Information Security Manager
Washington, DC, United States
Full Time Senior-level / Expert Clearance required USD 104K - 166K
Peraton
Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly...Responsibilities
Provides technical and programmatic information assurance services to internal and external customers in support of network and information security systems. Designs, develops, and implements security requirements within an organization’s business processes. Prepares documentation from information obtained from customer using accepted guidelines. Prepares security test and evaluation plans. Provides certification and accreditation support in the development of security and contingency plans and conducts complex risk and vulnerability assessments. Analyzes policies and procedures against Federal laws and regulations and provides recommendations for closing gaps. Recommends system enhancements to improve security deficiencies. Develops, tests, and integrates computer and network security tools. Secures system configurations and installs security tools, scans systems to determine compliancy and report results and evaluates products and various aspects of system administration. Conducts security program audits and develops solutions to lessen identified risks. Provides information assurance support for the development and implementation of security architectures to meet new and evolving security requirements. Provides assistance in computer incident investigations. Performs vulnerability assessments including development of risk mitigation strategies.
Key Responsibilities:
- Participate in governance boards, such as the ARB, ERB, TRB, Change Control Board (CCB), and provide and advise on best practices for managing the lifecycle of system changes with minimal disruption to enterprise IT services.
- Develop and grow existing and new team members to foster collaboration, career development, and a culture of ownership and accountability.
- Lead all security-related activities on the program.
- Create and maintain documentation in the O&M manual and SOPs for all security- related hardware and software.
- Develop and maintain security Work Plan across all SecOps task areas.
- Administer, configure and manage security-related tools, sensors, and devices to include maintaining the latest malware device signature.
- Update tools signatures to detect the latest cyber threats.
- Establish device security settings and configurations in accordance with enterprise security guidance. This includes access control, audit, and network configuration settings.
- Collect, aggregate, and review Intrusion Detection System/Intrusion Prevention System (IDS)/IPS) data from network sensors, including raw data from collection agents, firewalls, proxy servers, Data Loss Prevention (DLP), antivirus, vulnerability scanner elements and other security-relevant devices centralized in the Security Incident Event Management (SIEM) system.
- Ensure all systems and network configurations are meeting USAID secure configuration baselines and document any deviations according to the Security Assessment and Authorization (SA&A) process.
- Support ISSO for continuous monitoring and SA&A activities.
- Support 1/3 controls testing annually.
- Provision of Elevated Privilege access rights for all Agency applications.
*Contingent on Contract Award*
Qualifications
Basic Qualification:
- U.S. Citizen
- An active SECRET or the ability to obtain a SECRET Clearance.
- Bachelor’s degree with 10 years, master’s degree with 8 years; four (4) years of experience can be substituted in lieu of a bachelor’s degree.
- Must hold a Certified Information Systems Security Professional (CISSP) certification.
- Experience with effective policy, instruction, and development for Federal or DoD Information Security Programs.
- Ability to correlate operational concepts and apply appropriate security measures to mitigate threats or vulnerabilities.
- Experience with risk analysis and assessment determinations incorporating system/mission owner, and unique operational constraints.
- Experience performing Security Control Assessments in accordance with NIST 800 guide series.
Peraton Overview
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.
Target Salary Range
$104,000 - $166,000. This represents the typical salary range for this position based on experience and other factors.Tags: Antivirus Audits CISSP Clearance DoD Firewalls Governance IDS Intrusion detection Intrusion prevention IPS Malware Monitoring Network security NIST Risk analysis SecOps Security assessment SIEM Vulnerabilities
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Officer jobs
- Open Senior Product Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Editor jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Engineer jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs