Overview

Draper is an independent, nonprofit research and development company headquartered in Cambridge, MA. The 1,800 employees of Draper tackle important national challenges with a promise of delivering successful and usable solutions. From military defense and space exploration to biomedical engineering, lives often depend on the solutions we provide. Our multidisciplinary teams of engineers and scientists work in a collaborative environment that inspires the cross-fertilization of ideas necessary for true innovation. For more information about Draper, visit www.draper.com.

Our work is very important to us, but so is our life outside of work. Draper supports many programs to improve work-life balance including workplace flexibility, employee clubs ranging from photography to yoga, health and finance workshops, off site social events and discounts to local museums and cultural activities. If this specific job opportunity and the chance to work at a nationally renowned R&D innovation company appeals to you, apply now www.draper.com/careers.

Equal Employment Opportunity

Draper is committed to creating a diverse environment and is proud to be an affirmative action and equal opportunity employer. We understand the value of diversity and its impact on a high-performance culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information.

Draper is committed to providing access, equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation, please contact hr@draper.com.

Responsibilities

Responsibilities

Serves as an Information System Security Officer for classified information systems under the direction of the Information System Security Manager.

• Performs weekly technical, and non-technical audits of assigned information systems as well as periodic monitoring and of compliance with established standards.
• Review/confirm security configuration settings on information systems, which may include the following hardware/software or similar products: Windows 10Windows Server 2016/2019, Linux, Network appliances, firewalls, Trellix ePO.
• Ensures systems are configured in accordance with required standards.
• Trains and assists users of information systems to ensure security procedures are followed.
• Assists with the development and maintenance of cyber security policy and procedures.
• Monitor service request ticketing system and grant approval for valid account requests in accordance with the principles of NTK and Least Privilege
• Assist ISSM in evaluating all requests for the addition, change or modification to system architecture, hardware, software, or firmware and coordinate with the appropriate authorization authority prior to allowing alteration of configuration controlled baselines
• Serve as member of Configuration Approval Board to oversee requests for system modification or changes to the established baseline
• Maintain accurate and complete system inventories for all components within the approved ATO boundary and ensure authorized changes to the system inventory are properly documented and tracked
• Utilize a variety of security software tools to conduct vulnerability assessments, continuous monitoring scans, and those employed to maintain OS configurations
• Executes incident response actions.

Qualifications

Qualifications

2-5 years of experience in the areas of cybersecurity, compliance, or information technology

BS degree in a related field

May substitute additional experience for education

Working knowledge of the ICD 503, NIST 800-53, DAAPM/JSIG, and Risk Management Framework (RMF)

Must have or be able to obtain CompTIA Security , or equivalent certification within 6 months of hire in accordance with DoD Directive 8570.1 IAT Level II certification

Preferred Qualifications:

Experience working in a classified environment supporting DAAPM based requirements

Experience using Splunk or equivalent SIEM application

Experience with ACAS / Nessus Tenable

Experience conducting weekly audits on authorized systems

Security Requirement:

Active SECRET Clearance is required

TOP SECRET is highly preferred.

** Draper has implemented a mandatory COVID-19 vaccination requirement for all Draper employees. This will be a condition of employment to work at Draper.