Clearance Jobs
Information Systems Security Analyst
Clearance Jobs, Cambridge, Massachusetts, United States, 02141
Senior Information Systems Security Analyst
Draper is an independent, nonprofit research and development company headquartered in Cambridge, MA. The 2,000+ employees of Draper tackle important national challenges with a promise of delivering successful and usable solutions. From military defense and space exploration to biomedical engineering, lives often depend on the solutions we provide. Our multidisciplinary teams of engineers and scientists work in a collaborative environment that inspires the cross-fertilization of ideas necessary for true innovation. For more information about Draper, visit www.draper.com. The Senior Information Systems Security Analyst supports the day-to-day activities of users, perform system maintenance, and upkeep of Information Technology. As well as provide the development, documentation, and deployment of IT Infrastructure and Operation. Responsible for vulnerability management, network defense, cybersecurity auditing, and driving procedure development and implementation. Direct the security configuration and management of multiple collateral classified and unclassified systems and networks in a variety of traditional and virtual environments including VMware, Redhat Linux, CentOS, Cisco, Palo Alto, and Windows. Ensure systems are operated, maintained, and disposed of in accordance with the organization's security policies and procedures. Train and mentor junior level security staff in continuous monitoring practices. Duties/Responsibilities: Develop processes to collect, analyze, and present cybersecurity metrics for senior management and relevant stakeholders. Define and create processes to conduct network, system, and application vulnerability scanning, remediation, and patch management. Responsible for implementing access control, resetting passwords, account creation, and general administration. Responsible for day to day support and maintenance of IT infrastructure systems (e.g. servers, workstations, switches, routers, firewalls, intrusion prevention systems, encryption devices). Maintain and update documentation, including standard operating procedures, network drawings, and configuration documentation. Conduct reviews and technical inspections to identify and mitigate potential security weaknesses, and ensure security compliance is implemented and all necessary systems are functional. Provide resolutions to an assortment of customer defined problems of moderately complex scope. Ask appropriate questions and use knowledge and resources to diagnose and resolve basic technical issues. Troubleshoots and solves problems without violating the security architecture requirements of the systems they are assigned. Provides system troubleshooting, vendor coordination, software patching, system deployment, license management, hardware and software management, and lifecycle management. Work closely with the Information Assurance group to ensure system accreditation process is followed including maintenance of standard operating procedures, network drawings and configuration documentation. Provides guidance to and may oversee the activities more junior team members. Performs other duties as assigned. Skills/Abilities: Ability to design and implement full stack cybersecurity solutions. Ability to secure multiple operating systems such as Windows, Linux and virtualization technologies. Ability to secure networks and systems utilizing DISA STIGs and/or SRGs. Knowledgeable in computer security principles and policies, including Risk Management Framework (RMF), Security Technical Implementation Guides (STIGs), National Industrial Security Program Operating Manual (NISPOM), and Defense Security Service (DSS) Assessment and Authorization Manual (DAAPM). Knowledge of the configuration of common operating systems such as Windows, Linux, and Cisco IOS. Knowledge of DCSA Enterprise Mission Assurance Support Service (eMASS). Education: Bachelor of Science in Information Technology or a related field is required. Security+ certification or higher level cert or be able to obtain one within 6 months of hire. Experience: 5-7 years of IT security experience in DoD Industrial Security. Additional Job Description: Applicants selected for this position will be required to obtain and maintain a government security clearance. Top secret clearance required with sci eligibility. Job Location - City: Cambridge Job Location - State: Massachusetts Job Location - Postal Code: 02139-3563 Draper supports many programs to improve work-life balance including workplace flexibility, employee clubs ranging from photography to yoga, health and finance workshops, off site social events and discounts to local museums and cultural activities. Draper is committed to creating an inclusive environment. We understand the value of inclusivity and its impact on a high-performance culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, national origin, veteran status, or genetic information. Draper is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation, please contact hr@draper.com.
Draper is an independent, nonprofit research and development company headquartered in Cambridge, MA. The 2,000+ employees of Draper tackle important national challenges with a promise of delivering successful and usable solutions. From military defense and space exploration to biomedical engineering, lives often depend on the solutions we provide. Our multidisciplinary teams of engineers and scientists work in a collaborative environment that inspires the cross-fertilization of ideas necessary for true innovation. For more information about Draper, visit www.draper.com. The Senior Information Systems Security Analyst supports the day-to-day activities of users, perform system maintenance, and upkeep of Information Technology. As well as provide the development, documentation, and deployment of IT Infrastructure and Operation. Responsible for vulnerability management, network defense, cybersecurity auditing, and driving procedure development and implementation. Direct the security configuration and management of multiple collateral classified and unclassified systems and networks in a variety of traditional and virtual environments including VMware, Redhat Linux, CentOS, Cisco, Palo Alto, and Windows. Ensure systems are operated, maintained, and disposed of in accordance with the organization's security policies and procedures. Train and mentor junior level security staff in continuous monitoring practices. Duties/Responsibilities: Develop processes to collect, analyze, and present cybersecurity metrics for senior management and relevant stakeholders. Define and create processes to conduct network, system, and application vulnerability scanning, remediation, and patch management. Responsible for implementing access control, resetting passwords, account creation, and general administration. Responsible for day to day support and maintenance of IT infrastructure systems (e.g. servers, workstations, switches, routers, firewalls, intrusion prevention systems, encryption devices). Maintain and update documentation, including standard operating procedures, network drawings, and configuration documentation. Conduct reviews and technical inspections to identify and mitigate potential security weaknesses, and ensure security compliance is implemented and all necessary systems are functional. Provide resolutions to an assortment of customer defined problems of moderately complex scope. Ask appropriate questions and use knowledge and resources to diagnose and resolve basic technical issues. Troubleshoots and solves problems without violating the security architecture requirements of the systems they are assigned. Provides system troubleshooting, vendor coordination, software patching, system deployment, license management, hardware and software management, and lifecycle management. Work closely with the Information Assurance group to ensure system accreditation process is followed including maintenance of standard operating procedures, network drawings and configuration documentation. Provides guidance to and may oversee the activities more junior team members. Performs other duties as assigned. Skills/Abilities: Ability to design and implement full stack cybersecurity solutions. Ability to secure multiple operating systems such as Windows, Linux and virtualization technologies. Ability to secure networks and systems utilizing DISA STIGs and/or SRGs. Knowledgeable in computer security principles and policies, including Risk Management Framework (RMF), Security Technical Implementation Guides (STIGs), National Industrial Security Program Operating Manual (NISPOM), and Defense Security Service (DSS) Assessment and Authorization Manual (DAAPM). Knowledge of the configuration of common operating systems such as Windows, Linux, and Cisco IOS. Knowledge of DCSA Enterprise Mission Assurance Support Service (eMASS). Education: Bachelor of Science in Information Technology or a related field is required. Security+ certification or higher level cert or be able to obtain one within 6 months of hire. Experience: 5-7 years of IT security experience in DoD Industrial Security. Additional Job Description: Applicants selected for this position will be required to obtain and maintain a government security clearance. Top secret clearance required with sci eligibility. Job Location - City: Cambridge Job Location - State: Massachusetts Job Location - Postal Code: 02139-3563 Draper supports many programs to improve work-life balance including workplace flexibility, employee clubs ranging from photography to yoga, health and finance workshops, off site social events and discounts to local museums and cultural activities. Draper is committed to creating an inclusive environment. We understand the value of inclusivity and its impact on a high-performance culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, national origin, veteran status, or genetic information. Draper is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation, please contact hr@draper.com.