Security Analyst
Herndon, VA, United States
Full Time Entry-level / Junior USD 86K - 138K
Peraton
Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly...Responsibilities
Description
Peraton is seeking a Security Analyst to join our team of qualified, diverse individuals. This position is located in Herndon, VA with some remote work possible. The qualified applicant will become part of Peraton's Department of State (DOS) Consular Systems Modernization (CSM) Program, for the Bureau of Consular Affairs (CA). This initiative will modernize and consolidate the operational environment under a common technology framework in order to better support the services provided to CA’s customers.
Roles and Responsibilities:
- Ensure compliance with all systems security requirements and updates, providing guidance and instruction as necessary to personnel and development teams.
- Ensure Configuration Management (CM) for security-relevant software, hardware, and firmware is documented and maintained.
- Support ATO/certification and accreditation activities ensuring that system security requirements are met.
- Support and track resolving Vulnerability Alerts and Plan of Action and Milestones (POAMs)
- Track status of all system ATOs and recertification efforts.
- Work with architecture and development teams to document security control implementation in accordance and compliance with NIST 800-53 rev 4 control requirements.
- Work with team to initiate protective and corrective measures when a security incident or vulnerability is discovered.
- Maintain relationships with customer security counterparts.
DOSCSM
Qualifications
Basic Qualifications:
- Bachelor's degree in a related field and at least 5 years’ experience.
- Experience supporting the Accreditation and Certification process and obtaining an Approval To Operate (ATO) in accordance with the U.S Federal Information Systems Risk Management Framework (RMF).
- Experience in the NIST Framework and ISO Standards.
- Experience in tracking and resolving Vulnerability Alerts and Plan of Action and Milestones (POAMs).
- Experience with writing security controls implementation statements for systems in development to deliver for evaluation and testing to the RMF4 team in support of ATO per NIST 800-53 rev4 control set.
- Experience developing artifacts for the System Security Plan (SSP).
- Experience working with in Agile/Scrum.
- Experience working on multiple concurrent activities such as simultaneous ATOs.
- Excellent communication skills, both verbally and in writing to effectively interact with multiple teams both internal and external and client interaction.
- Must have a current, Secret (or higher) clearance. Interim clearances are acceptable.
Preferred Qualifications:
- Experience with security controls and ATO process for cloud-based environments including deploying solutions on public/hybrid clouds.
- Familiarity with DevSecOps, SDLC, CI/CD pipelines, and related Agile processes.
- Familiarity with any of the following: Jenkins, Docker, or other CD integration tools, and Fortify, CaST, or other SAST\DAST testing tools.
Peraton Overview
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.
Target Salary Range
$86,000 - $138,000. This represents the typical salary range for this position based on experience and other factors.Tags: Agile CI/CD Clearance Cloud Compliance DAST DevSecOps Docker NIST NIST 800-53 POA&M Risk management RMF SAST Scrum SDLC System Security Plan
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs