Peraton is seeking an Information Systems Security Officer (ISSO) in support of our Corporate Information Assurance Team.

Responsibilities:

• Comply with the ISSM/ISSO Roles and Responsibilities aligned to IAM Level II or higher role.
• Maintain the Security Authorization or Assessment and Accreditation (A&A) of their assigned system(s).
• Maintain and track the Security Authorization of their assigned system(s).
• Assist in the delivery of all required documentation using the current customer approved templates, forms, regulations, and methods. These documents include, but are not limited to: SSP, RAR, SAR, Contingency Plan, IR Plan, CM Plan, SOPs, POAMs & Remediation Plans
• Continuously update all Security Authorization documentation as required by the customer and in accordance with applicable Risk Management Framework (RMF) packages.
• Provide updates to IA Leadership and Key Stakeholders and assist in establishing timelines to ensure the successful Security Authorization of a system.
• Maintain all required documentation to maintain their assigned system’s Authority To Operate (ATO) or system go live dates.
• Work closely with the System Owner to identify any additional controls that are applicable to the system(s) to maintain a favorable security posture.
• Provide updates to IA Leadership on all proposed change requests on the accredited Information System(s) as they pertain to the potential change to the existing Controls Assessment.
• Provide support on all privileged access requests to information systems.
• Track the deployment of hardware and software to the environment.
• Ensure hardware and software deployed in the environment is audited on a quarterly basis. ISSO shall provide reports to System Owners, IA Management, and to O&M staff tailored with the level of detail or abstraction as appropriate.
• Perform Vulnerability Management and ensure that open issues are addressed and reported in a timely manner.
• Support the Incident Response Team in the remediation, documentation, and reporting of all incidents for the accredited system(s) under ISSO purview.
• Perform a Weekly audit (review of logs) for each accredited information system.
• Participate in project discussions in support of the System Owner and Enterprise objectives.
• Provide track and report security requirements throughout the project life cycle of all projects that are within the accreditation boundary of their assigned system.
• Provide timely and detailed responses to all data calls.
• Provide oversight and guidance regarding requests to modify technical policies such as firewall rules, ports, protocols, etc. for each IT system.
• Continuously maintain a thorough understanding of all configurations, architecture, installed software, accounts (both Operating System and Application), data flows, ports, protocols, and other relevant data for each IT System.
• Performs other duties as assigned.
• Travel required up to 25%

Required Qualifications:

• Bachelor's degree and 2 years equivalent experience or 6 years applicable professional experience
• Experience with Authority to Operate (ATO) process, continuous monitoring, POA&Ms, Security Authorizations (SA), NIST 800-37, NIST 800-53 Rev4/ Rev5, working with System Owners (SO)
• Works well with team members
• Security+ or DoD 8570.01-M IAM Level II or higher certification
• System Admin or other technical background
• Active TS/SCI clearance w/ ability to obtain a polygraph

Preferred Qualifications:

• Experience with A&A systems e.g., eMASS and/or XACTA/SNOW
• Experience with vulnerability scanners