Peraton
Information Systems Security Officer (ISSO)
Peraton, Washington, District of Columbia, us, 20022
Responsibilities
Be part of our exciting team supporting a robust, world-wide communications network, providing office automation packages; document and information management tools; and collaboration, voice, and video tools in a secure, flexible, distributed architecture supporting a classified DoD IT system deployed worldwide. Peraton is seeking an
Information Systems Security Officer (ISSO)
to collaborate on Cyber related design efforts, provide security engineering of RMF B0E artifacts of a large-scale enterprise Information Technology (IT) program. Responsibilities include: Provide Cyber Security expertise for all assigned engineering tasks and Cyber projects. Provide guidance describing the system and its functions, information types, operating environments, and security requirements. Review the adequacy of the security controls and their ability to protect the information system and its information; assist in tailoring security controls, as appropriate. Assist in determining the assurance measures that can be used to meet assurance requirements. Integrate into all Scrum and project teams to provide RMF security related support. Work collaboratively with Systems, Network, and other engineers throughout the service design lifecycle to design and implement security controls and best practices such as Zero Trust Architecture, including engineering of assigned RMF BoE documentation. Conduct Assessment and Accreditation (A&A) activities, following security processes and coordinating with the Designated Authorizing Official (DAO) representatives and appropriate security teams. Create and update assigned RMF documentation and artifacts for each service, as required. Provide technical and programmatic information assurance services to internal and external customers in support of network and information security systems. Design, develop, and implement security requirements within an organization’s business processes. Prepare documentation from information obtained from customers using accepted guidelines. Prepare security test and evaluation plans. Provide certification and accreditation support in the development of security and contingency plans and conduct complex risk and vulnerability assessments. Analyze policies and procedures against Federal laws and regulations and provide recommendations for closing gaps. Recommend system enhancements to improve security deficiencies. Develop, test, and integrate computer and network security tools. Secure system configurations and install security tools, scan systems to determine compliance and report results, and evaluate products and various aspects of system administration. Conduct security program audits and develop solutions to lessen identified risks. Provide information assurance support for the development and implementation of security architectures to meet new and evolving security requirements. Assist in computer incident investigations. Perform vulnerability assessments including development of risk mitigation strategies. Qualifications
Minimum of 12 years with BS/BA; Minimum of 10 years with MS/MA; Minimum of 7 years with Ph.D. 4 years of additional work experience may be considered in lieu of a Bachelor's degree. TS/SCI level clearance is required. Proven ISSO expertise across a large-scale enterprise Information Technology (IT) program. Familiar with RMF and DoDAF 2.0 processes and standards. Familiar with Scrum methodologies. IAM Level I certification required. Proven experience performing security engineering across enterprise systems and networks. Proven experience performing Systems Security tasks including: Security Information and Event Monitoring (Splunk); Endpoint security (HBSS); password and credential management (CyberArk); Compliance and vulnerability scanning (ACAS / Nessus); and Code Scanning (Fortify). Proven experience performing Network Security for Firewalls, Intrusion Detection Systems (IDS)/ Intrusion Prevention Systems (IPS). Proven experience with Cisco products (Cisco Security Manager, Cisco FireSight Management Center, Cisco Firewall Service Modules (FWSM), Cisco IPS/IDS modules, Cisco Firepower IDS/IPS, Advance Malware Protection (AMP) services, Cisco Identity Services Engine (ISE) services, etc.
#J-18808-Ljbffr
Be part of our exciting team supporting a robust, world-wide communications network, providing office automation packages; document and information management tools; and collaboration, voice, and video tools in a secure, flexible, distributed architecture supporting a classified DoD IT system deployed worldwide. Peraton is seeking an
Information Systems Security Officer (ISSO)
to collaborate on Cyber related design efforts, provide security engineering of RMF B0E artifacts of a large-scale enterprise Information Technology (IT) program. Responsibilities include: Provide Cyber Security expertise for all assigned engineering tasks and Cyber projects. Provide guidance describing the system and its functions, information types, operating environments, and security requirements. Review the adequacy of the security controls and their ability to protect the information system and its information; assist in tailoring security controls, as appropriate. Assist in determining the assurance measures that can be used to meet assurance requirements. Integrate into all Scrum and project teams to provide RMF security related support. Work collaboratively with Systems, Network, and other engineers throughout the service design lifecycle to design and implement security controls and best practices such as Zero Trust Architecture, including engineering of assigned RMF BoE documentation. Conduct Assessment and Accreditation (A&A) activities, following security processes and coordinating with the Designated Authorizing Official (DAO) representatives and appropriate security teams. Create and update assigned RMF documentation and artifacts for each service, as required. Provide technical and programmatic information assurance services to internal and external customers in support of network and information security systems. Design, develop, and implement security requirements within an organization’s business processes. Prepare documentation from information obtained from customers using accepted guidelines. Prepare security test and evaluation plans. Provide certification and accreditation support in the development of security and contingency plans and conduct complex risk and vulnerability assessments. Analyze policies and procedures against Federal laws and regulations and provide recommendations for closing gaps. Recommend system enhancements to improve security deficiencies. Develop, test, and integrate computer and network security tools. Secure system configurations and install security tools, scan systems to determine compliance and report results, and evaluate products and various aspects of system administration. Conduct security program audits and develop solutions to lessen identified risks. Provide information assurance support for the development and implementation of security architectures to meet new and evolving security requirements. Assist in computer incident investigations. Perform vulnerability assessments including development of risk mitigation strategies. Qualifications
Minimum of 12 years with BS/BA; Minimum of 10 years with MS/MA; Minimum of 7 years with Ph.D. 4 years of additional work experience may be considered in lieu of a Bachelor's degree. TS/SCI level clearance is required. Proven ISSO expertise across a large-scale enterprise Information Technology (IT) program. Familiar with RMF and DoDAF 2.0 processes and standards. Familiar with Scrum methodologies. IAM Level I certification required. Proven experience performing security engineering across enterprise systems and networks. Proven experience performing Systems Security tasks including: Security Information and Event Monitoring (Splunk); Endpoint security (HBSS); password and credential management (CyberArk); Compliance and vulnerability scanning (ACAS / Nessus); and Code Scanning (Fortify). Proven experience performing Network Security for Firewalls, Intrusion Detection Systems (IDS)/ Intrusion Prevention Systems (IPS). Proven experience with Cisco products (Cisco Security Manager, Cisco FireSight Management Center, Cisco Firewall Service Modules (FWSM), Cisco IPS/IDS modules, Cisco Firepower IDS/IPS, Advance Malware Protection (AMP) services, Cisco Identity Services Engine (ISE) services, etc.
#J-18808-Ljbffr