MITRE Corporation - Bedford, MA
posted 6 months ago
About the position
At MITRE, we are dedicated to addressing our nation's most pressing challenges while ensuring the long-term well-being of our employees. As a not-for-profit corporation, we operate without commercial conflicts, focusing solely on the public interest. Our R&D centers work on impactful projects across various fields, including cybersecurity, healthcare, aviation, defense, and enterprise transformation. We strive to create a safer, healthier, and more secure nation and world through our innovative work. The MITRE InfoSec organization is responsible for the unclassified information security program, encompassing both operational and service functions. This role is part of our Operations team within the Defensive Innovation Group, which is tasked with preventing, detecting, and responding to cyber adversaries. The group is focused on developing new methods and capabilities to enhance MITRE's defenses against advanced cyber threats. We are seeking motivated individuals who are passionate about advancing cybersecurity and making a difference in this critical field. In this position, you will be responsible for developing new capabilities to improve MITRE InfoSec's ability to prevent, detect, and respond to cyber threats. You will leverage machine learning to identify novel attacks and utilize automation platforms to enhance detection and accelerate response times. Additionally, you will develop analytics from various data sources, including cloud, server, endpoint, and network data, to detect signs of intrusion and automate daily tasks to improve the efficiency and effectiveness of our Security Operations Center (SOC).
Responsibilities
- Develop new capabilities to enhance MITRE InfoSec's ability to prevent, detect, and respond to cyber threats.
- Leverage machine learning to detect new and novel attacks.
- Use automation platforms to enhance detection and accelerate response to cyber threats.
- Develop analytics from cloud, server, endpoint, and network data to detect signs of intrusion.
- Automate daily tasks to improve SOC's efficiency and effectiveness.
Requirements
- Bachelor of Science (or equivalent experience) in Cybersecurity, Software Engineering, Computer Science, Computer Engineering, or related engineering disciplines and 5 years of related experience in defensive cybersecurity operations, cyber incident response, analytic development, capability development, or software engineering.
- Proficiency in Python or comparable modern language.
- Ability to obtain and maintain a DoD Secret clearance.
Nice-to-haves
- Master of Science (or equivalent experience) in Cybersecurity, Software Engineering, Computer Science, Computer Engineering, or related engineering disciplines and 4+ years of related experience in defensive cybersecurity operations, cyber incident response, analytic development, capability development, or software engineering.
- Active Secret clearance.
- Machine Learning/Artificial Intelligence experience.
- Use of ML/AI tools or libraries, e.g. PyTorch, Pandas, Scikit-learn, TensorFlow, or Splunk MLTK.
- Development of ML-based detections or analytics.
- Cloud Development experience with Amazon Web Services, Azure, M365.
- Interfacing with cloud services via API.
- Deploying capabilities on IaaS, PaaS, or SaaS platforms.
- Experience building cloud cybersecurity analytics or response capabilities.
- Experience with Security, Orchestration, Automation and Response (SOAR) tools.
- Experience developing on Splunk platform.
Benefits
- Competitive benefits
- Exceptional professional development opportunities
- Culture of innovation that embraces diversity, inclusion, flexibility, collaboration, and career growth
