Peraton Overview
Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets. Every day, our employees do the can’t be done, solving the most daunting challenges facing our customers.
Responsibilities
Peraton is seeking a motivated professional to join our team as a Security Director to support a major multi-year GSA program. Put your years of experience into a future of excellence and become part of Peraton’s team to support the GSA’s mission to provide end to-end managed capabilities for all things needed to manage Government-wide travel. The missions overall focus is to provide value to our customers through providing the right services at the right time
Primary Responsibilities
- Serve as the primary Security POC for program.
- Work with federal stakeholders to develop and implement a strategy for advancing security operational compliance activities as part of a security framework aligned with the programs vision.
- Provide management and coordination of security delivery for ongoing base operations as well as any investment initiatives that require security SME.
- Work closely with the Program Director (and other stakeholders as needed) to plan and prioritize operational compliance activities such as ATO recertifications, Assessment and Authorization (A&A) deliverables ensuring necessary security controls are in place and operating as intended to support the confidentiality, integrity, and availability from internal and external risks.
- Design, develop, and recommend integrated security system solutions that will ensure proprietary and confidential data and systems are protected.
- Provide technical engineering services for the support of integrated security systems and solutions. Interface with clients in the strategic design process to translate security and business requirements into technical designs. Configure and validate secure complex systems, tests security products and systems to detect security weaknesses.
- Day-to-day security operations of the Contractor information systems and information technology resources needed to fulfill this contract including: infrastructure, facility, training, service delivery, QAS, workforce management systems, problem escalation and resolution, and performance monitoring systems in accordance with GSA IT Security policies.
- Understands FIPS, FISMA, FedRAMP and Other Cyber Security related federal laws, regulations and directives to develop strategies for supporting the account
- Ensuring delivery excellence in cyber security operations (Ensuring avoidance of non-performance / non-compliance contractual penalties).
- Ability to communicate the Zero Trust strategy to senior leaders in government agencies and product teams related to identity and data centric security concepts
- Able to effectively manage relationships with multiple 3rd party services
- Maintain a security plan for the program
- Manage and report security incidents; Ensure Audit preparation, facilitation and remediation
- Manage security risk and exception to standards management
- Ensure knowledge and implementation of security fundamentals, policies and standards (regulatory and contractual)
- Coordinate delivery of Security Metrics and Reporting in support of contractual commitment
- Ability to work effectively in diverse, multi-national and virtual environments
- Strong analytical skills, Self-motivated, tenacious, and demonstrate sound judgment and integrity
- Ability to influence Delivery personnel in the execution of security and compliance requirements
- Excellent and effective communication skills
|
Qualifications
Minimum Qualifications:
- BS with 16-18 years of experience, MS with 14+ years of experience, or a Ph.D with 10+ years of experience in Computer Science, Computer Studies, Information Security (or equivalent combination of education and experience)
- 10+ years of experience in managing complex regulatory and audit program, focusing on secured cloud capabilities, to include FedRAMP and ATO frameworks, procedures and processes
- CISSP certification
- Experience with NIST and FISMA requirements and reporting
- Experience with NIST RMF requirements, processes, procedures, risk mitigation, and selecting or designing appropriate security controls for implementation
- Experience in managing Security C & A processes (in particular NIST SP-800-53) and exposure to audit and compliance programs.
Preferred Qualifications
- Experience applying cloud security concepts, requirements, design development, implementation, and integration for existing and new technology product offerings
- Experience in coordinating, monitoring, and tracking security activities across the multiple organizations
- Experience with overseeing compliance programs in Microsoft Azure, Amazon AWS, PCI DSS, and FedRAMP cloud environments
- Experience of translating contractual security requirements to deliverables.
- Demonstrated understanding and experience with DevSecOps& Agile methodology
Target Salary Range
$176,000 - $282,000. This represents the typical salary range for this position based on experience and other factors.
SCA / Union / Intern Rate or Range
EEO
An Equal Opportunity Employer including Disability/Veteran.
