The MITRE Corporation
Chief of Cyber Operations
The MITRE Corporation, Mc Lean, Virginia, us, 22107
Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges—and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day—working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities, and a culture of innovation that embraces diversity, inclusion, flexibility, collaboration, and career growth. If this sounds like the choice you want to make, then choose MITRE—and make a difference with us.
Department Summary:
Join MITRE’s corporate Information Security team and be at the forefront of security operations. Take the lead in defending MITRE against everything from fraud to ransomware to Advanced Persistent Threats (APT). Working for the CISO and with other senior InfoSec leaders, provide strategic and tactical guidance to continuously improve MITRE’s protect, detect, and respond triad. Lead a threat informed defense - go beyond mere technology and tools to develop and use current and new practices like threat sharing, deception, and advanced research into adversary behavior. Experienced, motivated, self-starting, continuously learning candidates will enjoy working in a tight-knit team and having the ability to influence the direction of our cyber defense capabilities.
We are seeking a Department Manager to lead and grow the Cyber Operations of our Information Security team. The DM will be responsible for refining the department’s mission, vision, and goals; and setting the technical direction of the Department's capabilities. The Department Manager will be responsible for attracting, developing, and retaining an outstanding workforce. The department manager will also oversee all aspects of project and department performance, technical quality, development, and budget.
Roles and Responsibilities:
Technical Leadership
Ensure the execution of services responsible for the cyber defense of MITRE.
Practice threat informed defense – promote effectiveness and efficiency through systematic prioritization of security threats, vulnerabilities, and other issues.
Promote technical quality - assess quality of InfoSec operations and related work including detection and control effectiveness, training and awareness, incident monitoring and response, and threat intelligence
Represent InfoSec Operations needs with the Chief Engineers to integrate key security drivers; business strategy and need, contractual compliance, security and defensive operations to develop a consistent and coherent approach to security across MITRE:
Contribute to InfoSec’s program of active engagement with CIO projects, specializing on those which impact security operations, and ensuring new IT is integrated into the security architecture designed for the protection, detection, and reaction tools.
Facilitate innovation and research by being an integration point between InfoSec and CIO innovation programs, work program initiatives, the MITRE IR&D Program, and other innovation efforts.
Lead the evolution of InfoSec’s defensive security architecture, monitoring and incident response operations, and our threat sharing and analysis work.
Partnership
Foster integration and collaboration with the corporate IT functions
Share lessons learned and operational insights with other MITRE cyber practitioners, researchers, and MITRE’s customers
Promote cyber community enhancing practices such as threat sharing, ISAC participation, etc.
Staff Development
Define strategy and execution for recruiting and hiring
Promote InfoSec mentoring, especially for specialized operational skills
Lead performance calibration and division development goal setting.
Foster an environment of innovation, technical leadership, collaboration, camaraderie, and technical quality.
Ensure department staff stay current in their knowledge of emerging trends and technologies through training and strategic staffing.
Ensures delivery of regular, constructive feedback and developmental support to staff
Basic Qualifications:
In depth experience with security group operations, including areas such as continuous monitoring of systems and alarms, incident response, workflow management, etc.
Typically requires a minimum of 12 years of related experience with a Bachelor’s degree; or 10 years and a Master’s degree; or a PhD with 7 years’ experience; or equivalent combination of related education and work experience.
Extensive experience and expertise with cyber operations theory, approaches, and supporting technologies including threat informed defense, cyber deception, cyber threat analysis and information sharing
Experience, thorough familiarity with, and demonstrated success understanding and staying technically current in multiple key security areas such as:
Defending corporate perimeters and Internet facing systems, both on prem and cloud
Defending user workstations in a variety of configurations including and zero trust
Next gen technology such as application aware firewalls, EDR, Zero Trust.
Strong analytical skills. Demonstrated ability to decompose complex technical problems into manageable portions, identify driving factors in technical decisions
Extensive experience with operational design and tradeoffs balancing interests of business need and risk tolerance
Experience with operational security product and service evaluations
Demonstrated success in leading deeply technical InfoSec teams
Demonstrated success working with people and coaching talent
Strong technical writing, editing, and presentation skills including demonstrated ability to articulate complex technical topics and recommendations
The ability to obtain and maintain a Secret Clearance
This position requires a minimum of 50% hybrid on-site
Preferred Qualifications:
Demonstrated track record in building strong internal and external partnerships.
Familiarity with non-operational corporate information security practices, including policy and governance, user training and education, and risk management
Familiarity with MITRE organizational structure, management practices, work programs, and corporate strategy
MITRE Site locations are being considered however being connected to one of the campuses would be a strong preference. This role will need to participate in team building, liaison work, and other job responsibilities which could require a candidate based at a site location to incur a high amount of travel.
Top Secret Clearance
Our culture is a tangible asset that endures through our people and leaders. At MITRE, our leaders must also demonstrate and continually develop a consistent set of shared Leadership Competencies:
Lead with a Strategic Mindset: Drives alignment across MITRE to achieve our mission by engaging across and beyond the enterprise, making and executing decisions, and activating the Good Growth Strategy.
Create Value: Takes a broad approach to solving complex problems using a national and global lens. Unleashes the full capabilities of our people in a relentless pursuit of innovative solutions that are scalable, equitable, transferable, and sustainable.
Cultivate Inclusion: Creates an environment and opportunities, built on trust, where people can be their whole authentic self, feeling welcomed, supported, engaged, and respected for who they are and what they contribute to the organization. Embraces and engages all dimensions of diversity to exponentially expand MITRE’s impact in solving problems for a safer world.
Communicate for Impact: Conveys powerful messages tailored to the unique needs of stakeholders—and desired outcomes—in a style that engages and inspires action. Exemplifies active listening to foster collaboration, understanding, and alignment.
Commit to Action and Outcomes: Holds self and others accountable for acting on and achieving established objectives. Exemplifies cultural attributes while executing and delivering impactful outcomes.
This requisition requires the candidate to have a minimum of the following clearance(s):
None
This requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s):
Top Secret
Work Location Type:
Hybrid
MITRE is proud to be an equal opportunity employer. MITRE recruits, employs, trains, compensates, and promotes regardless of age; ancestry; color; family medical or genetic information; gender identity and expression; marital, military, or veteran status; national and ethnic origin; physical or mental disability; political affiliation; pregnancy; race; religion; sex; sexual orientation; and any other protected characteristics. For further information please visit the Equal Employment Opportunity Commission website EEO is the Law Poster (https://www.eeoc.gov/sites/default/files/2022-10/22-088_EEOC_KnowYourRights_10_20.pdf) and Pay Transparency (https://www.dol.gov/sites/dolgov/files/OFCCP/pdf/pay-transp_%20English_formattedESQA508c.pdf) .
MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE’s employment process, please email recruitinghelp@mitre.org .
Copyright © 2024, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.
Benefits information may be found here (https://careers.mitre.org/us/en/benefits)
Department Summary:
Join MITRE’s corporate Information Security team and be at the forefront of security operations. Take the lead in defending MITRE against everything from fraud to ransomware to Advanced Persistent Threats (APT). Working for the CISO and with other senior InfoSec leaders, provide strategic and tactical guidance to continuously improve MITRE’s protect, detect, and respond triad. Lead a threat informed defense - go beyond mere technology and tools to develop and use current and new practices like threat sharing, deception, and advanced research into adversary behavior. Experienced, motivated, self-starting, continuously learning candidates will enjoy working in a tight-knit team and having the ability to influence the direction of our cyber defense capabilities.
We are seeking a Department Manager to lead and grow the Cyber Operations of our Information Security team. The DM will be responsible for refining the department’s mission, vision, and goals; and setting the technical direction of the Department's capabilities. The Department Manager will be responsible for attracting, developing, and retaining an outstanding workforce. The department manager will also oversee all aspects of project and department performance, technical quality, development, and budget.
Roles and Responsibilities:
Technical Leadership
Ensure the execution of services responsible for the cyber defense of MITRE.
Practice threat informed defense – promote effectiveness and efficiency through systematic prioritization of security threats, vulnerabilities, and other issues.
Promote technical quality - assess quality of InfoSec operations and related work including detection and control effectiveness, training and awareness, incident monitoring and response, and threat intelligence
Represent InfoSec Operations needs with the Chief Engineers to integrate key security drivers; business strategy and need, contractual compliance, security and defensive operations to develop a consistent and coherent approach to security across MITRE:
Contribute to InfoSec’s program of active engagement with CIO projects, specializing on those which impact security operations, and ensuring new IT is integrated into the security architecture designed for the protection, detection, and reaction tools.
Facilitate innovation and research by being an integration point between InfoSec and CIO innovation programs, work program initiatives, the MITRE IR&D Program, and other innovation efforts.
Lead the evolution of InfoSec’s defensive security architecture, monitoring and incident response operations, and our threat sharing and analysis work.
Partnership
Foster integration and collaboration with the corporate IT functions
Share lessons learned and operational insights with other MITRE cyber practitioners, researchers, and MITRE’s customers
Promote cyber community enhancing practices such as threat sharing, ISAC participation, etc.
Staff Development
Define strategy and execution for recruiting and hiring
Promote InfoSec mentoring, especially for specialized operational skills
Lead performance calibration and division development goal setting.
Foster an environment of innovation, technical leadership, collaboration, camaraderie, and technical quality.
Ensure department staff stay current in their knowledge of emerging trends and technologies through training and strategic staffing.
Ensures delivery of regular, constructive feedback and developmental support to staff
Basic Qualifications:
In depth experience with security group operations, including areas such as continuous monitoring of systems and alarms, incident response, workflow management, etc.
Typically requires a minimum of 12 years of related experience with a Bachelor’s degree; or 10 years and a Master’s degree; or a PhD with 7 years’ experience; or equivalent combination of related education and work experience.
Extensive experience and expertise with cyber operations theory, approaches, and supporting technologies including threat informed defense, cyber deception, cyber threat analysis and information sharing
Experience, thorough familiarity with, and demonstrated success understanding and staying technically current in multiple key security areas such as:
Defending corporate perimeters and Internet facing systems, both on prem and cloud
Defending user workstations in a variety of configurations including and zero trust
Next gen technology such as application aware firewalls, EDR, Zero Trust.
Strong analytical skills. Demonstrated ability to decompose complex technical problems into manageable portions, identify driving factors in technical decisions
Extensive experience with operational design and tradeoffs balancing interests of business need and risk tolerance
Experience with operational security product and service evaluations
Demonstrated success in leading deeply technical InfoSec teams
Demonstrated success working with people and coaching talent
Strong technical writing, editing, and presentation skills including demonstrated ability to articulate complex technical topics and recommendations
The ability to obtain and maintain a Secret Clearance
This position requires a minimum of 50% hybrid on-site
Preferred Qualifications:
Demonstrated track record in building strong internal and external partnerships.
Familiarity with non-operational corporate information security practices, including policy and governance, user training and education, and risk management
Familiarity with MITRE organizational structure, management practices, work programs, and corporate strategy
MITRE Site locations are being considered however being connected to one of the campuses would be a strong preference. This role will need to participate in team building, liaison work, and other job responsibilities which could require a candidate based at a site location to incur a high amount of travel.
Top Secret Clearance
Our culture is a tangible asset that endures through our people and leaders. At MITRE, our leaders must also demonstrate and continually develop a consistent set of shared Leadership Competencies:
Lead with a Strategic Mindset: Drives alignment across MITRE to achieve our mission by engaging across and beyond the enterprise, making and executing decisions, and activating the Good Growth Strategy.
Create Value: Takes a broad approach to solving complex problems using a national and global lens. Unleashes the full capabilities of our people in a relentless pursuit of innovative solutions that are scalable, equitable, transferable, and sustainable.
Cultivate Inclusion: Creates an environment and opportunities, built on trust, where people can be their whole authentic self, feeling welcomed, supported, engaged, and respected for who they are and what they contribute to the organization. Embraces and engages all dimensions of diversity to exponentially expand MITRE’s impact in solving problems for a safer world.
Communicate for Impact: Conveys powerful messages tailored to the unique needs of stakeholders—and desired outcomes—in a style that engages and inspires action. Exemplifies active listening to foster collaboration, understanding, and alignment.
Commit to Action and Outcomes: Holds self and others accountable for acting on and achieving established objectives. Exemplifies cultural attributes while executing and delivering impactful outcomes.
This requisition requires the candidate to have a minimum of the following clearance(s):
None
This requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s):
Top Secret
Work Location Type:
Hybrid
MITRE is proud to be an equal opportunity employer. MITRE recruits, employs, trains, compensates, and promotes regardless of age; ancestry; color; family medical or genetic information; gender identity and expression; marital, military, or veteran status; national and ethnic origin; physical or mental disability; political affiliation; pregnancy; race; religion; sex; sexual orientation; and any other protected characteristics. For further information please visit the Equal Employment Opportunity Commission website EEO is the Law Poster (https://www.eeoc.gov/sites/default/files/2022-10/22-088_EEOC_KnowYourRights_10_20.pdf) and Pay Transparency (https://www.dol.gov/sites/dolgov/files/OFCCP/pdf/pay-transp_%20English_formattedESQA508c.pdf) .
MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE’s employment process, please email recruitinghelp@mitre.org .
Copyright © 2024, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.
Benefits information may be found here (https://careers.mitre.org/us/en/benefits)