Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges-and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day-working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities for career growth, and a culture of innovation that embraces adaptability, collaboration, technical excellence, and people in partnership. If this sounds like the choice you want to make, then choose MITRE - and make a difference with us. Department Summary: The Risk Management & Analysis (RMA) Department, part of MITRE's Enterprise Risk Management (ERM) Division, focuses on identifying and mitigating threats to the company's critical resources. These threats, posed by foreign adversaries, malign actors, and emerging conditions, can impact MITRE's missions, relationships, contracts, and business pursuits within the U.S. government and global markets. The Strategic Program Protection (SP2) Group within RMA safeguards MITRE's most critical and sensitive work, ensuring the delivery of uncompromised solutions for the nation's most pressing challenges. Position Description: The Program Protection Lead within SP2 will apply a multidisciplinary approach to analyze criticality for MITRE operations and programs. This role involves assessing threats and vulnerabilities, characterizing risk for business leaders, and developing cost-effective countermeasures to reduce risk at corporate, program, and project levels. The Program Protection Lead will collaborate with diverse stakeholders across the company and the broader RMA team, including risk intelligence, insider threat, corporate security, and business leaders, to assess and mitigate threats to MITRE projects, staff, and information as an integrated element of MITRE's ERM program. The Program Protection Lead should possess advanced risk management skills and experience but also have strong technical knowledge of computer & systems engineering to best integrate with MITRE work programs and staff. Roles & Responsibilities: Strategic Advisory and Coordination: + Serve as a trusted advisor to the ERM management team and business leaders, ensuring alignment with organizational strategy and risk tolerance. + Coordinate with multidisciplinary stakeholders to assess and mitigate threats to MITRE projects, staff, systems, and information. Risk Assessment and Mitigation: + Lead efforts to analyze MITRE operations and programs for criticality, assessing threats and vulnerabilities. + Develop and implement cost-effective countermeasures to reduce risk at corporate, program, and project levels. + Prepare and deliver tailored travel awareness briefings to promote a culture of proactive threat detection and prevention. Program Protection and Security Planning: + Develop and execute comprehensive CI, operations security (OPSEC), and program protection plans for staff, sites/locations, and work programs. + Ensure plans are agile, responsive, and cost-effective for both Sponsor and MITRE-funded initiatives. + Integrate program protection activities into MITRE's broader ERM program. Technical Expertise and Innovation: + Design and deploy actionable risk management solutions to address complex and nuanced threats identified through investigations and threat detection initiatives. + Apply and manage risk mitigations while leveraging deep technical knowledge in areas such as cyber security, counterintelligence operations, risk management, program protection planning, or industrial security. Compliance and Security Standards: + Apply knowledge of the NISPOM to effectively integrate risk management activities into MITRE's classified work program. Basic Qualifications: + Typically requires a minimum of 8 years of related experience with a Bachelor's degree; or 6 years with a Master's degree; or equivalent combination of related education and work experience. + Multidisciplinary background with deep technical knowledge and experience in at least two of the following areas: risk management, program protection planning, cyber security/systems engineering, industrial security, or intelligence analysis/counterintelligence: + Risk Management: Applying risk management principles at project, program, or enterprise levels. + Program Protection Planning: Assessing and mitigating security risks across project lifecycles. + Cyber Security/Systems Engineering: Demonstrate expertise in cybersecurity and security-focused systems engineering, including threat modeling, risk assessment, incident response, secure system design, integration of security controls, vulnerability management, adherence to cybersecurity frameworks and standards (e.g., NIST, ISO 27001), and lifecycle management for complex systems. + Industrial Security: Applying knowledge of the National Industrial Security Program Operating Manual (NISPOM) and managing Controlled Unclassified Information (CUI). + Intelligence/Counterintelligence: Conducting data and intelligence research, develop analytical reports, and deliver briefings and/or utilizing investigative or analytical tradecraft to counter Foreign Intelligence Entities. + Ability to communicate complex issues clearly in a concise and organized manner both verbally and in writing. + Demonstrated experience leveraging technical tools and software to optimize information system security and effectiveness. + Intellectually curious with excellent problem-solving skills and an ability to dissect issues quickly to characterize emerging concerns, especially in a cross-functional and matrixed environment. + Excellent strategic relationship-building skills. + Working knowledge of the NISPOM. + Active Top-Secret Clearance with the eligibility for TS/SCI clearance. + This position requires a minimum of 50% hybrid on-site. Preferred Qualifications: + Advanced degree in Security Management, Business Administration, or a related field. + Certification in Cyber Security, Pen-Testing, or similar (CompTIA Security+, Certified Ethical Hacker, ISC2 CISSP, etc...). + Experience working within an FFRDC, UARC, or similar R&D environment. + Multi-disciplinary background with deep technical knowledge and experience in at least three of the following: intelligence/counterintelligence operations, risk management, program protection planning, supply chain risk mitigation, OPSEC program management, systems engineering, or industrial security. + Demonstrated knowledge of research security programs as required under National Security Presidential Memorandum 33 (NSPM-33), including understanding policies and practices to protect research integrity and mitigate risks associated with foreign influence and interference. + Active Top Secret clearance. This requisition requires the candidate to have a minimum of the following clearance(s): Secret This requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s): Top Secret/SCI Work Location Type: Hybrid Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local or international law. For further information please visit the Equal Employment Opportunity Commission website Know Your Rights Poster (https://www.eeoc.gov/sites/default/files/2022-10/22-088\_EEOC\_KnowYourRights\_10\_20.pdf) . MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE's employment process, please email recruitinghelp@mitre.org for general support and collegerecruiting@mitre.org for intern positions. This service is for individuals requiring reasonable accommodation requests. Please note that vendor solicitations will not receive a reply. Benefits information may be found here (https://careers.mitre.org/us/en/benefits) . Copyright © 1997-2025, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.