Information System Security Engineer (ISSE)

The successful candidate will perform the following: 

• Support the ISSO with Log Review/Analysis using SIEM tools (Splunk, etc.) to determine appropriate actions
• Conduct Vulnerability Analysis and Review of ACAS scans
• Assist with analysis and completion of DISA STIGs to ensure STIG-compliant solutions
• Utilize DevOps, SecOps methodologies to analyze and ensure that development requirements effectively integrate security requirements throughout the entire process
• Ensure ConMon requirements are addressed at the system level
• Coordinate security activities with system leads, ISSO’s and program managers
• Determine, design, implement, and evaluate the security requirements and measures of computer systems and networks
• Assess potential risks, mitigation measures, residual risks, and providing recommendations to stakeholders
• Develop and implement technical solutions to address security vulnerabilities
• Conduct risk assessments and provide recommendations for mitigating risks
• Lead the technical aspects of internal security audits and investigations
• Ensure compliance with government regulations and industry standards
• Support and execute cloud security tasks (AWS & Azure)

Required Qualifications: 

• Experience working with software developers and architects to understand security requirements
• Experience guiding application developers on security policy, identifying security requirements, providing technical guidance for the satisfaction of requirements
• DISA STIGs and STIG Viewer experience
• Hands-on experience in developing and validating control implementations and test procedures
• Knowledge of current security risks and protocols
• DoD Approved 8570 IA Technical (IAT) Level 2 Certification (e.g., Security+)
• Active TS with SCI eligibility
• Experience that includes supporting Assessment and Authorization (A&A) and information assurance processes and documentation using RMF.
• Experience working in a DevSecOps environment
• Associate's degree and 10+ years of experience, or Bachelor’s degree and 8+ years of experience, or Master’s Degree and 6+ years of experience, or 3 years with PhD. Bachelor's degree must be in one of the following fields:
  • Information Technology
  • Cybersecurity
  • Computer Science
  • Information Systems
  • Data Science
  • Software Engineering
• In lieu of a Bachelor's degree, candidate must posess a minimum 4 additional years of relevant experience and one or more of the following active certifications:
  • Cloud+
  • GSEC
  • CCSP
  • SecurityX / CASP+
  • CSSLP
  • CCSP
  • CISM
  • CISSO
  • CISSP-ISSAP
  • CISSP-ISSEP
  • FITSP-D
  • GCIA
  • GCLD
  • GCSA
  • GDSA
  • GICSP

Desired Qualifications: 

• Experience working with AWS/Google cloud-hosted information systems or applications
• Experience working with Redhat or CentOS Linux operating systems
• Creating and using security tools and processes for scanning, testing, monitoring, and reporting
• Experience in planning and overseeing configuration changes for major applications across multiple networks
• Good analytic and problem-solving skills

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.