We are seeking a highly skilled Information Assurance/Security Engineer to support Assessment & Authorization (A&A) and cybersecurity operations across multiple mission systems. This position requires a professional with hands-on expertise in the Risk Management Framework (RMF), information system security planning, and continuous monitoring in secure government environments.
Design and implement security controls and safety measures in accordance with RMF (ICD 503, CNSSI-1253, NIST 800-37, NIST 800-53, etc.).
Lead A&A activities and produce comprehensive Information Assurance documentation across multiple systems and CLINs.
Author and maintain System Security Plans (SSPs) and supporting documentation within Xacta.
Develop Security Controls Traceability Matrices (SCTM) and Security Test Plans (STP).
Analyze system vulnerabilities, recommend mitigation strategies, and implement improvements.
Conduct log reviews, vulnerability analyses (e.g., ACAS, TwistLock, SonarQube), and apply DISA STIGs using STIG Viewer.
Create and manage Plan of Action and Milestones (POA&Ms) and work with engineers and PMs to address open findings.
Support continuous monitoring efforts and audit system usage.
Collaborate with development and architecture teams to identify, define, and satisfy security requirements.
Maintain situational awareness of network status and provide timely communications of anomalies or security events.
#spaceintel
Bachelor's degree in Cybersecurity, Computer Science, or a related field coupled with 8+ years of experience supporting A&A and RMF-based documentation and processes (6+ years with MS; 12+ years in lieu of degree may be considered).
DoD 8570 Baseline Certification (e.g., Security+, CISSP).
Experience with RMF, Xacta, SIEM tools (e.g., Splunk), and vulnerability scanning.
Practical understanding of control testing and risk assessments.
Excellent analytical and problem-solving skills.
Willingness to work flexible hours if mission needs dictate.
TS/SCI with ability to obtain a Poly
Must be able to work 100% on-site in a secure environment.
Experience with AWS or Google Cloud Platform cybersecurity practices.
Familiarity with Red Hat or CentOS Linux systems.
Prior experience working in a DevSecOps environment and toolchain.
Familiarity with agile development and CI/CD pipelines in secure settings.
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.
Software Powered by iCIMS
www.icims.com