Principal Cybersecurity Assessment Engineer

Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges-and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day-working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities for career growth, and a culture of innovation that embraces adaptability, collaboration, technical excellence, and people in partnership. If this sounds like the choice you want to make, then choose MITRE - and make a difference with us.

Department Summary:

The Cyber Solutions Innovation Center creates solutions using threat-informed cybersecurity approaches to enhance the security, safety, and resiliency of critical cyber systems and infrastructure.

The Cyber Assessments and Security Automation department serves as MITRE's resource for cyber risk evaluation and security innovation. Our team is dedicated to advancing the field of cybersecurity by combining deep expertise in risk assessment with cutting-edge automation technologies. This dual focus enables us to address the evolving needs of our sponsors, ensuring scalable and effective cybersecurity solutions that meet today's challenges and anticipate tomorrow's threats.

Our work is defined by innovation, exemplified through initiatives like SAF, ECHO, and ACT, which demonstrate our commitment to developing transformative tools and methodologies. By leveraging automation, we empower organizations to enhance their security posture efficiently and effectively, positioning them to stay ahead in an increasingly complex cyber landscape.

The Cyber Assessments and Security Automation department reflects MITRE's leadership in cybersecurity, making our value clear to sponsors and internal stakeholders alike. We don't just assess risks; we innovate solutions that drive the future of cybersecurity.

The Cyber Assessments and Security Automation department within the Cyber Solutions Innovation Center is seeking a Principal level Cybersecurity Assessment Engineer to lead the department's contributions across our portfolios. The department supports all of MITRE by providing a variety of cyber assessment products plus overall cyber engineering skills. The Principal Cybersecurity Assessment Engineer position will be a core member of the department and government technical team and serve as the first-line support for various sponsors. The position requires direct contributions to our diverse work programs.

Roles & Responsibilities:

• Expertise conducting cybersecurity assessments and workshops for government agencies and international partners.
• Lead Security Incident Response: Oversee the analysis and resolution of complex security incidents across multiple networks, and in geographically distributed environments.
• Develop and implement security strategies, and provide mentorship to junior assessors.
• International engagement: Work with foreign political and military leadership, understanding cultural norms with the goal of developing effective relationships.
• Threat Hunting & Detection: Proactively identify hidden threats within enterprise networks using advanced tools and methodologies. Develop, write, and refine detection rules for SIEM systems to enhance threat identification and response capabilities.
• Cybersecurity Risk Management: Expert knowledge of cybersecurity risk management frameworks and methodologies, including Adaptive Capabilities Testing (ACT).
• Vulnerability Assessment & Penetration Testing: Conduct vulnerability assessments, penetration testing, and ethical hacking of applications and systems to identify and remediate security weaknesses.
• Security Controls Assessment: Conduct Security Controls Assessments (SCA), workshops, and audits for internal teams and partner organizations.
• Security Tools Utilization: Utilize a variety of security tools-including Burp Suite, Nessus, Splunk, QRadar, WireShark, eMASS, and others-to support security operations and assessments.

Basic Qualifications:

• Typically requires a minimum of 10 years of related experience with a Bachelor's degree; or 8 years and a Master's degree; or a PhD with 5 years' experience; or equivalent combination of related education and work experience.
• Active Top Secret Security Clearance.
• Experience with RMF, NIST SP-800 series, and Security Controls Assessment (SCA).
• Experience in software engineering and systems engineering, including requirements analysis and technical writing.
• Familiarity with Windows, Linux, macOS/Open BSD, and VxWorks/Tornado operating systems.
• Proficiency in programming languages including Java, C#, C++, Python, Perl, Visual Basic, ASP.NET, PHP, COBOL.
• Certifications: CISSP, Certified Ethical Hacker (CEH), Network+, AWS Certified Cloud Practitioner.
• This position requires a minimum of 50% hybrid on-site.

Preferred Qualifications:

• Experience leading and mentoring teams in cybersecurity operations.
• Demonstrated success in developing and implementing cybersecurity risk management frameworks and methodologies.
• Experience with cyber resiliency tabletop exercises and control audits.
• Advanced skills in technical writing, policy development, and process improvement for cybersecurity programs.
• Experience with radar systems, electronic warfare, and campaign-level defensive simulations.
• Experience with project management tools (Microsoft Project, JIRA).

This requisition requires the candidate to have a minimum of the following clearance(s):
Top Secret

This requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s):
Top Secret

Salary compensation range and midpoint:
$172,500 - $215,500 - $258,500 Annual

Work Location Type:
Hybrid

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local or international law.

MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE's employment process, please email recruitinghelp@mitre.org for general support and collegerecruiting@mitre.org for intern positions. This service is for individuals requiring reasonable accommodation requests. Please note that vendor solicitations will not receive a reply.

Benefits information may be found here .

Copyright © 1997-2025, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.