ClearanceJobs
Information Systems Security Manager (ISSM) 1
Draper is an independent, nonprofit research and development company headquartered in Cambridge, MA. The 2,000+ employees of Draper tackle important national challenges with a promise of delivering successful and usable solutions. From military defense and space exploration to biomedical engineering, lives often depend on the solutions we provide. Our multidisciplinary teams of engineers and scientists work in a collaborative environment that inspires the cross-fertilization of ideas necessary for true innovation. For more information about Draper, visit www.draper.com. Job Description
The ISSM 1 supports the Information Assurance (IA) efforts for multiple Department of Defense (DoD) and/or Special Program information systems. The ISSM 1 is familiar with the implementation of NIST SP 800-53 and its application with respect to the DAAPM, JSIG, or ICD 503. The ISSM 1 performs the development, implementation, and evaluation of information system security for assigned programs in compliance with the Risk Management Framework (RMF) as outlined in either the DAAPM, JSIG, or ICD 503. The ISSM 1 will work under the direction of the Cybersecurity Manager and does not manage direct reports. Duties/Responsibilities
Use cyber defense tools for continuous monitoring and analysis of systems to identify malicious activity. Document and escalate incidents that may cause ongoing and immediate impact to the environment. Perform cyber defense trend analysis and reporting. Work with stakeholders to resolve computer security incidents and vulnerability compliance. Perform risk analysis whenever an application or system is implemented or changed. Ensure successful implementation and functionality of security requirements and appropriate IT policies and procedures. Perform security reviews, identify gaps in security architecture, and develop a security risk management plan. Perform other duties as assigned. Skills/Abilities
Ability to configure and review security functions of information systems. Ability to conduct security analyses, including security configurations and risk assessments. Familiarity working with DoD/IC Security Control Assessors. Familiarity with C2G/C2C interconnected systems and/or Wide Area Network (WAN) environments. Understanding of virtual environments and containerization tools/technologies. Ability to identify systemic security issues based on the analysis of vulnerability and configuration data. Ability to apply techniques for detecting host and network based intrusions using intrusion detection technologies. Ability to function effectively in a dynamic, fast paced environment. Strong interpersonal skills with effective verbal and written communication skills. Clear and structured thought processes and coherent decision making skills. Education
Associates Degree in Computer Science, Cybersecurity, Information Technology or equivalent field of study required. Experience
Minimum of 1 year of experience as an ISSO or similar, implementing DCSA Assessment and Authorization Process Manual (DAAPM), DoD Joint Special Access Program Implementation Guide (JSIG), and/or Intelligence Community Directive (ICD) 503 Risk Management, Certification and Accreditation requirements. Job Location
Cambridge, Massachusetts 02139-3563
Draper is an independent, nonprofit research and development company headquartered in Cambridge, MA. The 2,000+ employees of Draper tackle important national challenges with a promise of delivering successful and usable solutions. From military defense and space exploration to biomedical engineering, lives often depend on the solutions we provide. Our multidisciplinary teams of engineers and scientists work in a collaborative environment that inspires the cross-fertilization of ideas necessary for true innovation. For more information about Draper, visit www.draper.com. Job Description
The ISSM 1 supports the Information Assurance (IA) efforts for multiple Department of Defense (DoD) and/or Special Program information systems. The ISSM 1 is familiar with the implementation of NIST SP 800-53 and its application with respect to the DAAPM, JSIG, or ICD 503. The ISSM 1 performs the development, implementation, and evaluation of information system security for assigned programs in compliance with the Risk Management Framework (RMF) as outlined in either the DAAPM, JSIG, or ICD 503. The ISSM 1 will work under the direction of the Cybersecurity Manager and does not manage direct reports. Duties/Responsibilities
Use cyber defense tools for continuous monitoring and analysis of systems to identify malicious activity. Document and escalate incidents that may cause ongoing and immediate impact to the environment. Perform cyber defense trend analysis and reporting. Work with stakeholders to resolve computer security incidents and vulnerability compliance. Perform risk analysis whenever an application or system is implemented or changed. Ensure successful implementation and functionality of security requirements and appropriate IT policies and procedures. Perform security reviews, identify gaps in security architecture, and develop a security risk management plan. Perform other duties as assigned. Skills/Abilities
Ability to configure and review security functions of information systems. Ability to conduct security analyses, including security configurations and risk assessments. Familiarity working with DoD/IC Security Control Assessors. Familiarity with C2G/C2C interconnected systems and/or Wide Area Network (WAN) environments. Understanding of virtual environments and containerization tools/technologies. Ability to identify systemic security issues based on the analysis of vulnerability and configuration data. Ability to apply techniques for detecting host and network based intrusions using intrusion detection technologies. Ability to function effectively in a dynamic, fast paced environment. Strong interpersonal skills with effective verbal and written communication skills. Clear and structured thought processes and coherent decision making skills. Education
Associates Degree in Computer Science, Cybersecurity, Information Technology or equivalent field of study required. Experience
Minimum of 1 year of experience as an ISSO or similar, implementing DCSA Assessment and Authorization Process Manual (DAAPM), DoD Joint Special Access Program Implementation Guide (JSIG), and/or Intelligence Community Directive (ICD) 503 Risk Management, Certification and Accreditation requirements. Job Location
Cambridge, Massachusetts 02139-3563