Information Security Analyst Co-Op

Overview

Draper is an independent, nonprofit research and development company headquartered in Cambridge, MA. The 2,000+ employees of Draper tackle important national challenges with a promise of delivering successful and usable solutions. From military defense and space exploration to biomedical engineering, lives often depend on the solutions we provide. Our multidisciplinary teams of engineers and scientists work in a collaborative environment that inspires the cross-fertilization of ideas necessary for true innovation. For more information about Draper, visit www.draper.com.

Our work is very important to us, but so is our life outside of work. Draper supports many programs to improve work-life balance including workplace flexibility, employee clubs ranging from photography to yoga, health and finance workshops, off site social events and discounts to local museums and cultural activities. If this specific job opportunity and the chance to work at a nationally renowned R&D innovation company appeals to you, apply now www.draper.com/careers.

Equal Employment Opportunity

Draper is committed to creating a diverse environment and is proud to be an affirmative action and equal opportunity employer.   We understand the value of diversity and its impact on a high-performance culture.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information.   

Draper is committed to providing access, equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation, please contact hr@draper.com.

Responsibilities

The Information Security Analyst Co-Op is responsible for implementing, troubleshooting, and supporting information security infrastructure at Draper. This infrastructure includes the solution’s hardware/software, patching, upgrades, and configuration management. The position must also work closely with other members of the Information Security team to monitor and maintain Draper's other security systems, mitigating threats to Draper's network including the triaging and remediation of alerts.

Essential Functions:

Note: All essential functions percent time allotment estimates vary based on many factors, some of which including but not limited to organizational needs, applicants areas of interest, and applicants aptitude.

• Motivated self-starter that can perform research and apply knowledge whilst being confident to ask for insight, guidance, feedback, and support. There will be regularly scheduled check-ins on a cadence on top of shadowing and general projects that will involve collaboration, but one should escalate for aid/guidance as one feels it is warranted.
• Work on long term and short term projects for continual improvement of Enterprise InfoSec that will be an estimated ~10%-50% of hours worked. These will be both team and individually lead with mentor guidance and support.
• Alert Triage/Tuning and Incident Response – estimated ~20%-40% of hours worked.
• Ticket Triage – estimated 10%-30% of hours worked. These range from network segment design, software security assessments with Legal weigh in, cross-team coordination, governance, and more that will provide insight into many items InfoSec has oversight in and considerations around Governance, Risk, and Compliance that have to be made to support engineering and the business at large. This will include meeting with internal customers, as needed, to discuss their success criteria and come to a potential computing security minded solution.
• InfoSec Systems Administration and Continual Improvement – 10%-40% of hours worked depending on organizational needs and applicant’s areas of interest and aptitude. Solutions may include but are not limited to: (H)IPS, DLP, FDE, AV, firewalls, VPN, EDR, EPM, VMS, SIEM, Access Control, etc.
• InfoSec and larger organizational technical and organizational meetings shadowing/participation – 10-30% of hours worked depending on organizational needs and applicant’s areas of interest and aptitude.

Qualifications

Required:

• US Citizen per compliance requirements a DOD contractor must adhere to.
• Occasional off-hour support is necessary to support maintenance windows and incident response scenarios, but we’ll be mindful of the student’s schedule if they are taking classes or have a secondary job that needs to be scheduled around. If an incident arises at 4:50PM on a Wednesday and the student is scheduled to leave at 5PM, it’d be appreciated if they stay to work the incident rather than giving the group a heads up and leaving for the day. Hours can be flexible with managerial approval.

Preferred:

• Basic introductory courses taken in Computing Security, Computer Science, Information Technologies, Engineering OR equivalent experience greatly preferred (certificates in cybersecurity from accredited institutions will be recognized)
• Degree programs that require feedback and grading of student performance for graduation. It is welcome if a degree program requires a student to (privately) grade and submit feedback the program feedback of the company’s performance.
• Experience with various operating systems such as Windows, Linux, MacOS, Android, iOS
• Experience programming, API hook-ins, automation, discrete math logic, SQL
• Experience with regular expressions
• 1+ year of experience in IT Security or Systems Administration roles or classes relating to such roles.
• Excellent written and verbal communication skills
• Ability to obtain and maintain a government security clearance is required if Draper has openings to hire and a student would like to come back full time at a later date in the same or a different (but related) department.