ISSO

Job Summary:
We are seeking an experienced and highly motivated Information Systems Security Officer (ISSO) to join our team. The ISSO will be responsible for managing the security and integrity of information systems in compliance with Risk Management Framework (RMF) policies and procedures. This role involves working closely with government customers, security teams, and other stakeholders to ensure the security posture of our systems, maintain compliance with cybersecurity standards, and perform assessments and risk analysis.

Duties and Responsibilities:

• Perform tasks delegated by the ISSM in support of information assurance programs, including security authorization activities in compliance with RMF policies and procedures.
• Develop and maintain System Security Plans (SSPs), Risk Assessment Reports, A&A packages, and Security Controls Traceability Matrix (SCTM).
• Ensure that operational security posture is maintained by establishing and enforcing security policies, standards, and procedures.
• Conduct vulnerability/risk assessments to support the Assessment & Authorization (A&A) process.
• Analyze system audit logs to identify anomalous activities and potential threats to network resources.
• Perform vulnerability scans and identify weaknesses in security systems, recommending necessary actions.
• Ensure that cybersecurity-enabled products or other compensating security controls mitigate identified risks to acceptable levels.
• Apply cybersecurity principles, policies, and techniques to maintain the security integrity of information systems, especially those processing classified information.
• Conduct security reviews and identify gaps in security architecture, offering recommendations to mitigate risks.
• Collaborate with government customers to respond to computer security incidents and ensure vulnerability compliance.
• Input and maintain system documentation into government record-keeping systems such as Xacta.
• Provide Configuration Management for security-relevant information system software, hardware, and firmware.
• Perform risk analysis for any major changes to applications or systems.
• Provide input to RMF process activities and documentation to ensure compliance.

Required Qualifications:

• Active TS clearance with SCI eligibility OR TS/SCI clearance adjudication with current polygraph OR the ability to pass a polygraph.
• Bachelor's degree in a relevant technical (STEM) field with 8+ years of relevant experience, or 12+ years of experience in lieu of a degree.
• Minimum of 8 years of experience as an Information Assurance (IA) / Security Specialist with Office of Management and Budget (OMB) Information Security directives/policy compliance.
• Experience in creating and managing policies for Federal or DoD Information Security Programs.
• Experience performing Security Control Assessments in compliance with NIST SP 800-37, NIST SP 800-53, NIST SP 800-53A, and other NIST 800 series guidelines.
• Experience with risk analysis and assessment, incorporating system/mission owners and unique operational constraints.
• Active certification such as Security+, CISSP, CISA, or equivalent (DoD 8570 IAM 2 equivalent).
• Experience with Xacta for system documentation and compliance tracking.
• Excellent written and verbal communication skills.
• Strong critical thinking and problem-solving abilities.

Desired Qualifications:

• In-depth knowledge of FISMA and NIST Information Security Guidelines.
• Understanding of FISMA, NIST, and OMB Federal Information System requirements.
• Experience with the CSAM tool is preferred.
• Familiarity with FISCAM compliance requirements.
• Experience with Amazon Web Services (AWS) and cloud-based security architectures.

Peraton offers enhanced benefits to employees working on this critical National Security program, which include heavily subsidized employee benefits coverage for you and your dependents, 25 days of PTO accrued annually up to a generous PTO cap and participation in an attractive bonus plan.

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.