The Critical Infrastructure Protection Department (L561) sits within MITRE's Cyber-Physical Systems Division. L561 delivers innovative solutions by bringing a multidisciplinary approach to sponsor challenges that are critical to national security and public sector missions. Our work involves researching, developing, and applying advanced technologies in protecting national critical infrastructure from non-kinetic threats and ensuring operational resiliency. Focus areas include:
- Infrastructure Susceptibility Analysis
- Safety Engineering
- Critical Infrastructure (CI) Threat Detection and Analytics
- CI Adversary Emulation
- Operational Technology (OT) Device Security
- Cross-Sector Interdependency analysis
- Civilian Critical Infrastructure Sector Specific Expertise
Roles & Responsibilities:- Apply cyber threat intelligence expertise to assist sponsors or private owner/operators in securing critical infrastructure and performing cyber operations.
- Guide government sponsors or private owner/operators in building and advancing their cyber threat intelligence capabilities and programs.
- Track and analyze adversary tactics, techniques, and procedures (TTPs) relevant to industrial control systems (ICS), Operational Technology (OT), and space system OT, impacting critical infrastructure and national security missions.
- Support cyber threat modeling, risk assessments, and mission impact analyses for critical infrastructure and space systems based on unclassified and classified sources.
- Fuse multiple intelligence sources to develop products and recommendations for sponsors to support mission assurance and risk-informed decision-making.
- Monitor and analyze emerging threats, vulnerabilities, and supply chain risks affecting ICS/OT and Space OT technologies.
- Serve as a subject matter expert (SME) in cyber threat intelligence with a focus on ICS/OT-relevant threats, working closely with OT engineers and domain experts.
- Brief sponsors and senior leaders on threat trends, risks, and mitigation strategies to enhance mission assurance.
- Produce and deliver artifacts and strategic briefings that synthesize classified and unclassified reporting into clear, decision-focused insights for senior leaders.
- Partner with sponsors to identify key intelligence gaps, prioritize collection, and provide feedback to collectors to improve coverage of priority threats.
- Contribute to thought leadership (e.g., white papers, best practice guides, methodologies) on threat-informed defense, cyber risk assessment, and CTI tradecraft for critical infrastructure.
Basic Qualifications:- Typically requires a minimum of 8 years of related experience with a bachelor's degree; or 6 years and a master's degree; or a PhD with 3 years' experience; or equivalent combination of related education and work experience.
- Degree in Electrical Engineering, Mechanical Engineering, Civil Engineering, Engineering Technology, Computer Science, Cybersecurity, or related technical field; equivalent utility, military, or industrial experience may be considered.
- Operational experience with electric power utilities.
- Experience with industrial control systems (ICS), Operational Technology (OT), SCADA, or other control systems used in critical infrastructure or space missions (through professional work, lab projects, or research).
- Ability to lead discussions, collaborate across different teams and organizations, and brief technical and non-technical stakeholders.
- Minimum 50% hybrid on-site work required at MITRE or government locations.
- Must have a TS clearance to be considered.
- Per the U.S. Government's eligibility requirements, you must be a U.S Citizen to be considered for a security clearance.
Preferred Qualifications: - Deep subject-matter expertise in SCADA network cyber security.
- Extensive experience securing, assessing, or operating SCADA, ICS, OT, or other control systems in electric utilities or other critical infrastructure environments.
- Expert knowledge of ICS/OT architectures, industrial protocols, and embedded/control system components (e.g., PLCs, DCS, SCADA, Modbus, DNP3, OPC).
- Familiarity with cyber threat intelligence, all-source intelligence, and adversary TTPs relevant to OT/ICS/embedded systems. Experience using frameworks such as ATT&CK to inform detection, defense, or risk analysis.
- Experience translating threat intelligence, vulnerability information, or adversary behavior into security controls, threat-informed defense, risk assessments, or mission assurance activities.
- Experience supporting government, utility, or other critical infrastructure cyber defense, analysis, or operational security efforts.
- Demonstrated track record leading analytic or technical efforts, communicating findings effectively to technical and non-technical stakeholders, delivering high-impact products, and building trusted relationships with demanding customers, leaders, or government sponsors.
- Excellent interpersonal skills, judgment, discretion, and tact.
- An advanced degree in Electrical Engineering, Mechanical Engineering, Civil Engineering, Engineering Technology, Computer Science, Cybersecurity, or related technical field is a plus.
- Active SCI Clearance.
This requisition requires the candidate to have a minimum of the following clearance(s):Top Secret
This requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s):Top Secret/SCI
Salary compensation range and midpoint:$158,800 - $198,500 - $238,200 Annual
Work Location Type:Hybrid
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
