Cybersecurity Risk Analyst

Draper
Cambridge, MA
Job Description
Role Overview

The Cybersecurity Risk Analyst is a member of Draper’s Cybersecurity Risk Management team, responsible for unclassified information system risk and compliance efforts. This role contributes to the Cybersecurity Risk Management team in applying contractual and regulatory requirements to include DFARS and CMMC to Draper’s unclassified computing environments.

What You Will Do

Serve as a subject matter expert for cybersecurity risk management and compliance frameworks, lead CMMC compliance and certification efforts, provide technical risk guidance on cloud security and hybrid infrastructures, and conduct continuous monitoring of security controls.

Why It Might Be a Fit

This role requires a strong working knowledge of NIST SP 800-171, NIST SP 800-53, CMMC, NIST Risk Management Framework (RMF), and the ability to develop organizational cybersecurity policy, procedures, standards, and guidelines.

Requirements

  • Bachelor’s degree in Information Systems, Cybersecurity, or related field (or equivalent experience)
  • 4 years of cybersecurity and IT experience, including compliance, risk management, and assessment roles
  • Ability to obtain a Secret clearance is required

Benefits

  • workplace flexibility
  • employee clubs
  • health and finance workshops
  • off site social events
  • discounts to local museums and cultural activities
]]>