Information Systems Security Manager

Information Systems Security Manager

Date: Dec 13, 2025
Location: Lexington, MA, US
Company: MIT Lincoln Laboratory

The Security Services Department’s overall mission is to identify and counter security threats to the MIT Lincoln Laboratory’s mission of developing game‑changing technology in support of National Security, including guarding against compromise by foreign intelligence agencies and insider threats. To accomplish this mission, the department formulates and implements policies, plans, and actions designed to protect facilities against threats of vandalism, accidental destruction, and sabotage;

and safeguards personnel, classified and unclassified information systems, personal identifiable information, property, and other assets from exploitation and recruitment by foreign intelligence agencies.

We foster a culture where security professionals are empowered to solve complex security problems in close collaboration with Laboratory research teams and Government counterparts. Our people are our most important resource, and we encourage a casual and flexible opportunity‑filled working environment that is technology‑focused. Where mission needs can be met, the Security Services Department encourages flexible schedules and hybrid remote work arrangements.

MIT Lincoln Laboratory is a Federally Funded Research and Development Center (FFRDC) whose mission is research in support of National Security.

• Mission – The SSD’s overall mission is to identify and counter cybersecurity threats to the Laboratory’s mission of developing game‑changing technology in support of national security, including guarding against compromise by foreign intelligence agencies and insider threats.
• Culture – We foster an inclusive, opportunity‑filled environment of empowered team members from diverse backgrounds.

As a SP Cybersecurity ISSM, you will provide expert management of all information security support to several independent Laboratory programs. You will serve as the primary focal point for all cybersecurity matters and have an in‑depth knowledge of computer security principles, practices, and procedures in order to execute a comprehensive Information Security program to meet both internal and external requirements.

• Lead and provide direct supervision to assigned Information Systems Security Officers (ISSO).
• Ensure work is prioritized consistently with work group and organization goals and objectives.
• Develop and maintain multiple System Security Plans (SSP) based on the Joint SAP implementation Guide (JSIG); ensuring systems are operated, maintained, and disposed of according to the approved SSP.
• Conduct security compliance audits and perform security vulnerability assessments on Laboratory information systems.
• Establish and maintain configuration management policies and procedures.
• Ensure users and ISSOs are subject to an effective information security education, training, and awareness program.
• Implement and test IT security policies/procedures as part of a fully integrated IT security program.
• Coordinate and participate in the investigation and mitigation of information system incidents.
• Assume ISSO responsibilities in the absence of the ISSO and respond to off‑hour emergencies as needed.
• Recommend and manage budget and other resource allocations required to securely operate and maintain an organization’s cybersecurity requirements.
• Provide technical documents, incident reports, findings from computer examinations, summaries, and other situational awareness information to key stakeholders.
• Recognize a possible security violation and take appropriate action to report the incident, as required.
• Assist the Program Managers in the development and maintenance of System Security Plans (SSP) and associated artifacts such as the Plan of Action & Milestones (POA&M), Risk Assessment Report, and Continuous Monitoring Strategy.
• Lead and align information technology (IT) security priorities with the security strategy.
• Prepare for and participate in periodic organization compliance assessments.
• Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of…