Cybersecurity Manager - Special Programs

The Security Department's overall mission is toidentifyand counter security threats to MIT Lincoln Laboratory's mission of development of game-changing technology in support of National Security, including guarding against compromise by foreign intelligence agencies and insider threats. Toaccomplishthis mission, this department formulates and implements policies, plans, and actions designed to protect facilities against threats of vandalism, accidental destruction, and sabotage; and safeguards personnel, classified and unclassified information systems, personal identifiable information, property, and other assets from exploitation and recruitment by foreign intelligence agencies.

We foster a diverse and inclusive culture where security professionals from a wide range of backgrounds are empowered to solve complex security problems in close collaboration with Laboratory research teams and Government counterparts. Our people are our mostimportant resource, and we encourage a casual and flexible opportunity-filled working environment that is technology-focused. Where mission needs can be met, the Security Services Department encourages flexible schedules and hybrid remote work arrangements.

MIT Lincoln Laboratory is a Federally Funded Research and Development Center (FFRDC) whose mission is research in support of National Security.

• Mission - The Security Services Department's (SSD) overall mission is to identify and counter security threats to the MIT Lincoln Laboratory's (MIT LL) mission of development of game-changing technology in support of national security, including guarding against compromise by foreign intelligence agencies and insider threats
• Culture - We foster an inclusive, opportunity-filled environment of empowered team members from diverse backgrounds

• 
  

  The Cybersecurity Manager (Special Programs) reports to the Security Services Department Deputy Chief Information Security Officer (DCISO) and serves as the primary focal point and supervisor for a team of Information System Security Managers (ISSMs) and Information Systems Security Officers (ISSOs) in support of the Laboratory's primary research sponsor.

  
  
  
  
  • You will provide leadership, management, and direction to ensure effective execution of the Special Programs cybersecurity program.
  • You are responsible for closely monitoring and overseeing the application of security principles and policies, to include the Risk Management Framework (RMF); Joint Special Access Program (SAP) Implementation Guide (JSIG) or its replacement; Intelligence Community Directive 503 (ICD-503); and Security Technical Implementation Guides (STIGs).
  • You are responsibilities include the daily oversight, close supervision, and work direction of the team, as well as providing superior customer assistance to Laboratory stakeholders. This position requires in-depth technical knowledge of computer security principles and practices in order to manage a comprehensive cybersecurity program servicing a diverse enterprise environment of ESXi, Linux, UNIX, Sun, and Windows systems.
  • You will closely monitor and oversee the development and review of all System Security Plans (SSP) produced by the team, ensuring systems are operated, maintained, and disposed of appropriately.
  • You are accountable for the execution of security compliance audits, the results of Government compliance inspections, and security vulnerability assessments on Laboratory and Government information systems, ensuring action is taken to address vulnerabilities and Plans of Action and Milestones (POA&Ms) in a timely manner, and meeting both internal governance and external sponsor requirements.
  • You are responsible for ensuring configuration management and continuous monitoring policies and procedures are established and maintained
  • You are responsible for ensuring team members participate in an effective cybersecurity education, training and awareness program.
  • You will directly conduct prospective candidate screening and hiring actions, participate in personnel retention efforts for assigned staff, and conduct other supervisory duties as assigned including scheduling and conducting interviews and identifying opportunities for professional staff development.
  
  
  
  

• Bachelor's degree in Computer Science, Information Technology, Computer Information Systems, or related discipline required with a minimum of ten (10) years' experience working in the Information Security field, preferably within Special Access and Sensitive Compartmented Information Programs.
• Must have a minimum of seven (7) years' leadership and supervisory experience in a DoD or Industrial Security environment, with demonstrated security process maturity outcomes.
• Must have demonstrated knowledge and experience with the National Industrial Security Program with a detailed thorough understanding of the DoD SAP/SCI Community and Intelligence Community requirements and directives, to include in-depth knowledge of Risk Management Framework (RMF), JSIG, ICD 503, NIST SP 800-53 and other associated NIST publications.
• Possess strong organizational skills and the ability to work and establish priorities under pressure in a self-directed, multi-tasking, fast-paced work environment.
• Technical experience and skills in securing multiple operating systems such as Windows Server and clients, Linux, Solaris, and virtualization technologies.
• Strong knowledge of network environments and various network infrastructure products such as routers and switches, Firewall/VPN equipment and Data Loss Prevention strategies utilizing Endpoint Security solutions.
• Demonstrated capabilities in leading cross-functional teams and presenting ideas written and orally within a collaborative team environment is required.
• Demonstrated ability to multitask projects/programs and to redirect priorities as needed.
• Must have excellent interpersonal communication, organizational, and customer service skills.
• Must have excellent oral, written, and presentation skills.
• Technical experience and skills, course work completed toward a degree, and industry IT certifications may be considered substitutes for education requirements.
• Position may require local and some overnight travel.
• ***The selected candidate will be subject to a pre-employment background investigation and must possess a current in scope Top Secret level security clearance with compartmented program eligibility.

• Experience working as an ISSM for Special Access Programs.
• Experience leading cybersecurity teams through multiple Government Core Compliance Inspections (CCIs) with successful scores.
• Experience in relationship-building, team building, and excellent Government sponsor communication.
• Cybersecurity Management certifications, such as CISSP, CISM, or IT auditor certification, such as the CISA or GNSA. Other relevant certifications, including DODM 8140 baseline certifications are viewed favorably.

You will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, thrive and belong.

• Leadership: Room to advance on your team or to lead cross-functional projects.
• Growth Opportunities: Potential for lateral and vertical movement.
• Education/Training: Management training, mentorship, in-house and external courses.
• Exposure: Engagement with sponsors, stakeholders, Laboratory leadership and other Departments and Divisions.
• Community: Participation is encouraged for Laboratory social events, Employee Resource Groups (ERGs), clubs and study groups, volunteering and community service projects.