• Sr. Computer Security Analyst (ISSM)

    Job Location US-MA-Cambridge
    Posted Date 3 weeks ago(10/3/2018 1:48 PM)
    Requisition ID
  • Overview

    Draper is an independent, nonprofit research and development company headquartered in Cambridge, MA. The 1,700 employees of Draper tackle important national challenges with a promise of delivering successful and usable solutions. From military defense and space exploration to biomedical engineering, lives often depend on the solutions we provide. Our multidisciplinary teams of engineers and scientists work in a collaborative environment that inspires the cross-fertilization of ideas necessary for true innovation. For more information about Draper, visit www.draper.com.


    Our work is very important to us, but so is our life outside of work. Draper supports many programs to improve work-life balance including workplace flexibility, employee clubs ranging from photography to yoga, health and finance workshops, off site social events and discounts to local museums and cultural activities. If this specific job opportunity and the chance to work at a nationally renowned R&D innovation company appeals to you, apply now www.draper.com/careers.



    Equal Employment Opportunity

    Draper is committed to creating a diverse environment and is proud to be an affirmative action and equal opportunity employer.   We understand the value of diversity and its impact on a high-performance culture.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information.   


    Draper is committed to providing access, equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation, please contact hr@draper.com.


    This position will perform the functions of the Information System Security Manager (ISSM) for multiple Department of Defense (DoD) and Intelligence Community (IC) programs.  An ISSM is an individual who serves as a principal advisor on all matters, technical and otherwise, involving the security of information systems (IS) under his/her purview.  The Senior Computer Security Analyst will work under the direction of the Manager of Special Programs Information Systems Security, and will work closely with Information System Security Officers (ISSOs) to ensure the confidentiality, integrity, and availability of multiple classified computer systems.  When circumstances warrant, the Senior Computer Security Analyst may fill both the ISSM and the ISSO roles.  Candidates must be knowledgeable of information technology and security principles.  This is a multi-tasking environment that demands technical proficiency, customer service, communication, and organizational skills.



    • Develop and maintain the information systems security program for assigned programs/systems in compliance with NISPOM, DCID 6/3, JAFAN 6/3, ICD 503, JSIG RMF, and Draper policy.
    • Apply cyber security standards including DISA STIGs, RMF security controls (SP 800-53, SP 800-171, CNSSI 1253), and Draper policies and procedures to special programs computing systems.
    • Prepare and maintain security Assessment and Authorization (A&A) documentation (e.g., IA SOP, SSP, RAR, SCTM) including participation in system categorization.
    • Act as the primary IS security liaison between Draper and government sponsor counterparts for matters primarily concerning their assigned systems/programs.
    • Perform Continuous Monitoring of security controls, to include audit log review, security patching, compliance scanning, configuration management, account management, vulnerability management, control status reporting).
    • Lead and participate in security incident response as necessary, including spill remediation, intrusion and malicious code detection and investigation, reporting, and mitigations to prevent reoccurrence.
    • Supports awareness and training objectives by leading group and individual training sessions, reviewing policies and materials, and suggesting program improvements.
    • Assume ISSO responsibilities in the absence of the ISSO.
    • Coordinate with and assist other Draper security and information systems stakeholders as required.
    • Essential functions include, but are not limited to, the ISSM and ISSO responsibilities outlined in the Department of Defense (DOD) Joint Special Access Program (SAP) Implementation Guide (JSIG), and the National Industrial Security Program Operating Manual (NISPOM)
    • Perform other duties as assigned by the Manager of Special Programs Information Systems Security.



    Bachelor’s degree in Computer Science, Computer Engineering, Cybersecurity, or related discipline from an accredited college or university.  Advanced degree in Cybersecurity, management, or relevant technical area preferred.  Other formal training and demonstrated proficiency/experience will also be considered in place of an advanced degree.

    • Experience administering the system functions including security policies and account management of Microsoft Windows and Server as well as Linux/Unix-based systems.
    • DoD Directive 8570.1 IAM Level I or higher certification. (CISSP preferred)
    • Additional training and certifications preferred in areas including operating systems, computing environment, networking, and computer network defense
    • Ability to perform advanced computer management tasks, such as process automation, scripting, and deployment/use of enterprise management tools
    • Experience deploying/managing information systems in isolated/standalone environments.
    • 4+ years’ relevant experience, such as an ISSO, ISSM, or System Administrator implementing NISPOM Chapter 8, DIACAP/NIST RMF, JAFAN 6/3, DCID 6/3, ICD 503, and/or JSIG requirements.
    • Ability to work in a team environment as well as independently, demonstrate excellent problem solving abilities, be well organized, flexible, and self-motivated.
    • Requires active TOP SECRET security clearance with Sensitive Compartmented Information (SCI) access eligibility
    • Demonstrated leadership potential and experience in teaching/mentoring junior staff.



    • Able to use small tools and work in computer chassis or racks
    • Able to lift at least 30lbs on own



    Office environment

    Labs (electrical, chemical, mechanical)

    Data centers / server rooms





    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on social media

    Connect With Draper for Future Opportunities!

    If you don't find the right posting in our Career Opportunities, you may submit your resume for future consideration.