We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
Draper Labs jobs

ISSO

Draper Labs
United States, Massachusetts, Cambridge
555 Technology Square (Show on map)
Jan 25, 2025

Overview:

Draper is an independent, nonprofit research and development company headquartered in Cambridge, MA. The 2,000+ employees of Draper tackle important national challenges with a promise of delivering successful and usable solutions. From military defense and space exploration to biomedical engineering, lives often depend on the solutions we provide. Our multidisciplinary teams of engineers and scientists work in a collaborative environment that inspires the cross-fertilization of ideas necessary for true innovation. For more information about Draper, visit www.draper.com.

Job Description Summary:

The Supervisor 1 for the Information System Security Officers (ISSOs) leads the continuous monitoring and authorization efforts at direction of the Information System Security Manager (ISSM). Performs Audits and reports findings, assist in the mitigation of system architecture, trains, coaches, and mentors ISSOs. Responsibilities also include physical and environmental protection, personnel security, incident handling, and security training and awareness. In close coordination with the ISSM and ISO, the ISSO plays an active role in monitoring a system and its environment of operation to include developing and updating the SSP, managing and controlling changes to the system, and assessing the security impact of those changes.

Job Description:

Duties/Responsibilities

* Leads, trains, coaches, and mentors a team of ISSOs.

* Conduct Audits and Continuous Monitoring (ConMon) activities using available technical and non-technical processes.
* Reports Audit and ConMon findings.
* Leads/Triages incident response.

* Manage configuration baselines of both hardware and software
* Identify and assist in the mitigation of system architecture flaws using industry standard tools (e.g. STIG, SCAP, Nessus) and processes (e.g. CCB).
* Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change.
* Formally notify the ISSM and AO/DAO when changes occur that might affect system authorization.
* Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly.
* Ensure all IS security-related documentation is current and accessible to properly authorized individuals.
* Identify system architecture flaws using industry standard tools (e.g. STIG, SCAP, Nessus) that will be flowed to the ISSM for review.
* Develops tactics, techniques, and procedures.
* Leads meetings on technical subjects, projects and develops tools.
* Lead SME for incident response.
* Subject matter expert using Splunk or (equivalent industry SIEM tool), vulnerability scanners, and configuration tools
* Performs other duties as assigned.

Skills/Abilities
* Ability to audit systems using native language (PS/BASH)
* Knowledge of Incident response, and Vulnerability scanning tools (e.g. Nessus/Tenable, Nmap).
* Knowledge of common SIEM tools such as SPLUNK.
* Knowledge of configuration management tools such as SCAP, STIG viewer.
* Strong background with RMF and associated DAAPM or JSIG process.
* Experience with the system development lifecycle (e.g. change control).
* Ability to write detailed reports to the ISSM or leadership regarding security incidents as necessary.
* Experience working with ISSMs to create and manage POA&Ms.

Education
* Requires a bachelor's degree in Information Technology or a related field.
* Equivalent industry experience may be substituted.
* Possesses an IAM I/IAT II Certification, or greater

Experience
* 5-7 years year relevant industry experience is required,
* Preferred experience working with ISSMs to create and manage POA&Ms.

* Preferred experience with Draper's Security stack/toolset and the ability to write queries and scripts.

Additional Job Description:

Applicants selected for this position will be required to obtain and maintain a government security clearance.

Current Top Secret security clearance is required.

Connect With Draper for Future Opportunities! If you don't find the right posting in our Career Opportunities, you may submit your resume for future consideration.

Job Location - City:

Cambridge

Job Location - State:

Massachusetts

Job Location - Postal Code:

02139-3563

Our work is very important to us, but so is our life outside of work. Draper supports many programs to improve work-life balance including workplace flexibility, employee clubs ranging from photography to yoga, health and finance workshops, off site social events and discounts to local museums and cultural activities. If this specific job opportunity and the chance to work at a nationally renowned R&D innovation company appeals to you, apply now www.draper.com/careers.

Equal Employment Opportunity:

Draper is committed to creating a diverse environment and is proud to be an affirmative action and equal opportunity employer. We understand the value of diversity and its impact on a high-performance culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information. Draper is committed to providing access, equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation, please contact hr@draper.com.

Applied = 0
MORE JOBS LIKE THIS

(web-6f6965f9bf-tv2z2)