Information Systems Security Manager (ISSM) at MITRE

| San Antonio, TX
Sorry, this job was removed at 3:14 a.m. (CST) on Saturday, April 16, 2022
Find out who's hiring in San Antonio, TX.
See all Operations jobs in San Antonio, TX
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges-and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day-working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities, and a culture of innovation that embraces diversity, inclusion, flexibility, collaboration, and career growth. If this sounds like the choice you want to make, then choose MITRE-and make a difference with us.

The Information Systems Security Department (A211) in the Global Security Services Division (A210) is seeking to fill one Information System Security Manager position. Provides IT and IA support for a system or enclave's information assurance program through security authorization activities in compliance with Risk Management Framework (RMF). Maintains operational security posture to ensure information systems (IS), security policies, standards, and procedures are established and followed. Performs vulnerability/risk assessment analysis to support Assessment & Authorization (A&A). Provides configuration management (CM) for information system security software, hardware, and firmware. Manages changes to system and assesses the security impact of those changes. Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, A&A packages, and Security Controls Traceability Matrix (SCTM).

Responsibilities include:
  • Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
  • Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
  • Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
  • Perform cyber defense trend analysis and reporting.
  • Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.
  • Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy.
  • Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity.
  • Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
  • Assess adequate access controls based on principles of least privilege and need-to-know.
  • Work with stakeholders to resolve computer security incidents and vulnerability compliance.
  • Provide advice and input for Disaster Recovery, Contingency, and Continuity of Operations Plans.
  • Plan and conduct security authorization reviews and assurance case development for initial installation of systems and networks.
  • Review authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application, system, and network.
  • Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations.
  • Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.
  • Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change.
  • Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).
  • Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
  • Assure successful implementation and functionality of security requirements and appropriate IT policies and procedures that are consistent with the organization's mission and goals.
  • Ensure that security design and cybersecurity development activities are properly documented (providing a functional description of security implementation) and updated as necessary.
  • Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
  • Provide secondary/tertiary FSO site support to include such duties occasional escorting, responding to after-hours alarms and physical security incidents.


Minimum Qualifications:
  • Applicants selected for this position will be subject to a government security investigation and must meet eligibility requirements for access to classified information or applicants who are eligible for security clearances.


Required Qualifications:
  • In accordance with DoD 8570.01M, the selected individual must meet the requirements of an IAM Level III as a condition of employment.
  • Strong interpersonal skills with effective verbal and written communication skills
  • Clear and structured thought processes and coherent decision-making skills
  • Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
  • Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
  • Ability to answer questions in a clear and concise manner.
  • Ability to ask clarifying questions.
  • Ability to function effectively in a dynamic, fast-paced environment
  • Motivation to expand knowledge and skills for self and others
  • BS in Computer Science/Cybersecurity/Information Technology or equivalent field of study and 5 years related experience
  • Possess and maintain an active Secret level security clearance


PreferredQualifications:
  • SME in network performance engineering, advanced data transport, secure networking, embedded networking, NIST SP 800-53, NIST SP 800-171
  • Proven success with recruiting and retaining technical talent
  • Proven success building relationships with partners and stakeholders
  • MS in Computer Science/Cybersecurity/Information Technology or equivalent field of study and 8 years related experience
  • Possess and maintain a Top Secret level security clearance


This requisition requires the candidate to have a minimum of the following clearance(s):
Secret

This requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s):
Top Secret

MITRE requires all employees to be fully vaccinated against COVID-19. Newly hired employees must be fully vaccinated prior to their employment start date. MITRE will provide reasonable accommodation to those with a medical condition, disability or a sincerely held religious belief that prevents them from receiving a vaccine so long as it does not create an undue hardship for MITRE and/or does not pose a direct threat to the health or safety of the employee or others in the workplace.

MITRE is proud to be an equal opportunity employer. MITRE recruits, employs, trains, compensates, and promotes regardless of age; ancestry; color; family medical or genetic information; gender identity and expression; marital, military, or veteran status; national and ethnic origin; physical or mental disability; political affiliation; pregnancy; race; religion; sex; sexual orientation; and any other protected characteristics. For further information please visit the Equal Employment Opportunity Commission website EEO is the Law Poster , EEO is the Law Poster-Supplement and Pay Transparency .

MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE's employment process, please contact MITRE's Recruiting Help Line at 703-983-8226 or email at [email protected]

Copyright © 1997-2021, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.
Benefits information may be found here
More Information on MITRE
MITRE operates in the Healthtech industry. The company is located in McLean, VA and Bedford, MA. MITRE was founded in 1958. It has 9188 total employees. It offers perks and benefits such as Flexible Spending Account (FSA), Disability Insurance, Dental Benefits, Vision Benefits, Health Insurance Benefits and Life Insurance. To see all 20 open jobs at MITRE, click here.
Read Full Job Description
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Similar Jobs

Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView MITRE's full profileFind similar jobs