Information Systems Security Manager
Lexington, MA

Job Description

Position Summary:

Information System Security Manager (ISSM) - IT IC Level 3

The Information System Security Manager (ISSM) - IT IC Level 3 (Collateral Information Systems) will provide information systems security support of several independent MIT Lincoln Laboratory programs at the Division/Department level, to include Laboratory operations and independent Laboratory research areas. The position will support the development and maintenance of the Laboratory's formal information systems (IS) security program with associated policies protecting classified and unclassified computer systems in a heterogeneous computing environment.

Core Responsibilties:

* Oversee the IS security program and policies for the assigned area of responsibility
* Facilitate and oversee the Authorization of Collateral Information Systems, Develop and maintain System Security Plans (SSP) and associated artifacts such as the Plan of Action & Milestones (POA&M), Risk Assessment Report, and Continuous Monitoring Strategy
* Manage the security configuration and advise changes to collateral classified systems and networks in a variety of traditional and virtual environments including Linux, Unix, Sun, Mac, and Windows
* Ensure system information is protected while operated, maintained, and disposed of in accordance with organization security policies and procedures
* Coordinate and participate in the investigation and mitigation of information system adverse events, ensuring measures are taken to report, respond, and remediate IS incidents and spillages
* Advise system owners of current cyber security policies and concepts when designing, procuring, adopting, and developing systems throughout the system life cycle
* Ensure audit records are collected and analyzed in accordance with the SSP
* Lead efforts to conduct network, system, and application vulnerability scanning, configuration assessment, risk assessment, continuous monitoring, and remediation
* Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures
* Implement an effective IS security education, training, and awareness program, to include providing training
* Lead efforts to prepare for and participate in periodic organization compliance assessments
* Ensure account management occurs and related documentation is complete and updated
* Ensure configuration management is documented (change tracking, maintenance logs, etc.)

Core Responsibilties Con't

* Serve as a voting member of the Configuration Control Board (CCB)
* Oversee assigned Information System Security Officers (ISSOs) to follow established IS policies and procedures
* Will establish and maintain configuration management policies and procedures.
* Will ensure users and ISSOs are subject to an effective IS security education, training, and awareness program.
* Assume ISSO responsibilities in the absence of the ISSO and respond to off-hour emergencies as needed

Requirements:

* Bachelor's degree in Computer Science, Information Technology, Computer Information Systems, or relevant work experience or related field is required
* 5-7+ years of IT security experience in DoD Industrial Security is strongly desired
* Technical experience and skills, course work completed toward a degree, and industry IT certifications may be considered substitutes for education and DoD security experience
* Familiarity with Risk Management Framework (RMF), NISPOM Chapter 8, DAAPM, NIST SP 800-53r4 and other associated NIST publications is desired
* Technical experience and skills in securing multiple operating systems such as Windows Server and clients, Linux, Solaris, and virtualization technologies
* Ability to achieve DoD 8570 IAM Level II Baseline Certification within 6 months of appointment; preferably candidate possesses ISC2 CISSP
* Demonstrated capabilities in presenting ideas written and orally within a cross-functional environment required
* Prior experience working in a collaborative team environment desired
* Prior experience working with SIPRNet or other classified government networks is desired
* Position may require some local and overnight travel
* The successful candidate will be subject to pre-employment investigation and must meet all eligibility requirements for access to classified information including compartmented programs
* The ability to obtain and maintain a government (DoD) Top Secret security clearance is required

For Benefits Information, click http://hrweb.mit.edu/benefits

MIT Lincoln Laboratory is an Equal Employment Opportunity (EEO) employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability status, or genetic information; U.S. citizenship is required.

Requisition ID: 26457