Cyber Security, Senior

Full Time
Bedford, Massachusetts
report a problem

Working at MITRE
Use your skills and passion to build a career that makes you proud. 
The MITRE InfoSec Policy & Compliance team seeks a passionate, conscientious, and customer-focused individual to help drive the creation, implementation, and operations of our standards based compliance program that blends the need for compliance with a threat-based defense. Take the lead in working with key MITRE stakeholders across the Corporation to communicate compliance requirements and to understand their environments and security controls. Perform risk assessments on control gaps and be an opinion leader on maturing our compliance and policy program. The P&C team is comprised of dedicated individuals committed to continuously improving MITRE’s security posture and supporting our internal customers in successfully executing MITRE’s multiple sponsor missions.

Key Functions   
  • Help drive the creation, implementation, and operation of a standards based compliance program that blends the need for compliance with a threat-based defense
  • Work with key stakeholders (CI&T, labs) to communicate compliance requirements and help them document how they are meeting the required security controls
  • Review stakeholder responses to control procedures and determine gaps/issues 
  • Assess risks posed by proposed policy exceptions
  • Interpret policy for business use cases
  • Develop and maintain InfoSec policies, standards, and procedures, working with key stakeholders to ensure business needs are considered
Location               MA,VA: Bedford or McLean

Required Skills: 
  • Knowledge of InfoSec policy frameworks
  • Broad understanding of InfoSec best practices across all security domains
  • Technical knowledge of networks, operating systems, and/or applications
  • Strong writing & communication skills, with attention to details
Preferred Qualifications
  • Knowledge of security standards (e.g., NIST 800-53, NIST 800-171)
  • Knowledge of IT provided services and systems
  • Hands-on experience with the RSA Archer eGRC tool
  • Experience conducting policy compliance audits
  • Familiarity with advanced cyber adversary tactics, techniques, and procedures
Minimum Education/ Experience              BS and 3 years related experience.
Travel Statement             *This position will require overnight travel up to 10 % of the time as well as some local travel.
Clearance            Secret
Clearance Statement     
Applicants selected for this position will be subject to a government security investigation and must meet eligibility requirements for access to classified information or applicants who are eligible for security clearances.

Relocation Assistance Provided   No
Career Level                                           Experienced
Professional Area                               Cyber Security
Req ID                                                        29342BR

Share this job:


It's about helping our nation move forward.
The MITRE Corporation is a not-for-profit organization that operates research and development centers sponsored by the federal government. Our centers support our sponsors with scientific research and analysis, development and acquisition, and systems engineering and integration. We also have an independent research program that explores new and expanded uses of technologies to meet our sponsors’ needs. Our principal locations are in Bedford, Mass., and McLean, Va. To learn more, visit

System Engineering, Information Technology, Health IT, Cybersecurity
Visit MITRE Corp.'s Social Media pages:
Company Industry: Information Technology and Services
Company Type: Non Profit
Company Size: 5,001-10,000