Draper · 13 hours ago
Information System Security Officer 2
Cambridge, MA
Full-time
Onsite
Mid Level
$82K/yr - $206K/yr
3+ years expDraper is an independent, nonprofit research and development company headquartered in Cambridge, MA. The Information System Security Officer 2 (ISSO) supports the continuous monitoring and authorization efforts of multiple classified information systems, performing a variety of technical and non-technical Cyber Security functions.
Defense & Space
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Assist the ISSM in meeting their duties and responsibilities. The ISSO shall assume ISSM responsibilities in the absence of the ISSM
Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security authorization package
Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties
Ensure all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the IS
Conduct periodic reviews of information systems to ensure compliance with the security authorization package
Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change
Formally notify the ISSM and AO/DAO when changes occur that might affect system authorization
Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly
Ensure all IS security-related documentation is current and accessible to properly authorized individuals
Conduct Audits and Continuous Monitoring (ConMon) activities using available technical and non-technical processes, reports Audit and ConMon findings, Execute incident response and attends and contributes to status meetings
Manage configuration baselines of both hardware and software
Identify system architecture flaws using industry standard tools (e.g. STIG, SCAP, Nessus) that will be flowed to the ISSM for review
Mentors and coaches ISSO 1
Performs other duties as assigned
Qualification
Required
Requires a bachelor's degree in Information Technology or a related field
Equivalent industry experience may be substituted
Possesses an IAM I/IAT II Certification, or greater
3-5 years year relevant industry experience is required
Current in scope Secret security clearance is required with the ability to obtain Top Secret clearance required
Fundamental understanding of common auditing techniques
Understanding of RMF (NIST SP 800-53, JSIG, DAAPM, ICD 503), IR, Vulnerability Management, SCAP, STIG, and Security-Relevant Tools
Understands Information Technology basics
Awareness of network type designations (e.g. WAN, LAN) and associated infrastructure (e.g. Servers, switches, firewalls)
Preferred
Preferred experience with auditing systems using native language (PS/BASH), with tools and basic scripts / queries, and experience working with ISSMs to create and manage POA&Ms
Benefits
Workplace flexibility
Employee clubs ranging from photography to yoga
Health and finance workshops
Off site social events
Discounts to local museums and cultural activities
Company
Draper
We Engineer Solutions for the Nation’s Toughest Problems As an independent nonprofit engineering innovation company, Draper provides engineering services directly to government, industry, and academia.
1001-5000 employees
Funding
Current Stage
Late StageLeadership Team
Jerry Wohletz
President and Chief Executive Officer
Brenan McCarragher
Chief Technology Officer
Recent News
Business Journals
2024-03-28
2024-02-28
Company data provided by crunchbase