remediation efforts to the Laboratory Cyber Security Vulnerability Management Infrastructure. The Cyber Security VM Team Lead will provide oversight, technical leadership and vision, with respect to operations of the Laboratory vulnerability management process, ensuring adherence to industry standards.These responsibilities include: facilitating design reviews for proposed solutions; providing recommendations on viability; implementation strategies and optimal implementation of solutions; demonstration of expert level knowledge of vulnerability remediation strategies; ensuring changes to security infrastructures are made with optimal security standards and best practices in mind; setting strategic and technical direction following industry standards and security best practices.Vulnerability AssessmentImplement, maintain, and document enterprise vulnerability assessment systems and business processesCreate procedures and customized scan configurations appropriate for the desired performance and accuracyPerform scheduled scans of Laboratory DoD classified and unclassified networks with minimal impact to usersProvide custom vulnerability reporting for SSD, ISD, and Group Administrators as required.Review and analyze vulnerability results and monitor remediation efforts in coordination with ISD Management and Systems AdministratorsConduct all types of Web applications security testing, including those indicated in the OWASP testing guide
General Security ProjectsPerform Security Reviews to assess security best practices are adopted for Laboratory deployment projectsAssist in evaluating potential security tools, devices, or methodsDevelop project plans, architecture diagrams, requirement documentation, test plans, change requests, and communication to usersSecurity Infrastructure OperationsResponsible for day-to-day support and maintenance of vulnerability assessment systems (e.g. Vulnerability Assessment Scanners & Management System, ACAS and Antivirus/malware scanning systems)Duties include but are not limited to system troubleshooting, vendor coordination, budgeting, capacity planning, OS patching and updatingAssess and report on operational readiness of enterprise systems through vulnerability scanning, configuration management tools and log analysis (e.g. Nessus, Tufin and Splunk)Monitor performance metrics and log data for continuous improvement and tuning to match current threatsMaintain and update documentation, including standard operating proceduresAssist other team members by acting as secondary support role of various security systems
Communication & CollaborationDocument and track actions to ensure accurate timeline of events is availableCoordinate efforts among analyst to enhance mitigation efforts and avoid duplication of effortsCoordinate with Security Services Department on threat impact, nature and potential scopeDevelop and publish detailed Vulnerability Assessment reports as required
Threat AssessmentAssist the Threat Assessment team with determination of threat level and action to be performed on systems of interest, e.g. through vulnerability scanning or configuration management reportingIdentify ways to mitigate future risk to the LaboratoryRecommend escalation of systems of interest for policy violations and risk to the threat assessment team
This position is under general supervision of the Cyber Security Sector ManagerThis position does not have direct financial responsibility. However, technical expertise may be required for assisting with product selection.This position will maintain frequent contact with internal department and/or Laboratory user community as well as external vendors to maintain communications related to project execution.Requirements:Knowledge and Skills RequiredStrong working knowledge of various enterprise network and standalone security systems and technologies - including vulnerability assessment to include ACAS, configuration management and auditing, intrusion protection, firewalls, anti-virus, laptop encryption, and digital forensics15+ years' experience in the information technology field8+ years' experience specifically in the information security fieldProven operational support experience with design and management of vulnerability assessment environments including Tenable Nessus and Security CenterUse of advanced options of common discovery and assessment tools such as Nmap, OpenSSL and NetcatConfiguration auditing and/or monitoring using Nessus and Tufin and/or other configuration management toolsUse of various network security systems to assist in the investigation of security anomalies and incidentsKnowledge of penetration testing and vulnerability assessment strategiesIAT Level II DoD Approved Baseline CertificationAbility to obtain and maintain a government security clearance
PreferredBachelor's Degree in Computer Science, Information Technologies, Engineering or equivalent experienceGSEC, GCIH, CISSP or equivalent certificationProven ability to script in Perl or PythonKnowledge of Department of Defense and FISMA requirements is preferredExperience with DoD ACAS and/or HBSS systems is preferredWorking knowledge of NIST security controlsITIL v3/v4 Foundation experience and/or certification
Occasional off-hour/on-call support is necessary.A certain degree of flexibility of schedule is required as some work (planned/unplanned) must be done outside of major production hours during pre-scheduled maintenance windows.Additional InformationThis position requires an individual with excellent communication (both oral and writing) and organizational skills. The individual must be able to work in a fast-paced environment at times with minimal supervision and execute project and administrative tasks with a high degree of quality, while following existing processes, and establishing new operational procedures and best practices where necessary. Additionally, the position requires the ability to work with members of other teams and staff to all necessary department and organizational goals.#CJAt MIT Lincoln Laboratory, our exceptional career opportunities include many outstanding benefits to help you stay healthy, feel supported, and enjoy a fulfilling work-life balance. Benefits offered to employees include:Comprehensive health, dental, and vision plansMIT-funded pensionMatching 401KPaid leave (including vacation, sick, parental, military, etc.)Tuition reimbursement and continuing education programsMentorship programsA range of work-life balance options... and much more!
Please visit our Benefits page for more information. As an employee of MIT, you can also take advantage ofother voluntary benefits, discounts and perks.Selected candidate will be subject to a pre-employment background investigation and must be able to obtain and maintain a Secret level DoD security clearance.MIT Lincoln Laboratory is an Equal Employment Opportunity (EEO) employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability status, or genetic information; U.S. citizenship is required.Requisition ID:
40535
Nearest Major Market:
Boston
Job Segment:Cyber Security, DoD, Defense, Security Clearance, Laboratory, Security, Government, Science
Apply now
Find similar jobs:
JOIN OUR TALENT NETWORK
Cyber Security Manager
Apply now
Date:
Nov 7, 2024
Location:Lexington, MA, US
Company:MIT Lincoln Laboratory
Position DescriptionThe Cyber Security Vulnerability Management Team Lead will provide leadership and direction in the day-to-day management of the vulnerability assessment, tracking, and remediation efforts to the Laboratory Cyber Security Vulnerability Management Infrastructure. The Cyber Security VM Team Lead will provide oversight, technical leadership and vision, with respect to operations of the Laboratory vulnerability management process, ensuring adherence to industry standards.These responsibilities include: facilitating design reviews for proposed solutions; providing recommendations on viability; implementation strategies and optimal implementation of solutions; demonstration of expert level knowledge of vulnerability remediation strategies; ensuring changes to security infrastructures are made with optimal security standards and best practices in mind; setting strategic and technical direction following industry standards and security best practices.Vulnerability AssessmentImplement, maintain, and document enterprise vulnerability assessment systems and business processesCreate procedures and customized scan configurations appropriate for the desired performance and accuracyPerform scheduled scans of Laboratory DoD classified and unclassified networks with minimal impact to usersProvide custom vulnerability reporting for SSD, ISD, and Group Administrators as required.Review and analyze vulnerability results and monitor remediation efforts in coordination with ISD Management and Systems AdministratorsConduct all types of Web applications security testing, including those indicated in the OWASP testing guide
General Security ProjectsPerform Security Reviews to assess security best practices are adopted for Laboratory deployment projectsAssist in evaluating potential security tools, devices, or methodsDevelop project plans, architecture diagrams, requirement documentation, test plans, change requests, and communication to usersSecurity Infrastructure OperationsResponsible for day-to-day support and maintenance of vulnerability assessment systems (e.g. Vulnerability Assessment Scanners & Management System, ACAS and Antivirus/malware scanning systems)Duties include but are not limited to system troubleshooting, vendor coordination, budgeting, capacity planning, OS patching and updatingAssess and report on operational readiness of enterprise systems through vulnerability scanning, configuration management tools and log analysis (e.g. Nessus, Tufin and Splunk)Monitor performance metrics and log data for continuous improvement and tuning to match current threatsMaintain and update documentation, including standard operating proceduresAssist other team members by acting as secondary support role of various security systems
Communication & CollaborationDocument and track actions to ensure accurate timeline of events is availableCoordinate efforts among analyst to enhance mitigation efforts and avoid duplication of effortsCoordinate with Security Services Department on threat impact, nature and potential scopeDevelop and publish detailed Vulnerability Assessment reports as required
Threat AssessmentAssist the Threat Assessment team with determination of threat level and action to be performed on systems of interest, e.g. through vulnerability scanning or configuration management reportingIdentify ways to mitigate future risk to the LaboratoryRecommend escalation of systems of interest for policy violations and risk to the threat assessment team
This position is under general supervision of the Cyber Security Sector ManagerThis position does not have direct financial responsibility. However, technical expertise may be required for assisting with product selection.This position will maintain frequent contact with internal department and/or Laboratory user community as well as external vendors to maintain communications related to project execution.Requirements:Knowledge and Skills RequiredStrong working knowledge of various enterprise network and standalone security systems and technologies - including vulnerability assessment to include ACAS, configuration management and auditing, intrusion protection, firewalls, anti-virus, laptop encryption, and digital forensics15+ years' experience in the information technology field8+ years' experience specifically in the information security fieldProven operational support experience with design and management of vulnerability assessment environments including Tenable Nessus and Security CenterUse of advanced options of common discovery and assessment tools such as Nmap, OpenSSL and NetcatConfiguration auditing and/or monitoring using Nessus and Tufin and/or other configuration management toolsUse of various network security systems to assist in the investigation of security anomalies and incidentsKnowledge of penetration testing and vulnerability assessment strategiesIAT Level II DoD Approved Baseline CertificationAbility to obtain and maintain a government security clearance
PreferredBachelor's Degree in Computer Science, Information Technologies, Engineering or equivalent experienceGSEC, GCIH, CISSP or equivalent certificationProven ability to script in Perl or PythonKnowledge of Department of Defense and FISMA requirements is preferredExperience with DoD ACAS and/or HBSS systems is preferredWorking knowledge of NIST security controlsITIL v3/v4 Foundation experience and/or certification
Occasional off-hour/on-call support is necessary.A certain degree of flexibility of schedule is required as some work (planned/unplanned) must be done outside of major production hours during pre-scheduled maintenance windows.Additional InformationThis position requires an individual with excellent communication (both oral and writing) and organizational skills. The individual must be able to work in a fast-paced environment at times with minimal supervision and execute project and administrative tasks with a high degree of quality, while following existing processes, and establishing new operational procedures and best practices where necessary. Additionally, the position requires the ability to work with members of other teams and staff to all necessary department and organizational goals.#CJAt MIT Lincoln Laboratory, our exceptional career opportunities include many outstanding benefits to help you stay healthy, feel supported, and enjoy a fulfilling work-life balance. Benefits offered to employees include:Comprehensive health, dental, and vision plansMIT-funded pensionMatching 401KPaid leave (including vacation, sick, parental, military, etc.)Tuition reimbursement and continuing education programsMentorship programsA range of work-life balance options... and much more!
Please visit our Benefits page for more information. As an employee of MIT, you can also take advantage ofother voluntary benefits, discounts and perks.Selected candidate will be subject to a pre-employment background investigation and must be able to obtain and maintain a Secret level DoD security clearance.MIT Lincoln Laboratory is an Equal Employment Opportunity (EEO) employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability status, or genetic information; U.S. citizenship is required.Requisition ID:
40535
Nearest Major Market:
Boston
Job Segment:Cyber Security, DoD, Defense, Security Clearance, Laboratory, Security, Government, Science
Apply now
Find similar jobs: