Information Systems Security Analyst

Overview:

Draper is an independent, nonprofit research and development company headquartered in Cambridge, MA. The 2,000+ employees of Draper tackle important national challenges with a promise of delivering successful and usable solutions. From military defense and space exploration to biomedical engineering, lives often depend on the solutions we provide. Our multidisciplinary teams of engineers and scientists work in a collaborative environment that inspires the cross-fertilization of ideas necessary for true innovation. For more information about Draper, visit www.draper.com.

Job Description Summary:

The Senior Information Systems Security Analyst supports the day-to-day activities of users, perform system maintenance, and upkeep of Information Technology. As well as provide the development, documentation, and deployment of IT Infrastructure and Operation. Responsible for vulnerability management, network defense, cybersecurity auditing, and driving procedure development and implementation. Direct the security configuration and management of multiple collateral classified and unclassified systems and networks in a variety of traditional and virtual environments including VMware, Redhat Linux, CentOS, Cisco, Palo Alto, and Windows. Ensure systems are operated, maintained, and disposed of in accordance with the organization’s security policies and procedures. Train and mentor junior level security staff in continuous monitoring practices

Job Description:

Duties/Responsibilities
• Develop processes to collect, analyze, and present cybersecurity metrics for senior management and relevant stakeholders.
• Define and create processes to conduct network, system, and application vulnerability scanning, remediation, and patch management.
• Responsible for implementing access control, resetting passwords, account creation, and general administration.
• Responsible for day to day support and maintenance of IT infrastructure systems (e.g. servers, workstations, switches, routers, firewalls, intrusion prevention systems, encryption devices).
• Maintain and update documentation, including standard operating procedures, network drawings, and configuration documentation.
• Conduct reviews and technical inspections to identify and mitigate potential security weaknesses, and ensure security compliance is implemented and all necessary systems are functional.
• Provide resolutions to an assortment of customer defined problems of moderately complex scope. Ask appropriate questions and use knowledge and resources to diagnose and resolve basic technical issues.
• Troubleshoots and solves problems without violating the security architecture requirements of the systems they are assigned.
• Provides system troubleshooting, vendor coordination, software patching, system deployment, license management, hardware and software management, and lifecycle management.
• Work closely with the Information Assurance group to ensure system accreditation process is followed including maintenance of standard operating procedures, network drawings and configuration documentation.
• Provides guidance to and may oversee the activities more junior team members.
• Performs other duties as assigned.

Skills/Abilities
• Ability to design and implement full stack cybersecurity solutions.
• Ability to secure multiple operating systems such as Windows, Linux and virtualization technologies.
• Ability to secure networks and systems utilizing DISA STIGs and/or SRGs.
• Knowledgeable in computer security principles and policies, including Risk Management Framework (RMF), Security Technical Implementation Guides (STIGs), National Industrial Security Program Operating Manual (NISPOM), and Defense.
• Security Service (DSS) Assessment and Authorization Manual (DAAPM).
• Knowledge of the configuration of common operating systems such as Windows, Linux, and Cisco IOS.
• Knowledge of DCSA Enterprise Mission Assurance Support Service (eMASS).

Education
• Bachelor of Science in Information Technology or a related field is required.
• Security+ certification or higher level cert or be able to obtain one within 6 months of hire

Experience
5-7 years of IT security experience in DoD Industrial Security.

Additional Job Description:

Applicants selected for this position will be required to obtain and maintain a government security clearance .

Top secret clearance required with sci eligibility.

Connect With Draper for Future Opportunities! If you don't find the right posting in our Career Opportunities, you may submit your resume for future consideration.

Job Location - City:

Cambridge

Job Location - State:

Massachusetts

Job Location - Postal Code:

02139-3563

Our work is very important to us, but so is our life outside of work. Draper supports many programs to improve work-life balance including workplace flexibility, employee clubs ranging from photography to yoga, health and finance workshops, off site social events and discounts to local museums and cultural activities. If this specific job opportunity and the chance to work at a nationally renowned R&D innovation company appeals to you, apply now www.draper.com/careers.

Draper is committed to creating an inclusive environment. We understand the value of inclusivity and its impact on a high-performance culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, national origin, veteran status, or genetic information. Draper is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation, please contact hr@draper.com.