×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Network Security Systems Administrator

Information System Security Officer

Job in Cambridge, Middlesex County, Massachusetts, 02139, USA
Listing for: Draper Labs
Full Time, Part Time position
Listed on 2026-02-15
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Network Security, Systems Administrator
Job Description & How to Apply Below
Position: Information System Security Officer 2

Overview:

Draper is an independent, nonprofit research and development company headquartered in Cambridge, MA. The 2,000+ employees of Draper tackle important national challenges with a promise of delivering successful and usable solutions. From military defense and space exploration to biomedical engineering, lives often depend on the solutions we provide. Our multidisciplinary teams of engineers and scientists work in a collaborative environment that inspires the cross-fertilization of ideas necessary for true innovation.

For more information about Draper, visit



Job Description

Summary:

The Information System Security Officer 2 (ISSO) supports the continuous monitoring and authorization efforts of multiple classified information systems under the direction of the Information System Security Manager (ISSM). Performing a variety of technical, and non-technical Cyber Security functions. Responsibilities also include physical and environmental protection, personnel security, incident handling, and security training and awareness. In close coordination with the ISSM and ISO, the ISSO plays an active role in monitoring a system and its environment of operation to include developing and updating the SSP, managing and controlling changes to the system, and assessing the security impact of those changes.

Job Description:

Duties/Responsibilities

* Assist the ISSM in meeting their duties and responsibilities. The ISSO shall assume ISSM responsibilities in the absence of the ISSM.

* Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security authorization package.

* Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties.

* Ensure all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the IS.

* Conduct periodic reviews of information systems to ensure compliance with the security authorization package.

* Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change.

* Formally notify the ISSM and AO/DAO when changes occur that might affect system authorization.

* Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly.

* Ensure all IS security-related documentation is current and accessible to properly authorized individuals.

* Conduct Audits and Continuous Monitoring (Con Mon) activities using available technical and non-technical processes, reports Audit and Con Mon findings, Execute incident response and attends and contributes to status meetings.

* Manage configuration baselines of both hardware and software

* Identify system architecture flaws using industry standard tools (e.g. STIG, SCAP, Nessus) that will be flowed to the ISSM for review.

* Mentors and coaches ISSO 1.

* Performs other duties as assigned.

Skills/Abilities

* Fundamental understanding of common auditing techniques

* Understanding of RMF (NIST SP 800-53, JSIG, DAAPM, ICD 503), IR, Vulnerability Management, SCAP, STIG, and Security-Relevant Tools.

* Understands Information Technology basics.

* Awareness of network type designations (e.g. WAN, LAN) and associated infrastructure (e.g. Servers, switches, firewalls).

Education

* Requires a bachelor's degree in Information Technology or a related field.

* Equivalent industry experience may be substituted.

* Possesses an IAM I/IAT II Certification, or greater.

Experience:

* 3-5 years year relevant industry experience is required,

* Preferred experience with auditing systems using native language (PS/BASH), with tools and basic scripts / queries, and experience working with ISSMs to create and manage POA&Ms.

Additional

Job Description:

Applicants selected for this position will be required to obtain and maintain a government security clearance.

Current in scope Secret security clearance is required with the ability to obtain Top Secret clearance required.

Connect With Draper for Future Opportunities! If you don't find the right…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search