Logo
MITRE

Lead Information Security Engineer

MITRE, Bedford, Massachusetts, us, 01730


Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges—and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day—working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities, and a culture of innovation that embraces diversity, inclusion, flexibility, collaboration, and career growth. If this sounds like the choice you want to make, then choose MITRE—and make a difference with us.MITRE InfoSec is the organization responsible for the unclassified information security program within MITRE. Our protection of MITRE covers both Operational and Services functions, ensuring an industry leading, comprehensive security and risk management program.Roles & Responsibilities:Security engineer provides cyber security expertise by developing and architecting security solutions that enhance MITRE’s on-prem and cloud services security posture.Security engineer provides hands-on technical engineering to improve defensive and detective capabilities by evaluating security services and technologies as well as conducting assessments of actively deployed environments.Provide security application administration and support to ensure availability, performance, and security of systems.Gathering and building consensus on security product requirements and running product evaluations to ensure MITRE finds the right tools for its needs.Evaluating, deploying, and maintaining COTS software along with open source and specialized home-grown tools.Supporting the InfoSec Monitoring & Response team during incident response investigations.Basic Qualifications:Typically requires a minimum of 8 years of related experience with a Bachelor’s degree; or 6 years and a Master’s degree; or a PhD with 3 years’ experience; or equivalent combination of related education and work experience.Ability to work both independently and as part of a collaborative team.Prior experience in one or more of the following:Network Security Tools (e.g., firewall, web proxy, log servers)Endpoint/Host Security Tools (e.g., Crowdstrike, CarbonBlack)Security SEIM Tools (e.g., Splunk, CRIBL)Securing Public Cloud Environments & Cloud Native Security Tooling (e.g., AWS, Azure, GCP)Bachelor’s degree in Computer Science, Computer Engineering, or Cyber Security and 5-7 years of work experience, or equivalent combination of related education and work experience.Participates in efforts that tailor the company’s security policies for use in cloud environments.Builds the infrastructure and tools needed for managing the day-to-day security operations for our data protection services, including but not limited to automating security monitoring tools, log analytics, and enhancing InfoSec visibility in a hybrid cloud & on-prem environment.Provides information security architecture and systems engineering consulting to other teams.Stays current on emerging security threats, vulnerabilities, and controls as it pertains to our hybrid environment.Must be able to be granted & hold a Secret clearance.This position requires a minimum of 50% hybrid on-site.Preferred Qualifications:Hands-on experience with work as outlined in the position’s roles & responsibilities.Prior experience in one or more of the following:Incident investigationPacket brokersNetwork intrusion detectionExperience with public cloud (AWS/Azure/GCP)Python development knowledge.Crowdstrike Corporate administration experience.XSOAR (Security Orchestration & Automation) administration experience.SASE administration experience (e.g., ZScaler, Netskope, Prisma).Minimum of 10 years of information security engineering experience.Able to demonstrate clear technical understanding of current cyber threats and how they can impact cloud and IT infrastructure.Ability to take initiative and accountability for achieving results.Identifies and implements new security technologies and best practices into cloud offerings.Evaluates new technologies against established requirements and validates the security of the technology.This requisition requires the candidate to have a minimum of the following clearance(s):

NoneThis requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s):

SecretWork Location Type:

HybridMITRE is proud to be an equal opportunity employer. MITRE recruits, employs, trains, compensates, and promotes regardless of age; ancestry; color; family medical or genetic information; gender identity and expression; marital, military, or veteran status; national and ethnic origin; physical or mental disability; political affiliation; pregnancy; race; religion; sex; sexual orientation; and any other protected characteristics.MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE’s employment process, please email recruitinghelp@mitre.org.Copyright 2024, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.

#J-18808-Ljbffr