Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges—and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day—working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities, and a culture of innovation that embraces diversity, inclusion, flexibility, collaboration, and career growth. If this sounds like the choice you want to make, then choose MITRE—and make a difference with us.

Department Summary:

The Cybersecurity Risk Management Department (A211) within the Global Security Services Division (A210) is looking to fill a Senior Information Systems Cyber Engineer position, with a focus on classified environments. The selected candidate will support multiple sponsors by providing Information Assurance and Cybersecurity services specifically for classified systems.

The ideal candidate will thrive in a fast-paced, collaborative environment, working with cutting-edge technology and contributing to advanced security concepts in classified settings. We seek a proactive individual to lead efforts in integrating security into large engineering projects and acquisition initiatives.

Success in this role requires expertise in a wide range of cybersecurity topics, including strategy, planning, policies, procedures, governance, management, protection, detection, mitigation, and cyber and military operations. Strong verbal and written communication skills are essential for presenting findings, making actionable recommendations, and sharing innovative ideas with Senior Government Sponsors

Roles & Responsibilities:

The Senior Information Systems Cyber Engineer provides technical support and engineering for a computing system’s technical posture operating in an isolated enclave consisting of high-performance computer environments as well as celestial and terrestrial labs. System architecture will adhere to strict information security guidelines established by the supported sponsor. The successful candidate will work closely with project engineers and security staff to maintain operations and security of multiple servers and workstations on a LAN or WAN. Demonstrate strong problem-solving skills to establish appropriate mitigation strategies to ensure systems are operated within security requirements. The successful candidate will design, install, configure, troubleshoot, and maintain client/server configurations to ensure confidentiality, integrity, and availability based on the security profile of each system. Manage user/computer accounts, active directory, group policy, networking equipment, firewalls, cryptographic equipment, secure telephone, and video telecommunications equipment. Responsible for establishing and maintaining a system or specific components of a system. Responsible for the analysis and development of the integration, testing, operations, and maintenance of a system’s security. Will assist during external security inspections and ensure compliance through Security Technical Implementation Guides and associated configuration requirements.

Responsibilities include:

• Work with project engineers and security staff to determine requirements for server, workstation, and network configurations/software. Independently plan rollouts, implementations, and maintenance of systems

• Setup, installation, and administration of Windows and Linux to include configuration management, logs/audits, disk volumes and network shares, networking configuration, credentials and authentication, backups, and centralized log monitoring

• Setup, install, configure, and optimize tools for monitoring and cybersecurity defense, including Splunk, Trillex, etc.

• Identify and recognize systemic system issues and troubleshoot/resolve remediation

• Provide end-user support to ensure systems are available and ready for intended use

• Assist ISSM/ISSO with coordination between sponsors, MITRE project leaders, and MITRE’s accreditation officials to obtain formal accreditation to operate classified information systems.

• Develop and maintain infrastructure in a mixed Linux and Windows environment

• Research new hardware / software products to acquire life cycle replacements and maintain software licenses to support project requirements and to comply with government regulations

• Apply best practices and RMF/STIG security controls to maintain the security of information systems processing classified information

• Maintain logs on workstations, servers, routers, firewalls, switches, etc. to include system upgrades

• Update servers, clients, applications, antivirus updates, maintain Active Directory, DNS, Continuous Monitoring logging, SCAP, ACAS, DLP, NIDS, HIDS, etc.

• Design group policies and access control lists to ensure compatibility with organizational standards, business rules, and needs while considering all applicable DISA GPO configurations

• Develop and document systems administration standard operating procedures.

• Maintain baseline system security configuration according to organizational policies, DISA STIGs

• Manage accounts, network rights, and access to systems and equipment.

• Plan, execute, and verify data redundancy and system recovery procedures.

• Provide ongoing optimization and problem-solving support.

• Conduct periodic system maintenance including cleaning (both physically and electronically), disk checks, routine reboots, data dumps, and testing.

• Manage system/server resources including performance, capacity, availability, serviceability, and recoverability.

• Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.

• Document and escalate incidents (including event’s history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.

• Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity.

• Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).

• Work with stakeholders to resolve computer security incidents and vulnerability compliance.

• Provide advice and input for Disaster Recovery, Contingency, and Continuity of Operations Plans.

• Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations.

• Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).

• Ensure that plans of actions and milestones or remediation plans are addressed within established time periods to resolution

• Assure successful implementation and functionality of security requirements and appropriate IT policies and procedures that are consistent with the organization's mission and goals.

• Ensure that security design and cybersecurity development activities are properly documented (providing a functional description of security implementation) and updated as necessary.

• Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).

• Other duties as assigned.

Basic Qualifications:

• Typically requires a minimum of 5 years of related experience with a Bachelor’s degree; or 3 years and a Master’s degree; or a PhD with relevant experience who can immediately contribute at this job step; or equivalent combination of related education and work experience.

• Active Top Secret/SCI clearance

• In accordance with DoD 8570.01M, the selected individual must meet the requirements of an IAT Level II as a condition of employment.

• On-site 5 days per week.

Preferred Qualifications:

• Active Top Secret/SCI/Polygraph clearance

• Experience installing, configuring, and administering Linux/Windows systems in an enterprise environment

• Experience with Windows Active Directory and/or Linux Identity Management environments

• Experience with RMF, CNSSI 1253, NIST SP 800-53, and NISPOM. Experience with Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker (SCC). Knowledge of Information Assurance Vulnerability Alerts (IAVAs).

  This requisition requires the candidate to have a minimum of the following clearance(s):

Top Secret/SCI

This requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s):

Top Secret/SCI/Polygraph

Work Location Type:

Onsite

MITRE is proud to be an equal opportunity employer. MITRE recruits, employs, trains, compensates, and promotes regardless of age; ancestry; color; family medical or genetic information; gender identity and expression; marital, military, or veteran status; national and ethnic origin; physical or mental disability; political affiliation; pregnancy; race; religion; sex; sexual orientation; and any other protected characteristics. For further information please visit the Equal Employment Opportunity Commission website EEO is the Law Poster (https://www.eeoc.gov/sites/default/files/2022-10/22-088_EEOC_KnowYourRights_10_20.pdf) and Pay Transparency (https://www.dol.gov/sites/dolgov/files/OFCCP/pdf/pay-transp_%20English_formattedESQA508c.pdf) .

MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE’s employment process, please email recruitinghelp@mitre.org .

Copyright © 2024, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.

Benefits information may be found here (https://careers.mitre.org/us/en/benefits)