Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges—and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day—working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities, and a culture of innovation that embraces diversity, inclusion, flexibility, collaboration, and career growth. If this sounds like the choice you want to make, then choose MITRE—and make a difference with us.
Department Summary:
Join MITRE’s corporate Information Security team and be at the forefront of security operations. Take the lead in defending MITRE against everything from fraud to ransomware to Advanced Persistent Threats (APT). Working for the CISO and with other senior InfoSec leaders, provide strategic and tactical guidance to continuously improve MITRE’s protect, detect, and respond triad. Lead a threat informed defense - go beyond mere technology and tools to develop and use current and new practices like threat sharing, deception, and advanced research into adversary behavior. Experienced, motivated, self-starting, continuously learning candidates will enjoy working in a tight-knit team and having the ability to influence the direction of our cyber defense capabilities.
We are seeking a Department Manager to lead and grow the Cyber Operations of our Information Security team. The DM will be responsible for refining the department’s mission, vision, and goals; and setting the technical direction of the Department's capabilities. The Department Manager will be responsible for attracting, developing, and retaining an outstanding workforce. The department manager will also oversee all aspects of project and department performance, technical quality, development, and budget.
Roles and Responsibilities:
Technical Leadership
* Ensure the execution of services responsible for the cyber defense of MITRE.
* Practice threat informed defense – promote effectiveness and efficiency through systematic prioritization of security threats, vulnerabilities, and other issues.
* Promote technical quality - assess quality of InfoSec operations and related work including detection and control effectiveness, training and awareness, incident monitoring and response, and threat intelligence.
* Represent InfoSec Operations needs with the Chief Engineers to integrate key security drivers; business strategy and need, contractual compliance, security and defensive operations to develop a consistent and coherent approach to security across MITRE.
* Contribute to InfoSec’s program of active engagement with CIO projects, specializing on those which impact security operations, and ensuring new IT is integrated into the security architecture designed for the protection, detection, and reaction tools.
* Facilitate innovation and research by being an integration point between InfoSec and CIO innovation programs, work program initiatives, the MITRE IR&D Program, and other innovation efforts.
* Lead the evolution of InfoSec’s defensive security architecture, monitoring and incident response operations, and our threat sharing and analysis work.
Partnership
* Foster integration and collaboration with the corporate IT functions.
* Share lessons learned and operational insights with other MITRE cyber practitioners, researchers, and MITRE’s customers.
* Promote cyber community enhancing practices such as threat sharing, ISAC participation, etc.
Staff Development
* Define strategy and execution for recruiting and hiring.
* Promote InfoSec mentoring, especially for specialized operational skills.
* Lead performance calibration and division development goal setting.
* Foster an environment of innovation, technical leadership, collaboration, camaraderie, and technical quality.
* Ensure department staff stay current in their knowledge of emerging trends and technologies through training and strategic staffing.
* Ensures delivery of regular, constructive feedback and developmental support to staff.
Basic Qualifications:
* In-depth experience with security group operations, including areas such as continuous monitoring of systems and alarms, incident response, workflow management, etc.
* Extensive experience and expertise with cyber operations theory, approaches, and supporting technologies including threat informed defense, cyber deception, cyber threat analysis and information sharing.
* Experience, thorough familiarity with, and demonstrated success understanding and staying technically current in multiple key security areas such as defending corporate perimeters and Internet facing systems, both on-prem and cloud.
* Defending user workstations in a variety of configurations including and zero trust.
* Next gen technology such as application aware firewalls, EDR, Zero Trust.
* Strong analytical skills. Demonstrated ability to decompose complex technical problems into manageable portions, identify driving factors in technical decisions.
* Extensive experience with operational design and tradeoffs balancing interests of business need and risk tolerance.
* Experience with operational security product and service evaluations.
* Demonstrated success in leading deeply technical InfoSec teams.
* Demonstrated success working with people and coaching talent.
* Strong technical writing, editing, and presentation skills including demonstrated ability to articulate complex technical topics and recommendations.
* The ability to obtain and maintain a Secret Clearance.
* This position requires a minimum of 50% hybrid on-site.
Preferred Qualifications:
* Demonstrated track record in building strong internal and external partnerships.
* Familiarity with non-operational corporate information security practices, including policy and governance, user training and education, and risk management.
* Familiarity with MITRE organizational structure, management practices, work programs, and corporate strategy.
* Typically requires a minimum of 7 years of related experience with an applicable Bachelor’s degree; or 5 years and an applicable Master’s degree, or equivalent combination of related education and work experience.
* MITRE Site locations are being considered however being connected to one of the campuses would be a strong preference. This role will need to participate in team building, liaison work, and other job responsibilities which could require a candidate based at a site location to incur a high amount of travel.
* Top Secret Clearance.
Work Location Type: Hybrid
MITRE is proud to be an equal opportunity employer. MITRE recruits, employs, trains, compensates, and promotes regardless of age; ancestry; color; family medical or genetic information; gender identity and expression; marital, military, or veteran status; national and ethnic origin; physical or mental disability; political affiliation; pregnancy; race; religion; sex; sexual orientation; and any other protected characteristics.
MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE’s employment process, please email recruitinghelp@mitre.org.
#J-18808-Ljbffr