company-img2

Information System Security Officer

  • 0 yrs
  • $ Not Disclosed / YEAR

Similar Jobs from Partners


Job Description

Overview


Draper is an independent, nonprofit research and development company headquartered in Cambridge, MA. The 1,800 employees of Draper tackle important national challenges with a promise of delivering successful and usable solutions. From military defense and space exploration to biomedical engineering, lives often depend on the solutions we provide. Our multidisciplinary teams of engineers and scientists work in a collaborative environment that inspires the cross-fertilization of ideas necessary for true innovation. For more information about Draper, visit www.draper.com.


 


Our work is very important to us, but so is our life outside of work. Draper supports many programs to improve work-life balance including workplace flexibility, employee clubs ranging from photography to yoga, health and finance workshops, off site social events and discounts to local museums and cultural activities. If this specific job opportunity and the chance to work at a nationally renowned R&D innovation company appeals to you, apply now www.draper.com/careers.


 


 


Equal Employment Opportunity


Draper is committed to creating a diverse environment and is proud to be an affirmative action and equal opportunity employer.   We understand the value of diversity and its impact on a high-performance culture.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information.   


 


Draper is committed to providing access, equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation, please contact hr@draper.com.


Responsibilities


Serves as an Information System Security Officer for classified information systems under the direction of the Information System Security Manager. • Performs weekly technical, and non-technical audits of assigned information systems as well as periodic monitoring and of compliance with established standards.


• Experience reviewing security configuration settings of information systems including VMware ESXi, Windows 10Windows Server 2016/2019, Linux, RHEL 7/8, Cisco, Palo Alto, Trellix ePO, Microsoft SQL, Veeam and other backup solutions• Trains and assists users of information systems to ensure security procedures are followed.• Assists with the development and maintenance of cyber security policy and procedures.• Monitor service request ticketing system and grant approval for valid account requests in accordance with the principles of NTK and Least Privilege• Assist ISSM in evaluating all requests for the addition, change or modification to system architecture, hardware, software, or firmware and coordinate with the appropriate authorization authority prior to allowing alteration of configuration controlled baselines• Serve as member of Configuration Approval Board to oversee requests for system modification or changes to the established baseline• Maintain accurate and complete system inventories for all components within the approved ATO boundary and ensure authorized changes to the system inventory are properly documented and tracked• Utilize a variety of security software tools to conduct vulnerability assessments, continuous monitoring scans, and those employed to maintain OS configurations


Qualifications


 


Required Qualifications:     



  • 2-5 years of experience in the areas of cybersecurity, compliance, or information technology BS degree in a related field (May substitute additional experience for education)

  • Knowledge of working with the ICD 503, NIST 800-53, JSIG, and/or Risk Management Framework (RMF)


 


Preferred Qualifications:  



  • Experience working in a classified environment supporting DAAPM based requirements

  • Existing CompTIA Security+ certification, or equivalent DOD 8570.01-M IAM level II certification

  • Experience using Splunk or equivelent SIEM application

  • Experience with ACAS or Tenable Nesus

  • Experience conducting weekly audits  authorized systems


Security Requirement:   



  • Applicants selected for this position will be required to obtain a Top Secret security clearance is required.


** Draper has implemented a mandatory COVID-19 vaccination requirement for all Draper employees. This will be a condition of employment to work at Draper.