Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges—and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day—working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities, and a culture of innovation that embraces diversity, inclusion, flexibility, collaboration, and career growth. If this sounds like the choice you want to make, then choose MITRE—and make a difference with us.

Department Summary:

The CI Assessments, Analytics, and Resiliency department is focused on defending and strengthening our nation’s critical infrastructure. We support a full range of defensive operations and activities including threat-informed risk assessment and mitigation, adversary hunting, and detection engineering with a special focus on operational technology (OT). It is the expertise in OT and knowledge of threats and security controls and technique that differentiates the department’s work from traditional information technology cybersecurity.The department also brings this specialized knowledge to other domains of security and safety engineering including resilience engineering and infrastructure susceptibility assessments. The department is continuously developing, refining, and tailoring capabilities to meet the needs and special requirements and constraints when working with operational technologies in critical infrastructure. The department moves the state of the art in securing CI by sharing our thought leadership both within and outside of MITRE via TEMs, conferences, presentations, and publications. This is how the CI Assessments, Analytics, and Resiliency department helps create a world with safe and resilient cyber infrastructure.

MITRE is a not-for-profit focused on impact, not revenue. Our mission-driven teams work across MITRE’s R&D centers in the federal civilian and national security space, partner with industry to solve hard problems, and collaborate with the public to build open-source software.

Job Description:

MITRE’s Cyber Infrastructure Protection Innovation Center is seeking a technical Capability Area Lead (CAL) for Critical Infrastructure Resiliency and Safety. The CAL will be a member of the department leadership team responsible for generating work, advising on technical capabilities, and mentoring in the area of Critical Infrastructure Resiliency and Safety. They will directly shape and impact sponsor relationships, staff, and the department as a whole. The CAL will be a member of the CI Assessments, Analytics, and Resiliency department. In addition to their focus on building Critical Infrastructure Resiliency and Safety capabilities, they will maintain expertise in Operational Technology, Control Systems, Mobile, or 5G cybersecurity.

This CAL will focus on work that ensures critical infrastructure operations can be done safely, securely, and reliably even in contested environments, through assessments, analysis, and engineering of applications, devices, communications, and supporting infrastructure. Critical Infrastructure owners vary greatly in their understanding of system design and associated risks. Using passive and active data collection methods, this CAL will understand how to perform system validation (e.g., identifying assets, data ingress/egress points, etc). and using available threat intelligence which will facilitate a systematic risk approach to remediating any identified gaps. Using formalized and repeatable assessments, cross-cutting gaps can be identified and prioritized for remediation, research, and innovation. The CAL will maintain an understanding of the current threat landscape and acquire/develop the training and tooling necessary to stay current on adversary TTPs.

Responsibilities include:

• Generating Impact and Value by leveraging deep technical and operational domain knowledge, cross-community partnerships, state-of-the-art labs and services, and world class staff to develop solutions and drive outcomes in support of our sponsors.

• Creating Impactful Work – CALs are our focal point for a technical capability area and are called upon to represent MITRE’s work to sponsors, vendors, and the larger cybersecurity community. CALs generate a vision for how MITRE’s work in the capability area should grow, advance, and have an impact on the ecosystem. CALs work with other business functions to develop and oversee research tasks which align with division-level strategies. CALs are expected to work with Technical Integrators (TIs) and Innovation Area Leaders (IALs) to help shape ideation. CALs will suggest when MITRE should enter or transition out of a specific technology space to ensure MITRE continues to focus on impactful projects.

• Develop our people – CALs are uniquely positioned to develop opportunities for community growth in their capability areas through project work, on the job training, formal training and education, external partnerships, and mentoring.

• Advise across MITRE – CALs create and curate a community of professionals at MITRE that perform work in Critical Infrastructure Resiliency and Safety. CALs facilitate knowledge sharing across their community. They remain aware of multiple capability areas throughout the company and seek opportunities to integrate capabilities to drive impact for our sponsors. CALs collaborate with Project Leaders, Principal Investigators, Chief Engineers, TIs, and IALs across MITRE to move Critical Infrastructure Resiliency and Safety forward. CALs coordinate with Project Leaders to provide technical oversight and shape work.

• Represent MITRE externally – CALs will publicly represent MITRE and will coordinate with MITRE’s corporate communications, vendors, sponsors, and external partners to shape the larger ecosystem. CALs will be involved with recruitment of talent.

Basic Qualifications:

• Degree in Cybersecurity, Electrical Engineering, Computer Science, Computer Engineering, Chemical Engineering, Safety Engineering, or related field

• Requires a minimum of 10 years of related experience with a Bachelor’s degree; or 7 years and a Master’s degree; or a PhD with 4 years’ experience; or equivalent combination of related education and work experience.

• At least 10 years of professional experience in OT cybersecurity or a related field

• Applicants selected for this position will be subject to a government security investigation and must meet eligibility requirements for access to classified information or applicants who are eligible for security clearances.

• Familiarity with methodologies/processes for risk, safety, and failure analysis of process control systems and operational technologies (e.g., Process Hazard Analysis [PHA], Failure Modes, and Effects Analysis [FMEA], Consequence-Driven, Cyber-Informed Engineering [CCE], etc.)

• Expertise in Operational Technology cybersecurity

• Experience in conducting site assessments

• Experience in conducting tabletop exercises

• Willingness to work cross-functionally across MITRE divisions and externally to develop and generate impact within Critical Infrastructure Resiliency and Safety

• Able to obtain a Top Secret clearance

Preferred Qualifications:

• Familiarity with MITRE developed methodologies security and resilience analysis, including Crown Jewels Analysis, Threat-Informed Failure Scenarios, Adversary-driven Cyber Resilience (ACR), Tabletop Scenarios (TTXs)

• Familiarity with security frameworks, for example NIST Cybersecurity Framework (CSF), NERC Critical Infrastructure Protection (CIP), NIST Special Publication 800-53, ISO 27001, Collection Management Framework, NIST Risk Management Framework (RMF), etc.

• Current, or ability to obtain, a Top Secret or higher clearance

• Industry forum / association participation

• Industry or research experience in the rail sub-sector or the water sub-sector

This requisition requires the candidate to have a minimum of the following clearance(s):

None

This requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s):

Top Secret

Salary compensation range and midpoint:

$168,500 - $210,500 - $252,500 Annual

Work Location Type:

Hybrid

MITRE is proud to be an equal opportunity employer. MITRE recruits, employs, trains, compensates, and promotes regardless of age; ancestry; color; family medical or genetic information; gender identity and expression; marital, military, or veteran status; national and ethnic origin; physical or mental disability; political affiliation; pregnancy; race; religion; sex; sexual orientation; and any other protected characteristics. For further information please visit the Equal Employment Opportunity Commission website EEO is the Law Poster (https://www.eeoc.gov/sites/default/files/2022-10/22-088_EEOC_KnowYourRights_10_20.pdf) and Pay Transparency (https://www.dol.gov/sites/dolgov/files/OFCCP/pdf/pay-transp_%20English_formattedESQA508c.pdf) .

MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE’s employment process, please email recruitinghelp@mitre.org .

Copyright © 2024, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.

Benefits information may be found here (https://careers.mitre.org/us/en/benefits)