Search jobs > Cambridge, MA > Information system security

Information System Security Officer 2

Draper Labs
Cambridge, MA, United States
Full-time

Overview :

Draper is an independent, nonprofit research and development company headquartered in Cambridge, MA. The 2,000+ employees of Draper tackle important national challenges with a promise of delivering successful and usable solutions.

From military defense and space exploration to biomedical engineering, lives often depend on the solutions we provide. Our multidisciplinary teams of engineers and scientists work in a collaborative environment that inspires the cross-fertilization of ideas necessary for true innovation.

For more information about Draper, visit www.draper.com .

Job Description Summary :

The Information System Security Officer 2 (ISSO) supports the continuous monitoring and authorization efforts of multiple classified information systems under the direction of the Information System Security Manager (ISSM).

Performing a variety of technical, and non-technical Cyber Security functions. Responsibilities also include physical and environmental protection, personnel security, incident handling, and security training and awareness.

In close coordination with the ISSM and ISO, the ISSO plays an active role in monitoring a system and its environment of operation to include developing and updating the SSP, managing and controlling changes to the system, and assessing the security impact of those changes.

Job Description :

Duties / Responsibilities

  • Assist the ISSM in meeting their duties and responsibilities. The ISSO shall assume ISSM responsibilities in the absence of the ISSM.
  • Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security authorization package.
  • Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties.
  • Ensure all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the IS.
  • Conduct periodic reviews of information systems to ensure compliance with the security authorization package.
  • Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO / DAO prior to the change.
  • Formally notify the ISSM and AO / DAO when changes occur that might affect system authorization.
  • Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly.
  • Ensure all IS security-related documentation is current and accessible to properly authorized individuals.
  • Conduct Audits and Continuous Monitoring (ConMon) activities using available technical and non-technical processes, reports Audit and ConMon findings, Execute incident response and attends and contributes to status meetings.
  • Manage configuration baselines of both hardware and software
  • Identify system architecture flaws using industry standard tools (e.g. STIG, SCAP, Nessus) that will be flowed to the ISSM for review.
  • Mentors and coaches ISSO 1.
  • Performs other duties as assigned.

Skills / Abilities

  • Fundamental understanding of common auditing techniques
  • Understanding of RMF (NIST SP 800-53, JSIG, DAAPM, ICD 503), IR, Vulnerability Management, SCAP, STIG, and Security-Relevant Tools.
  • Understands Information Technology basics.
  • Awareness of network type designations (e.g. WAN, LAN) and associated infrastructure (e.g. Servers, switches, firewalls).

Education

  • Requires a bachelor's degree in Information Technology or a related field.
  • Equivalent industry experience may be substituted.
  • Possesses an IAM I / IAT II Certification, or greater.

Experience :

  • 3-5 years year relevant industry experience is required,
  • Preferred experience with auditing systems using native language (PS / BASH), with tools and basic scripts / queries, and experience working with ISSMs to create and manage POA&Ms.

Additional Job Description :

Applicants selected for this position will be required to obtain and maintain a government security clearance.

Current in scope Top Secret security clearance is required.

Connect With Draper for Future Opportunities! If you don't find the right posting in our Career Opportunities, you may submit your resume for future consideration.

Job Location - City :

Cambridge

Job Location - State :

Massachusetts

Job Location - Postal Code :

02139-3563

Our work is very important to us, but so is our life outside of work. Draper supports many programs to improve work-life balance including workplace flexibility, employee clubs ranging from photography to yoga, health and finance workshops, off site social events and discounts to local museums and cultural activities.

If this specific job opportunity and the chance to work at a nationally renowned R&D innovation company appeals to you, apply now www.draper.com / careers .

Equal Employment Opportunity :

Draper is committed to creating a diverse environment and is proud to be an affirmative action and equal opportunity employer.

We understand the value of diversity and its impact on a high-performance culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information.

Draper is committed to providing access, equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities.

To request reasonable accommodation, please contact [email protected] .

30+ days ago
Related jobs
Promoted
Deloitte
Quincy, Massachusetts

The Information System Security Engineer (ISSE) will be responsible for creating and maintaining RMF artifacts and shall implement security controls, patch vulnerabilities on network devices, and resolve system security engineering concerns to ensure cyber compliance and readiness for a Government F...

Promoted
JCSI
Peabody, Massachusetts

Analogic, a leading innovator in aviation security technology, is seeking a highly skilled Cybersecurity Information Systems Security Engineer (ISSE) to join our team in Peabody, MA. CYBERSECURITY INFORMATION SYSTEMS SECURITY ENGINEER. This role requires 5-10 years of experience in cybersecurity, fo...

Promoted
Modern Technology Solutions, Inc.
Bedford, Massachusetts

The candidate will collect and process the captured information security requirements and ensures that the requirements are effectively integrated into information systems through purposeful security architecting, design, development, and configuration. The ISSE employs best practices when implement...

GDIT
Norwood, Massachusetts

The position shall have the detailed knowledge and expertise required to manage the security aspects of an information system and, in many organizations, is assigned responsibility for the day-to-day security operations of a system. The ISSO is responsible for ensuring the appropriate operational se...

Global Resource Solutions
Lincoln, Massachusetts

GRS) is seeking an enthusiastic, motivated, detail orientated, and talented individual for the position of Information System Security Officer II. Conduct security surveys at subordinate facilities and gather pertinent security documentation for inclusion into system authorization packages . Perform...

GDIT
Boston, Massachusetts

The Information Systems Security Officer (ISSO) III is responsible for ensuring the appropriate operational security posture is maintained for an information system and as such, works in close collaboration with the ISSM and ISO. The position shall have the detailed knowledge and expertise required ...

Inter-Con Security Systems Inc
Boston, Massachusetts

As an Security Officer you are at the tip of the spear when it comes to the advanced security solutions we provide our clients every day. As an Unarmed Security Officer, you will be part of a highly trained security team that supports critical facilities and infrastructure, public venues that requir...

Global Resource Solutions
Lincoln, Massachusetts

GRS) is seeking an enthusiastic, motivated, detail orientated, and talented individual for the position of Information System Security Manager II. Perform oversight of the development, implementation and evaluation of information system security program policy; special emphasis placed upon integrati...

JCSI
Peabody, Massachusetts

Analogic, a leading innovator in aviation security technology, is seeking a highly skilled Cybersecurity Information Systems Security Engineer (ISSE) to join our team in Peabody, MA. CYBERSECURITY INFORMATION SYSTEMS SECURITY ENGINEER . This role requires 5-10 years of experience in cybersecuri...

Global Resource Solutions
Lincoln, Massachusetts

GRS) is seeking an enthusiastic, motivated, detail orientated, and talented individual for the position of Information System Security Manager I. Perform oversight of the development, implementation and evaluation of information system security program policy; special emphasis placed upon integratio...