Information System Security Officer

About The Position

Requirements

• Secret Clearance with the ability to obtain and maintain a Top-Secret clearance.
• Must be a U.S. Citizen.
• Successfully pass a background check and must meet all eligibility requirements for access to classified information.
• BS degree in Computer Science, Information Technology, Computer Information Systems, or related discipline is preferred
• A minimum of 4 years of IT security experience in DoD Industrial Security is preferred
• Possess a DoD 8570.01-M IAM I baseline certification (e.g. CompTIA Security+), or be able to obtain one within 6 months of hire
• Technical experience, skills, and course work completed towards an Undergraduate Degree, or industry IT certifications may be considered in lieu of education or DoD security experience requirements
• Familiarity with the NISPOM, DAAPM, and NIST RMF is required
• Experience and familiarity with multiple operating systems such as Windows Server 2012 and 2016, Windows 7 and 10, Red Hat Enterprise Linux, Ubuntu, Mac, etc.
• Demonstrated experience with vulnerability scanning and auditing tools and processes is required
• Excellent written and verbal communication skills are required

Nice To Haves

• Experience with virtualization technologies is preferred
• Technical experience securing networks and systems utilizing DISA STIGs and/or SRGs is highly desired
• Strong interpersonal skills and be able to manage stress in a professional manner.
• Knowledgeable in computer security principles and policies, to include the Risk Management Framework (RMF), Security Technical Implementation Guides (STIGs), National Industrial Security Program Operating Manual (NISPOM), and Defense Counterintelligence Security Agency (DCSA) Assessment and Authorization Process Manual (DAAPM).
• Strong technical skills and be able to respond to off-hours emergencies.
• Position requires occasional local and overnight travel.

Responsibilities

• Provide information systems security support to several independent MIT Lincoln Laboratory programs.
• Assist in the security configuration and management of collateral classified systems and networks in a variety of traditional and virtual environments including Linux, Unix, Sun, Mac, and Windows.
• Assist the Information System Security Manager (ISSM) in the development and maintenance of System Security Plans (SSP) and associated artifacts such as the Plan of Action & Milestones (POA&M), Risk Assessment Report, and Continuous Monitoring Strategy.
• Ensure systems are operated, maintained, and disposed of in accordance with organization security policies and procedures.
• Collect, analyze, and store system audit records.
• Track audit findings and recommendations to ensure appropriate mitigation actions are taken.
• Conduct network, system, and application vulnerability scanning, configuration assessment, and remediation.
• Prepare for and participate in periodic organization compliance assessments.
• Ensure account management documentation is complete and updated.
• Maintain configuration management documentation (change tracking, maintenance logs, etc.).
• Serve as a member of the Configuration Control Board (CCB) as needed.

Benefits

• Comprehensive health, dental, and vision plans
• MIT-funded pension
• Matching 401K
• Paid leave (including vacation, sick, parental, military, etc.)
• Tuition reimbursement and continuing education programs
• Mentorship programs
• A range of work-life balance options