Senior Information Systems Engineer

Peraton is seeking a Senior Information Systems Engineer (Endpoint Security & C&A) to provide advanced security engineering, endpoint device management, certification/accreditation (C&A), and federal vulnerability reporting support. The position will be in support of the Information Technology Service Desk and Engineering Support program for a Contract at U. S. Department of Health and Human Services.

 

The Information Systems Engineer will play a critical role in designing, testing, and implementing endpoint and network security solutions, ensuring compliance with NIST, FISMA, FedRAMP, CISA Binding Operational Directives (BODs), and HHS OIG standards. This position requires hands-on expertise in endpoint engineering, vulnerability reporting, security architecture, and certification/accreditation processes, with an emphasis on presenting security findings and remediation strategies to management.

 

What you'll do:

 

Security Engineering

• Support Government-furnished security services assets plus systems, including refreshes and upgrades. Deliver monthly status reports.
• Engineer security solutions for hardware, software, and services to protect networks from unauthorized devices, users, and malicious code.
• Provide security engineering support in compliance with federal and HHS security mandates, including NIST SP 800-53, NIST SP 800-207 (Zero Trust), DISA STIGs, FedRAMP, and FIPS standards.
• Conduct security reviews of network configurations, firewall rules, and endpoint solutions, providing recommendations for continuous improvements.
• Safeguard Personally Identifiable Information (PII) in compliance with NIST SP 800-122.
• Provide real-time or near real-time log forwarding to SIEM systems and support audit requirements.

Vulnerability & Compliance Reporting

• Monitor and assess CVE and Known Exploited Vulnerability (KEV) catalogs published by CISA.
• Develop, document, and deliver reports on CVE/KEV findings, remediation timelines, and risk ratings.
• Track and report compliance with CISA Binding Operational Directives (BODs), including mandated remediation deadlines.
• Prepare executive summaries and technical reports on vulnerability management activities for leadership.
• Present vulnerability, risk, and remediation findings to management and stakeholders in a clear, actionable manner.

Endpoint Engineering & Certification/Accreditation

• Provide engineering support for endpoint devices (desktops, laptops, thin clients, tablets, mobile phones, and wearables).
• Develop technical plans for endpoint engineering, covering design, scheduling, resources, and monitoring.
• Conduct endpoint integration and security testing to ensure compliance with defined requirements and HHS-OIG policies.
• Develop and maintain endpoint-related SOPs, requirements documentation, and acceptance criteria.
• Perform regular technical reviews with Government staff and present recommendations to improve efficiency and cybersecurity concerns.
• Assist with System Security Plans (SSPs), Contingency Plans, POA&Ms, and Penetration Test Reports.
• Mitigate high-risk vulnerabilities within 30 days and moderate-risk vulnerabilities within 90 days.
• Collaborate with HHS OIG and internal technical teams regarding incidents, escalations and reporting.

Required Qualifications:

• Associates degree and 7 years, Bachelors degree and 5 years or Masters degree and 3 years or High School diploma and 9 years of experience.
• Must have experience in IT security engineering, endpoint security, vulnerability management, and C&A processes.
• Degree in Information Systems, Computer Science, Engineering, or related field (or equivalent practical experience).
• Strong knowledge of federal IT security frameworks, including:
• NIST SP 800 series (800-53, 800-122, 800-157, 800-207, etc.)
• FIPS 140-2 and FIPS 201-2
• FedRAMP standards
• FISMA requirements
• CISA Binding Operational Directives (BODs) and KEV reporting requirements
• Hands-on experience with vulnerability assessment, CVE/KEV reporting, and remediation tracking.
• Experience preparing and presenting security findings and compliance reports to executive management.
• Expertise in endpoint engineering and SIEM integration.
• Strong documentation and technical writing skills, including C&A documentation.
• This role involves direct collaboration with Government staff and requires strict adherence to security and confidentiality protocols.
• Must be able to obtain and maintain a Public Trust clearance.
• Must be a US Citizen.
• Must reside within 50 miles of Washington, DC as this is a hybrid role.

Preferred Qualifications:

• Advanced degree in Cybersecurity, Engineering, or related field.
• Security certifications such as CISSP, CISM, CISA, CEH, CompTIA Security+, or equivalent.
• Experience supporting HHS, DHS, DoD, or other federal agencies in endpoint security and compliance reporting.
• Expertise in Zero Trust Architecture, endpoint detection/response, and advanced vulnerability management solutions.
• Strong presentation and stakeholder presentation skills.

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

$80,000 - $128,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.