Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges—and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day—working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities for career growth, and a culture of innovation that embraces adaptability, collaboration, technical excellence, and people in partnership. If this sounds like the choice you want to make, then choose MITRE - and make a difference with us.

The Global Security Services is looking to fill a Lead Information Systems Cyber Engineer position, with a focus on unclassified environments within the Enterprise Technology (ET). The selected candidate will ensure NIST SP 800-171 and CMMC L1/L2 compliance requirements are met for all Corporate unclassified assets. 

The ideal candidate will thrive in a fast-paced, collaborative environment, working with cutting-edge technology and contributing to advanced security concepts for unclassified systems that store, process or transmit Controlled Unclassified Information (CUI) . We seek a proactive individual to lead efforts in integrating security and compliance into both on-premise and cloud-based systems, applications and services.

Roles & Responsibilities:

Ability to direct projects and assign, communicate tasks effectively to junior staff. 

Communicate effectively with senior department management; weekly status reports, problem/issue escalations.

Build effective working relationships with InfoSec, Enterprise Technology (ET) staff, ET management regarding compliance policies/procedures and implementation.

Lead the strategy on responding to Cyber Operational Readiness Assessments, etc., improve risk ratings, and develop strategic plans for overall assessment procedures, policies, etc.

Partner with System Administrators and InfoSec to improve on process, policies protecting assets.

Provide Compliance subject matter expertise to internal supporting the security and protection of new and existing technologies.

Maintain operational security posture for all Corporate ET information systems. 

Apply Cybersecurity policies, principles, and techniques to maintain security integrity of information systems processing Controlled Unclassified Information (CUI).

Utilize security tools to enhance protection of information systems and data.

Improve compliance documentation, documentation maintenance/modifications.

Basic Qualifications:

Typically requires a minimum of 8 years of related experience with a Bachelor’s degree; or 6 years and a Master’s degree; or a PhD with 3 years’ experience; or equivalent combination of related education and work experience.

Active Secret level security clearance or ability to obtain Secret level security clearance.

Experience with Risk Management Framework (RMF), NIST SP 800-53, NIST SP 800-171, NIST SP 800-171A, DHS 4300A, CMMC L1 & L2 compliance, Security Technical Implementation Guides (STIGs).

Maintain operational security posture to ensure information systems security policies, standards, and procedures are established and followed. Recommend and implement security controls based on cybersecurity principles and tenets including NIST SP 800-171, NIST SP 800-171A NIST SP 800-53, DHS 4300A as required.

Conduct comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an IT system to determine the overall effectiveness of the controls.

Provide configuration management (CM) oversight for information system security software, hardware, and firmware. Manage security-related changes to information systems and assess the security impact of those changes to security architecture.

Assist Enterprise Technology (ET) staff in the creation and review of control implementation response documentation in Compass.

This position requires a minimum of 50% hybrid on-site work schedule

Preferred Qualifications:

Performs vulnerability/risk assessment analysis.  Executes credentialed vulnerability scans using Nessus; analyzes, interprets, and generates reports on results.

Perform system log audits. Be the Subject Matter Expert (SME) for all logging activities (log, track, and report) in all information systems.

Working knowledge of tools used within the compliance team including: CrowdStrike, CyberArk, Axonius, Compass, InfoBlox, Splunk

This requisition requires the candidate to have a minimum of the following clearance(s):

Secret

This requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s):

Secret

Work Location Type:

Hybrid

MITRE is proud to be an equal opportunity employer. MITRE recruits, employs, trains, compensates, and promotes regardless of age; ancestry; color; family medical or genetic information; gender identity and expression; marital, military, or veteran status; national and ethnic origin; physical or mental disability; political affiliation; pregnancy; race; religion; sex; sexual orientation; and any other protected characteristics. For further information please visit the Equal Employment Opportunity Commission website EEO is the Law Poster and Pay Transparency.

MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE’s employment process, please email recruitinghelp@mitre.org.

Copyright © 2025, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.

\nBenefits information may be found here