Date

My employer, MIT Lincoln Laboratory, is looking to hire at least a half-dozen computer security researchers in the near future. Do you know any computer-security experts? Do you have any students looking for jobs? Do you have any interest in using your skills to solve critical national-security problems?

MIT Lincoln Laboratory is a Federally-Funded Research and Development Center administered by MIT, meaning that we're an MIT research lab that works exclusively for the US government (mostly the Department of Defense). From our official description:

As a Department of Defense Research and Development Laboratory, MIT Lincoln Laboratory conducts research and development aimed at solutions to problems critical to national security.

Research at the Laboratory includes projects in air and missile defense, surveillance technology, biological-chemical defense, and communications and information technology. The Laboratory takes projects from the initial concept stage, through simulation and analysis, to design and prototyping, and finally to field demonstration.

Two of the Laboratory’s principal technical objectives are (1) the development of components and systems for experiments, engineering measurements, and tests under field operating conditions and (2) the dissemination of information to the government, academia, and industry.

My group, the Information Systems Technology Group, currently pursues the following (security) research areas:

  • secure cyberspace

  • detect and interpret attacks against large-scale network infrastructures

  • evaluate the use of our and others' tools in many different environments

  • perform static and dynamic analysis of software to discover vulnerabilities

  • analyze and model computer networks attacks and potential propagation vectors

  • correlate and prioritize alerts from network security devices

  • design and develop practical cryptographic protocols and approaches

The linked page, above, contains contact information and directions on how to search our database of job postings. That last bit seems worth repeating, though:

To apply for a position, visit Employment Opportunities and select 06-62 Information Systems Technology in the Group drop-down box.

And to whet your appetite, here are some of the half-dozen security-focused job-descriptions you will find there:

The selected candidate will work with an outstanding team to conduct research and development in the areas of secure communications and storage, applied cryptography, and their applications. Tasks include special-purpose network protocol design and implementation, or tamper- resistant system protocol design, development and testing.

The selected candidate will work with a team to design and develop tools that generate and use attack graphs to measure and improve the security of enterprise networks. Tasks could include (1) Analyze router configuration files and outputs of network vulnerability scanners to extract important information, (2) Enhance algorithms that compute host-to-host reachability and attack graphs, (3) Develop algorithms that analyze attack graphs to compute security metrics and make recommendations to improve security, (4) Generate graphical displays of networks and attack graphs, (5) Enhance and extend an existing interactive graphical user interface, and (6) Analyze new tools that characterize security on individual hosts or network devices and incorporate information generated from these tools into our current analysis tool. We're looking for bright and creative people who can work on a team, learn quickly, and have strong written and verbal communication skills. They should have the ability and desire to span the range from coding to higher-level research, analysis, and design.

Will work with a team to conduct research and development in the areas of testbed development and program evaluation of computer network defenses, computer network exploitation, and computer network attack tools and systems. Will work on developing models of user and network behavior as well as metrics to enable quantitative testing in realistic environments.

There's more where those came from, so go take a look. I will note, however, that the Lab requires that all employees

  1. be a citizen of the United States, and
  2. be able to acquire a security clearance (at least SECRET, but higher is also good).

If you have any questions, please feel free to contact me. (Except if you have questions about your ability to get a clearance. In that case, please don't contact me, contact our Personnel Security Service Center instead.)

(Update: Fixed broken links.)