Draper is an independent, nonprofit research and development company headquartered in Cambridge, MA. The 1,600 employees of Draper tackle important national challenges with a promise of delivering successful and usable solutions. From military defense and space exploration to biomedical engineering, lives often depend on the solutions we provide. Our multidisciplinary teams of engineers and scientists work in a collaborative environment that inspires the cross-fertilization of ideas necessary for true innovation. For more information about Draper, visit www.draper.com.
Our work is very important to us, but so is our life outside of work. Draper supports many programs to improve work-life balance including workplace flexibility, employee clubs ranging from photography to yoga, health and finance workshops, off site social events and discounts to local museums and cultural activities. If this specific job opportunity and the chance to work at a nationally renowned R&D innovation company appeals to you, apply now www.draper.com/careers.
Equal Employment Opportunity
Draper is committed to creating a diverse environment and is proud to be an affirmative action and equal opportunity employer. We understand the value of diversity and its impact on a high-performance culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information.
Draper is committed to providing access, equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation, please contact firstname.lastname@example.org.
The Draper Information Security Office (InfoSec) is responsible for securing and monitoring Draper's digital assets as well as maintaining the highest level of information assurance across the enterprise. The Senior Cybersecurity Analyst will be responsible for:
• Directly support the Manager of Information Security, providing technical and supervisory leadership for the rest of the team
• Oversight of staff performing daily monitoring of network and endpoint assets, hunting for anomalous or malicious activity
• Drive Incident Response processes, taking a leadership position to ensure that such matters are identified, remediated, and have documented root cause
• Work with junior staff members to encourage growth of technical knowledge and share best practices
• Review existing, and author additional information security processes and standards
• Mentor junior staff, provide development programs for such staff and ensure technical progress of their abilities
• Handles a wide range of security issues including architectures, firewalls, electronic data traffic and network access
• Uses encryption technology, penetration and vulnerability analysis of various security technologies and information technology research
• Designs and develops new systems, applications, and solutions for enterprise wide systems and networks
• Responsible for analysis evaluation and recommendations designed to promote economy, efficiency and effectiveness in the security program
• Resolves highly complex malware and intrusion issues
• Work closely with other Draper teams to architect secure solutions that address complex requirements
• Coordinate with fellow Information Security leadership to define and plan security strategies
• Stay current with emerging information security technologies, trends, and practices
• Evaluate/Implement new cyber-security tools as well as policies to enhance Draper’s security posture
- Conducts network or software vulnerability assessments and penetration testing utilizing reverse engineering techniques.
- Perform vulnerability analysis and exploitation of applications, operating systems or networks. Identifies intrusion or incident path and method. Isolates, blocks or removes threat access.
- Evaluates system security configurations. Evaluates findings and performs root cause analysis.
- Performs analysis of complex software systems to determine both functionality and intent of software systems.
- Responsible for system integration, and tools specific to Cyber and Information Operations.
- Continued training and education to stay abreast of the latest threats in global cybersecurity
• Broad technical background required, including a mastery of system and network functional areas
• Proficient with industry standard security technologies, including firewalls, IDS/IPS, SIEM tools, endpoint monitoring, etc.
• Hands on experience with incident response procedures and best practices
• Familiarity with threat intelligence process and integration
• Highly developed communication skills
• Leadership and organizational skills
• Bachelor’s Degree in Computer Science, and/or Business and/or IT Management
• Preferred: - Relevant information cyber-security certifications, including CISSP, OSCP, GCIH, GCIA, Security+ etc
• Ability to Obtain and Maintain a US Security Clearance