Peraton is hiring an RMF Engineer/ISSM (Information Systems Security Manager) in Colorado Springs, Colorado.

This Engineer will provide Risk Management Framework (RMF) in support the North American Aerospace Defense Command/United States Northern Command (N&NC) Information Technology (IT) Enterprise Services (NITES) contract, with primary work onsite in Colorado Springs.

The candidate selected for this position:

• Oversees system registration and record within eMASS to support the Risk Management Framework (RMF) process and authorization for N&NC Enterprise to ensure compliance and mitigate risk
• Assure standards consistent to meet and exceed standards to minimize risks and remain Cyber Operational Readiness Assessment (CORA) ready status
• Manage continious Cyber Security posture of enterprise systems and identify mitigations to meet DoDD 85001, DoDI 85002, DoDI 851001, DoD 857001-M, and NIST SP800-53.
• Understands scans from ACAS, SCAP, and/or other approved tools to determine security posture of systems to develop/maintain Authority to Operate (ATO) for systems and enclaves
• Refine the determination of the system categorization is accordance with CNSSI 1253 in areas of Confidentiality, Integrity, and Availability as information types and system interconnections change
• Manage development/maintenance of Security Plans, ensuring proper Security Technical Implementation Guides (STIGs) are applied for each system and enclave
• Ensure that all findings are properly documented in the Plan of Action and Milestones (POA&M) on an on-going basis
• Create and refine correct policies, procedures, and artifacts necessary to ensure controls are met

What you'll need:

• Education:  Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD, or 12 years of experience with Information Assurance/Cybersecurity in lieu of a degree
• Certifications:  IAM Level III certification required per DoD 8570, current CISSP, CISM, or GSLC certification
• Must have 8 years of IT security experience and 2 years of experience as a primary ISSO or security compliance lead for an IT system
• Clearance:  active TS/SCI clearance
• Guide working groups and teams for Milestone Reviews, Configuration Management, etc
• Prepare/conduct cybersecurity presentations and make cybersecurity risk recommendations
• Provide status updates to System Owners and leadership
• Provide monthly status report to reflect the activities accomplished, issues, and path forward

Desired:

• Security Information and Event Management (SIEM) Experience
• Ability to work in a team focused, dynamic environment
• Cross Domain Solutions Certification Experience
• Must be flexible, independent, and self-motivated
• Must be punctual with regular and consistent attendance