Information Systems Security Engineer (ISSE)
Responsibilities
The successful candidate will perform the following:
- Support the ISSO with Log Review/Analysis using SIEM tools (Splunk, etc.) to determine appropriate actions.
- Conduct Vulnerability Analysis and Review of ACAS scans.
- Assist with analysis and completion of DISA STIGs to ensure STIG-compliant solutions.
- Utilize DevOps, SecOps methodologies to analyze and ensure that development requirements effectively integrate security requirements throughout the entire process.
- Ensure ConMon requirements are addressed at the system level.
- Coordinate security activities with system leads, ISSO’s and program managers.
- Determine, design, implement, and evaluate the security requirements and measures of computer systems and networks.
- Assess potential risks, mitigation measures, residual risks, and providing recommendations to stakeholders.
- Develop and implement technical solutions to address security vulnerabilities.
- Conduct risk assessments and provide recommendations for mitigating risks.
- Lead the technical aspects of internal security audits and investigations.
- Ensure compliance with government regulations and industry standards.
Qualifications
Required Qualifications:
- Experience working with software developers and architects to understand security requirements.
- Experience guiding application developers on security policy, identifying security requirements, providing technical guidance for the satisfaction of requirements.
- DISA STIGs and STIG Viewer experience.
- Hands-on experience in developing and validating control implementations and test procedures.
- Knowledge of current security risks and protocols.
- Certifications: Active IAT Level II certification (CompTIA Security+ preferred).
- Security Clearance: Active Top Secret with SCI eligibility.
- Education: Bachelor’s degree and 8+ years of experience, or Master’s Degree and 6+ years of experience, or 3 years with PhD. A degree in one of the following fields of study is highly desired: Information Technology, Computer Science, Cybersecurity, Information Systems, Software Engineering, or Data Science. However, an additional 4 years of relevant experience or specialized training may be considered in lieu of Bachelor's degree.
Desired Qualifications:
- Certifications: CASP+, CISM, CISSP-ISSAP, CISSP-ISSMP, FITSP-D, GCIA, GCSA, GICSP, GSEC, GDSA, GICSP, GMON, CCSP, CISSO, Cloud+, or CSSLP.
- Experience transitioning from RMF v4 to v5.
- Basic understanding of identity and access management system capabilities and configuration.
- Experience with cloud computing platforms such as AWS and Azure.
- Experience with TASKORDS, OPORDS, etc.
- Experience leading Cybersecurity (ISSO & ISSE) teams.
- Experience working with Redhat or CentOS Linux operating systems.
- Experience working in a DevSecOps.
- Creating and using security tools and processes for scanning, testing, monitoring, and reporting.
- Experience in planning and overseeing configuration changes for major applications across multiple networks.
- Good analytic and problem-solving skills.
Peraton Overview
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.