Peraton Corporation

  • Senior Governance Risk and Compliance Analyst/Engineer

    Job Locations US-VA-Herndon
    Posted Date 2 months ago(10/15/2018 11:28 AM)
    Requisition ID
    2018-6667
    Category
    Information Technology
    Clearance Status
    None
    Security Clearance
    None
  • Overview

    Peraton is actively seeking a Senior Governance, Risk and Compliance Analyst/Engineer to support our Corporate Cyber-Security efforts in Herndon, VA

    Responsibilities

    • Plans and coordinates the operational activities to guarantee compliance with governmental regulations and ordinances. The role will also develop risk management strategies to avoid non-compliance and file compliance reports.
    • Some specific duties for the position may include ensuring that all policies and procedures are implemented and well documented, performing internal reviews, and identifying compliance problems that call for formal attention.
    • Maintain IT risk identification, mitigation and acceptance processes in coordination with security and IT operations. Works with business and functional areas to perform risk assessments and make appropriate risk treatment decisions.
    • Help design, deploy and maintain the IT general control framework that is consistent with NIST RMF.
    • Maintenance and reporting of key information security metrics and reports for both operational management and corporate executives.
    • Perform IT risk mitigation and remediation to address IT control deficiencies and IT risks identified through IT audits or IT risk assessments.
    • Monitors regulatory environment for impact on security and IT risk programs and initiatives.
    • Updates and maintains policies, standards, and procedures to enhance security within the organization. Regularly review the policies, standards and procedures to confirm they are current with existing threat landscape.
    • Responsible for performing information security risk assessments according to defined scope.
    • Maintain the Supplier Risk Management (SRM) program to identify and mitigate the risk of third party relationships.
    • Monitors compliance for all appropriate regulatory requirements including DFARS/NIST 800-171, NIST 800-53, NIST Cybersecurity Framework, ITAR, and other Federal regulations, including any new regulatory initiatives applicable to the business (e.g. GDPR).

    Qualifications

    REQUIRED:

    • Bachelor’s degree in computer science, information systems, engineering, business and 10 years of experience
    • Good understanding of risk-based decision-making (i.e. risk analysis, mitigation, resolution, acceptance, etc.)
    • Strong understanding of information security and the relationship between threat, vulnerability and information value in the context of risk management.
    • Possess a good understanding of appropriate leading-edge governance-enabling technologies.
    • Demonstrated ability to build effective, cohesive and collaborative team.
    • Ability to analyze complex problems, identify root cause and recommend/negotiate reasonable solutions.
    • Ability to work with and guide the company’s operational units in managing overall risk, complying with Federal mandates, and meeting client security requirements.

    DESIRED:

    • CISSP, CISA, or information security professional certification applicable to risk management
    • Experience with Federal or DoD security policies, frameworks, and operating environments 
    • Experience in FISMA/NIST or other Federal Assessment and Authorization (A&A) process, tools, and documentation (SSP, POA&M, CP, CM Plan, and others)
    • Experience with GRC automation software, ServiceNow, or other compliance and workflow tools.

    About Peraton

    Peraton provides innovative, reliable solutions to the nation’s most sensitive and mission-critical programs and systems. Peraton has significant experience providing highly differentiated secure communications, space, and technology solutions to key customers, and has become a trusted partner on missions that are critical to the security priorities of the United States. Capabilities include complex software and technology services and solutions, as well as end-to-end mission operations abilities, including Software Systems Development, Cyber, Modeling & Simulation, Mission Operations, Signal Intelligence (SIGINT), and Quick Reaction Capabilities (QRC) / Research & Development. The company is headquartered in Herndon, VA, with approximately 3,500 employees across the U.S. and Canada. 

    EEO Statement

    We are an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Need help finding the right job?

    We can recommend jobs specifically for you! Click here to get started.