MPR Associates, Inc. (MPR), a thriving multi-discipline, specialty engineering services and consulting firm, is actively seeking a capable and motivated Information Security Manager to join our IT team. If you are seeking a unique, challenging, and rewarding career opportunity, MPR may be the right company for you.

Founded in 1964, MPR has a wide and growing client base in the fields of power and energy, federal services, and health and life sciences, in the United States as well as internationally. Headquartered in Alexandria, Virginia, we also have offices in East Lyme, Connecticut, and Burlington, Massachusetts. MPR makes challenging projects successful, delivering safe and reliable technical solutions across the entire project or product life-cycle to benefit our clients and society as a whole. We hire the best and brightest, which results in a high-performance culture built on trust and respect, making MPR an exceptional place to work.

General Job Description

The Information Security Manager contributes to maintaining a secure operating environment and growing our security capabilities. In this role, the Information Security Manager will support building cybersecurity resilience in our network and information infrastructure, navigating evolving regulatory and IT environments to ensure the protection of critical systems through strategic cybersecurity policy development. They will also lead a team of Cybersecurity Analysts and Network Engineers as well as support MPR’s clients in an IT consulting capacity as opportunities arise. This is a full-time, exempt position in MPR’s Alexandria, VA office reporting to the Director of Information Technology.

• Develop and implement policies and procedures to ensure adherence to security standards that are aligned with business objectives.
• Ensure that our information security assets, policies, and processes are reliable, available, provide confidentiality, and are generally safe from unauthorized use and intrusion.
• Provide day-to-day security support around the infrastructure and procedures used to protect and secure Controlled Unclassified Information (CUI), including MPR’s related computer systems, data, and network.
• Perform risk analysis on threats, security alerts, and other suspicious system or network activity.
• Lead incident response efforts, including investigation, containment, and recovery.
• Identify and analyze existing processes and procedures to meet new IT Security goals and objectives.
• Evaluate security incidents to determine impact & escalate appropriately.
• Monitor, aggregate, label, and manage artifacts related to the Security Program assessment and external audits.
• Develop, document, and assist with implementing NIST/CMMC framework standards, procedures, processes, and guidelines.
• Plan and monitor security measures for the protection of computer systems, networks, and information, including the use of Security Information and Event Management (SIEM) products.
• Develop and deliver security training and awareness programs for employees at all levels of the organization.
• Support MPR’s Change & Configuration Control through actions such as documenting change requests and participating in regular CC meetings.
• Prepare and present reports to senior management and stakeholders on information security performance and risks.
• Manage a team of cybersecurity analysts and network engineers, providing leadership, mentoring, performance evaluations and career growth.
• Collaborate with legal and compliance teams to ensure the organization's compliance with relevant laws and regulations.

• U.S. Citizenship required.
• Must be able to obtain/maintain US DOD Security Clearance.

Education

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• Cisco Certified Network Professional (Security-focus) (CCNP Security).
• Security+, CISM, or CISSP certifications a plus.

Experience

• Ten (10) or more years working in IT security operations, including a minimum of five (5) years as an Information Security Manager / managing operational teams.
• Experience in recommending and implementing policies and procedures to ensure adherence to security standards, including the requirements of NIST SP 800-171, NIST SP 800-53, and CMMC.
• Experience performing security audits with and without specialized SIEM tools (e.g., Splunk, Microsoft Sentinel, ManageEngine Log360) in the following environments: Microsoft GCC High, Microsoft 365, Azure AD, and Virtual Desktop.

Skills

• Ability to interpret technical vulnerability findings and work to develop and implement remediation plans.
• The ability to learn quickly and adapt to new technologies while multitasking.
• Excellent communication skills, both written and oral.
• Ability to work collaboratively across functional teams.
• Ability to work in a dynamic and fast-paced environment.
• Strong time management and customer service skills.
• Persistent, questioning attitude and ability to accept that in others.
• Motivated to expand skills and knowledge, as well as tackle new problems and take on new responsibilities.
• Ability to plan, organize, and manage tasks on time with minimal supervision.

MPR Associates, Inc. is an equal opportunity and affirmative action employer, who participates in E-Verify. All qualified applicants will receive consideration for employment without regard to race, color, national origin, sex, religion, age, disability, veteran’s status, sexual orientation, gender identity, genetic information or any other classification as required by applicable laws.  MPR is a certified Virginia Values Veterans (V3) employer.