Information Assurance and Security, Advisor
Responsibilities
Peraton is seeking an Information Assurance Security Engineer to join our team of qualified, and diverse individuals
The Governance, Risk and Compliance (GRC) Team is responsible for ensuring compliance to company policies and procedures, client requirements and local, state, and federal law. The GRC Engineer must also assist in the discovery of acceptable vendors for the client and internal Peraton business owners and identify and manage the risks imposed by internal and external entities, products, and services and the identification, analysis, treatment and ongoing monitoring of risks imposed by these entities using industry accepted frameworks.
The ideal candidate has a strong working knowledge of Information Technology and background in information security risk management, information security standards and compliance requirements, and security GRC frameworks. They are a motivated self-starter that is capable of ensuring successful security involvement in IT projects from kick-off to closing in alignment with Secure by Design principles.
Work location: This position can be worked remotely
Day to Day Work Responsibilities:
- Provide expertise to the client and internal Peraton teams in the best security practices during the vendor on-boarding process.
- Determine product/services that meet the needs of the client and NIST 800-53 standards.
- Identify, analyze, treat, and monitor risk imposed by third-party and internal systems being on-boarded.
- Improve the security posture of the company and the client by documenting and managing existing risks as needed.
- Update and maintain GRC policies and procedures in a timely manner.
- Ensure compliance to local, state, and federal requirements applicable by policy/contractual or legality.
Qualifications
Basic Qualifications:
- Bachelor's degree and 8 years or a HS diploma/equivalent and 12 years experience
- U.S. Citizenship required
- 7 years of experience working in information security architecture, information security governance, risk and compliance, information security threat and vulnerability management, and/or identity governance and administration; OR Equivalent work experience and cybersecurity certifications such as CISSP, CISM, etc.
- Drive, aptitude, and attitude to handle complex or unique situations with strong analytical, critical thinking, and problem-solving skills.
- Strong interpersonal skills and effective written and verbal communication skills.
- Proven knowledge of multiple regulatory requirements and compliance frameworks (NIST, HIPAA, FTI, CJIS).
- Excellent understanding of information security principles, risk assessment methodologies, and security controls.
Preferred Qualifications:
- Experience with GRC tools and platforms is a plus.
Peraton Overview
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.