Senior Information Assurance/Security Engineer (ISSE)

Responsibilities

Peraton’s National Programs Business Intelligence Systems & Applications Operating Unit has a need for an experienced ISSE to support its SITE III JIOC contract charged with the orchestration, sustainment, and evolution of a portfolio of applications that focus on Collection Management, Intelligence Surveillance and Reconnaissance (ISR) and intelligence operations that directly support intelligence analysts, operations, and collection managers across the Combatant Commands. 

The SITE III JIOC contract is designed to establish and ensure a multi-discipline approach to requirements engineering, solutions engineering, scheduling, reliability, resiliency, services development, integration, test and evaluation, maintainability and analysis across the National apparatus of Defense Intelligence, Combatant Commands, supporting Partner Nations and other Federal Agencies to ensure timely and accurate Joint Intelligence Operations (JIOC) collection, correlation and dissemination.  Our support team applies best practices in architecture design, data science, cloud services, DevSecOps and platform integration to develop, sustain and continually evolve the enterprise business systems environment, systems integration, and back-end business process workflows.

 

Responsible for conducting information system security engineering activities. Develop and implement security designs for new or existing network system(s) and ensure that the design of hardware, operating systems and software applications adequately address cyber security requirements and security controls identified during system categorization and control selection. Verify compliance with required configuration guidance and support testing and validation of security designs for a system in a test environment Assist with the execution of integration testing to ensure safeguards supporting data protections and system connections are functioning as expected and producing desired results.  Continuously monitor security designs for a system in a production environment, ensuring control implementations support and align with the continuous monitoring strategy. Respond to risk based on the results of ongoing monitoring activities, risk assessments, and outstanding items in plans of action and milestones. Assist with the provisioning of security metrics.

 

The successful candidate will perform the following:

• Support the ISSO with Log Review/Analysis using SIEM tools (Splunk, etc.) to determine appropriate actions
• Conduct Vulnerability Analysis and Review of ACAS scans
• Assist with analysis and completion of DISA STIGs to ensure STIG-compliant solutions
• Utilize DevOps, SecOps methodologies to analyze and ensure that development requirements effectively integrate security requirements throughout the entire process
• Ensure ConMon requirements are addressed at the system level
• Employ best practices when implementing controls including software engineering methodologies; system and security engineering principles; secure -enhancing design, secure-enhancing architecture, and secure -enhancing coding techniques
• Coordinate security activities with system leads, ISSO’s and program managers
• Determine, design, implement, and evaluate the security requirements and measures of computer systems and networks
• Assess potential risks, mitigation measures, residual risks, and providing recommendations to stakeholders
• Develop and implement technical solutions to address security vulnerabilities
• Conduct risk assessments and provide recommendations for mitigating risks
• Lead the technical aspects of internal security audits and investigations
• Ensure compliance with government regulations and industry standards

 

Qualifications

 

Required Qualifications:

• 10 years of experience that includes supporting Assessment and Authorization (A&A) and information assurance processes and documentation using RMF, BS degree; 8 years of experience with a masters; an additional 4 years of experience required in lieu of a degree (will consider at Staff level with the appropriate years of experience)
• Experience working with software developers and architects to understand security requirements
• Experience guiding application developers on security policy, identifying security requirements, providing technical guidance for the satisfaction of requirements
• DISA STIGs and STIG Viewer experience
• Hands-on experience in developing and validating control implementations and test procedures
• Knowledge of current security risks and protocols
• DoD Approved 8570 IA Technical (IAT)/IA Management (IAM) Level 2 Certification (e.g., Security+)
• RMF, Xacta experience
• Active TS clearance adjudication with the ability to obtain SCI and polygraph
• Willing to work 100% onsite in a secure environment 

Desired Qualifications:

• Experience working with AWS/Google cloud-hosted information systems or applications
• Experience working with Redhat or CentOS Linux operating systems
• Experience working in a DevSecOps environment and tool chain
• Creating and using security tools and processes for scanning, testing, monitoring, and reporting
• Experience in planning and overseeing configuration changes for major applications across multiple networks
• Good analytic and problem-solving skills

Peraton offers enhanced benefits to employees working on this critical National Security program, which include heavily subsidized employee benefits coverage for you and your dependents, 25 days of PTO accrued annually up to a generous PTO cap and participation in an attractive bonus plan.

Peraton Overview

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

Target Salary Range

$146,000 - $234,000. This represents the typical salary range for this position based on experience and other factors.