Sign In
 [New User? Sign Up]
Mobile Version

Sr. Cyber Security Engineer

MITRE


Location:
Bedford, MA
Date:
02/05/2018
2018-02-052018-03-17
MITRE
  •  
  • Save Ad
  • Email Friend
  • Print

Job Details

Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challengesand we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every dayworking for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities, and a culture of innovation that embraces diversity, inclusion, flexibility, collaboration, and career growth. If this sounds like the choice you want to make, then choose MITREand make a difference with us.


 


Join MITRE InfoSecs fast paced Architecture & Engineering team and be at the forefront of security management in technology deployments. Take the lead in helping MITRE demonstrate technical innovation while preserving corporate defenses against Advanced Persistent Threats (APT). Become MITREs threat based security expert for specific current and emerging technologies including in the areas of mobility, cloud, and collaboration. Motivated, self-starting, continuously learning candidates will enjoy the best of both working in a tight-knit team and having individual responsibility and independence.


 


Key Functions of the Role


  • Lead security reviews of Internet facing prototypes and services


  • Guide corporate IT: co-engineering secure corporate architectures and systems


  • Advise sponsor projects on how to implement strong, MITRE compliant security


  • Assess the security and/or vulnerability of deployed systems using tools and adversary Tactics, Techniques, and Procedures (TTPs)


  • Assess the security and privacy posture of MITRE vendors


  • Collaborate with / advise Sponsors or sponsor-related projects in areas of technical expertise


Minimum Qualifications


BS and 3 years of related experience


 


Required Qualifications


  • Network level security knowledge (e.g., firewalls, VLANs, SSL/TLS)


  • Host level security knowledge (e.g., Windows, Mac OS, and/or *nix)


  • Understanding of Confidentiality, Integrity, and Availability concepts and how IT security practices improve them

     

Preferred Qualifications


  • Familiarity with risk management methodology, evaluating risks against business requirements, determining probability and impact of weaknesses based on knowledge of the system or environment and TTPs used by adversaries that target MITRE


  • Mobile security knowledge (e.g., use of sandbox applications, brokered/virtualization options, device security, bring your own device (BYOD) considerations, MDM familiarity, iOS/JAMF use)


  • Cloud deployment experience or cloud security knowledge with Azure or AWS


  • Familiarity with assessment tools such as Nessus, Security Center, Acunetix, Burp proxy, and nmap


  • Advanced Network level security knowledge (802.1x, MPLS, Layer7-aware devices)


  • Application level security knowledge (CWEs, SQL Injection, XSS, Buffer Overflows, etc.) and ability to manually test & create proof of concept exploits against a vulnerable application