ISSO

ISSO responsibilities for new or existing system(s) may include:

• Perform tasks delegated by the ISSM in support of various information assurance programs such as security authorization activities in compliance with Risk Management Framework (RMF) policies and procedures including System Security Plans (SSPs), Risk Assessment Reports, A&A packages, and Security Controls Traceability Matrix (SCTM)
• Maintain operational security posture to ensure information systems (IS), security policies, standards, and procedures are established and followed
• Perform vulnerability/risk assessment analysis to support Assessment & Authorization (A&A)
• Reviews and analyzes system audit logs to identify anomalous activity and potential threats to network resources
• Conduct vulnerability scans and recognizing vulnerabilities in security systems
• Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to acceptable security levels
• Apply a full range of Cybersecurity policies, principles, and techniques to maintain the security integrity of information systems processing classified information
• Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk
• Work with government customers to support computer security incidents and vulnerability compliance
• Input and maintain system documentation into government record-keeping systems Xacta
• Provide Configuration Management for security-relevant information system software, hardware, and firmware;
• Perform risk analysis whenever an application or system undergoes a major change
• Provide input to the Risk Management Framework process activities and related documentation

Full time work in SCIF is required, but hours are flexible

Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD

Required Qualifications:

• Active TS with SCI eligibility OR TS/SCI clearance adjudication, with current poly OR ability to pass a poly
• Bachelor’s degree in a relevant technical (STEM) field of study with 8+ years of relevant experience. Additional 4 years experience may be considered in lieu of degree
• Minimum 8 years experience as an IA/Security Specialist and Office of Management and Budget (OMB) Information Security directives/policy compliance
• Experience with effective policy, instruction, and development for Federal or DoD Information Security Programs
• Experience with performing Security Control Assessment in compliance with NIST SP 800- 37, NIST SP 800-53, NIST SP 800-53A, and other NIST 800 guide series
• Experience with risk analysis and assessment determinations incorporating system/mission owner, and unique operational constraints
• Must hold active Security+, CISSP, CISA, or equivalent certifications (DoD 8570 IAM 2 equivalent)
• Experience with XACTA
• Demonstrate advanced written and verbal communication skills
• Demonstrate critical thinking and problem-solving skills

Desired Qualifications:

• Experience and in-depth working knowledge of FISMA and NIST Information Security Guides
• Understanding of FISMA, NIST, and Office of Management and Budget (OMB) Federal Information System requirements
• CSAM tool experience is preferred
• Understanding of FISCAM compliance
• Experience with Amazon Web Services (AWS)

Peraton offers enhanced benefits to employees working on this critical National Security program, which include heavily subsidized employee benefits coverage for you and your dependents, 25 days of PTO accrued annually up to a generous PTO cap and participation in an attractive bonus plan.

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.