Cyber Defense Specialist

Come and help defend the nation in cyberspace! In the Cyber Operations & Analysis Technology Group at MIT Lincoln Laboratory, we research challenging technical problems in cyber security, develop new technologies, and prototype first-of-a-kind systems. We have particular focus on enabling human operators and improving operational systems, orienting our work toward strong practical impact.

We work across a variety of cutting-edge national-security applications:

• Quantifying risk posed by adversary cyber threats to key national security missions
• Enhancing the cyber security and resilience of critical infrastructure and other operational technology
• Protecting and defending U.S. weapon systems in cyber contested environments
• Helping the nation’s cyber operators do their jobs better, faster, and at greater scale
• Creating game-changing capabilities for defensive cyberspace operations

As an interdisciplinary group, we innovate by drawing insights from computer science, software engineering, data engineering, data science, artificial intelligence/machine learning, electrical engineering, mathematics, statistics, physics, and allied technical fields. We collaborate with research partners across MIT, offering frequent opportunities to team and learn in new areas. If you want a career in R&D with the opportunity to have real impact on important problems, join us!

We are seeking an experienced Defensive Cyber Operations Subject Matter Expert to join our team at MIT Lincoln Laboratory as a Cyber Defense Specialist in a technical role. The successful candidate will have a strong background and experience in planning, conducting, and assessing defensive cyber operations, as well as experience utilizing defensive tools for cyber hunting, threat analysis, and cyber incident response.

• Contribute to technical R&D efforts identifying technical gaps and developing solutions to meet operational needs
• Work closely with operational stakeholders to identify technical needs and challenges
• Provide expert-level guidance on defensive cyber operations to both technical researchers and government stakeholders
• Stay informed of emerging cyber threats and technologies, including advanced persistent threats, zero-day exploits, and nation-state sponsored attacks
• Develop and maintain expertise in emerging technologies and techniques relevant for cyber defense, including artificial intelligence, machine learning, and cloud security
• Represent MIT Lincoln Laboratory in interactions with government agencies, industry partners, and other stakeholders on matters related to defensive cyber operations

• Bachelor's degree in Computer Science, Cybersecurity, or a related field (Master’s degree preferred)
• Minimum 8 years of experience in defensive cyber operations, including experience in planning, conducting, and assessing defensive operations as an element of the Cyber Mission Force
• Experience utilizing defensive tools such as Splunk, ELK, Arc Sight, or similar platforms for cyber hunting, threat analysis, and incident response (experience with GOTS tools is a plus)
• Strong understanding of network protocols, operating systems, and cybersecurity principles
• Excellent analytical and problem-solving skills, with the ability to think critically and outside the box
• Excellent written and oral communication skills, including technical communication for non-technical audiences
• Ability to work both independently and collaboratively on difficult, open-ended problems in cyber security and operations with interdisciplinary technical teams.
• Motivation to identify underlying technical problems and investigate solutions proactively

• Experience working in a research environment, with a focus on developing and applying new technologies and techniques to solve complex problems
• Experience with programming languages such as Python, C/C++, Rust, and/or Java
• Familiarity with cloud computing platforms and cybersecurity solutions (e.g., AWS, Azure, Google Cloud)

• Selected candidate will be subject to a pre-employment background investigation and must be able to obtain and maintain a…