Draper Information Systems Security Manager(Jr ISSM) in Cambridge, Massachusetts
Draper is an independent, nonprofit research and development company headquartered in Cambridge, MA. The 1,800 employees of Draper tackle important national challenges with a promise of delivering successful and usable solutions. From military defense and space exploration to biomedical engineering, lives often depend on the solutions we provide. Our multidisciplinary teams of engineers and scientists work in a collaborative environment that inspires the cross-fertilization of ideas necessary for true innovation. For more information about Draper, visit www.draper.com.
Our work is very important to us, but so is our life outside of work. Draper supports many programs to improve work-life balance including workplace flexibility, employee clubs ranging from photography to yoga, health and finance workshops, off site social events and discounts to local museums and cultural activities. If this specific job opportunity and the chance to work at a nationally renowned R&D innovation company appeals to you, apply now www.draper.com/careers.
Equal Employment Opportunity
Draper is committed to creating a diverse environment and is proud to be an affirmative action and equal opportunity employer. We understand the value of diversity and its impact on a high-performance culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information.
Draper is committed to providing access, equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation, please contact email@example.com.
This position will perform the tasks of an Information Systems Security Manger (ISSM) for multiple Department of Defense (DoD) programs. The ISSM will work under the direction of the ISSM Lead. Candidates must be knowledgeable of information technology and security principles. This is a multi-tasking environment that demands customer service, communication, and organizational skills.
Perform oversight of the development, implementation and evaluation of information systems security program for assigned programs in compliance with NISPOM RMF.
Design, develop, and recommend integrated security solutions for multiple classified IS with various operating systems.
Prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, RAR, SCTM) including participation in system categorization.
Ensure the development, documentation, and presentation of IS security education, awareness, and training activities for users and others, as appropriate.
Apply cyber security standards, directives, guidance and policies to special programs classified computing environments.
Investigate security incidents to include data spills, data integrity incidents, and malicious code incidents.
Ensure system security measures comply with applicable government policies, provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.
Conduct reviews and technical inspections to identify and mitigate potential security weaknesses, and ensure that all security features applied to a system are implemented and functional.
Provide support to other cybersecurity personnel for maintaining appropriate operation information assurance (IA) posture for programs.
DoD Directive 8570.1 IAM Level I or higher certification. (CISSP preferred)
Active SECRET security clearance or recently active TOP SECRET clearance within 24 months.
1-5 years experience as an ISSO or ISSM implementing NISPOM Chapter 8, DIACAP/NIST RMF, JAFAN 6/3, DCID 6/3, ICD 503, and/or JSIG IS requirements.
Experience administering the system functions including security policies and account management of Microsoft Windows and Server as well as Linux/Unix-based systems.
Bachelor’s degree in Computer Science, or related discipline from an accredited college or university. Experience as an ISSM may be substituted for a Bachelor’s degree.
Ability to work in a team environment as well as independently, demonstrate excellent problem solving abilities, be well organized, flexible, and self-motivated.
Familiarity conducting vulnerability scans.
Experience conducting security analysis to include security categorizations and risk assessments.
DoD Directive 8570.1 IAM Level III certification. (CISSP preferred)
Experience managing ISSO's
- Secret Clearance required.
** Draper has implemented a mandatory COVID-19 vaccination requirement for all Draper employees. This will be a condition of employment to work at Draper.
External Company Name: The Charles Stark Draper Laboratory Inc