Senior Information Assurance/Security Engineer (ISSE)

at  Peraton

ABOUT PERATON

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

QUALIFICATIONS

Required Qualifications:

• 10 years of experience that includes supporting Assessment and Authorization (A&A) and information assurance processes and documentation using RMF, BS degree; 8 years of experience with a masters; an additional 4 years of experience required in lieu of a degree (will consider at Staff level with the appropriate years of experience)
• Experience working with software developers and architects to understand security requirements
• Experience guiding application developers on security policy, identifying security requirements, providing technical guidance for the satisfaction of requirements
• DISA STIGs and STIG Viewer experience
• Hands-on experience in developing and validating control implementations and test procedures
• Knowledge of current security risks and protocols
• DoD Approved 8570 IA Technical (IAT)/IA Management (IAM) Level 2 Certification (e.g., Security+)
• RMF, Xacta experience
• Active TS clearance a djudication with the ability to obtain SCI and polygraph
• Willing to work 100% onsite in a secure environment

Desired Qualifications:

• Experience working with AWS/Google cloud-hosted information systems or applications
• Experience working with Redhat or CentOS Linux operating systems
• Experience working in a DevSecOps environment and tool chain
• Creating and using security tools and processes for scanning, testing, monitoring, and reporting
• Experience in planning and overseeing configuration changes for major applications across multiple networks
• Good analytic and problem-solving skills

Peraton offers enhanced benefits to employees working on this critical National Security program, which include heavily subsidized employee benefits coverage for you and your dependents, 25 days of PTO accrued annually up to a generous PTO cap and participation in an attractive bonus plan.

Peraton’s National Programs Business Intelligence Systems & Applications Operating Unit has a need for an experienced ISSE to support its SITE III JIOC contract charged with the orchestration, sustainment, and evolution of a portfolio of applications that focus on Collection Management, Intelligence Surveillance and Reconnaissance (ISR) and intelligence operations that directly support intelligence analysts, operations, and collection managers across the Combatant Commands.
The SITE III JIOC contract is designed to establish and ensure a multi-discipline approach to requirements engineering, solutions engineering, scheduling, reliability, resiliency, services development, integration, test and evaluation, maintainability and analysis across the National apparatus of Defense Intelligence, Combatant Commands, supporting Partner Nations and other Federal Agencies to ensure timely and accurate Joint Intelligence Operations (JIOC) collection, correlation and dissemination. Our support team applies best practices in architecture design, data science, cloud services, DevSecOps and platform integration to develop, sustain and continually evolve the enterprise business systems environment, systems integration, and back-end business process workflows.
Responsible for conducting information system security engineering activities. Develop and implement security designs for new or existing network system(s) and ensure that the design of hardware, operating systems and software applications adequately address cyber security requirements and security controls identified during system categorization and control selection. Verify compliance with required configuration guidance and support testing and validation of security designs for a system in a test environment Assist with the execution of integration testing to ensure safeguards supporting data protections and system connections are functioning as expected and producing desired results. Continuously monitor security designs for a system in a production environment, ensuring control implementations support and align with the continuous monitoring strategy. Respond to risk based on the results of ongoing monitoring activities, risk assessments, and outstanding items in plans of action and milestones. Assist with the provisioning of security metrics.