Information Systems Security Officer (ISSO)

Peraton has an opening for a Information Systems Security Officer (ISSO)with a proven track record of DevSecOps success to include a combination of technical skills communication skills and cybersecurity skills. The successful candidate will be responsible for ensuring the implementation and maintenance of security controls in accordance with RMF v5 managing ATO packages drafting security documentation including Operating Procedures Cybersecurity Strategy (CSS) System Security Plans (SSP) ATO packages as well as System Security and Privacy Plan (SSPP) in accordance with DoD policies Department of Airforce (DAF) regulations and DC3 guidance.

The candidate must have expert knowledge and demonstrated experience with cybersecurity technologies risk management and incident response procedures as well as have a solid working understanding of computer functions including hardware software and operating systems. This includes knowledge of Windows Unix and Linux operating systems along with other applications such as databases web servers networking technologies including routing switching and VPNs. Its a bonus if the candidate has experience with cloud computing platforms such as AWS and Azure.

The ISSO must be able to work autonomously manage their workload effectively shift priorities with little to no loss of productivity and communicate effectively with technical and non-technical personnel.

Required Qualifications:

• Well-versed in best practices for cyber security program standards processes and procedures compliance industry-standard security frameworks and demonstrated expert working knowledge of NIST Special Publication (SP) 800-53: Recommended Security Controls for Federal Information Systems NIST SP 800-53A: Guide for Assessing the Security Controls in Federal Information Systems AFPD 17-1 and AFI 17-130 Cybersecurity Program Management.
• Ability writing security policies and procedures CSS SSP SSPP and assess all ATO package artifacts.
• Expert knowledge of Risk Management Framework (RMF) v5 (Processes workflow etc.).
• Ability to use eMASS to execute RMF v5 to include document / update system status identify document and manage implementation of operational and technical security controls implementation and risk assessment tabs non-compliant and non-validated controls POAM management (entry evidence close-out) produce report and track Plan of Action and Milestone (POA&M) due dates etc.
• The ability to complete a checklist to ensure Security Authorization Process documents are complete and comply with all guidance.
• Ability to work collaboratively with IT counterparts communicate effectively (skilled in communicating complex technical information to non-technical audience) and coordinate STIG remediation with system administrators and developers.
• Ability to conduct risk assessments monitor security Incidents and respond appropriately to Security Threats.
• Working understanding of network technology (includes knowledge of network protocols TCP/IP) operating systems as well as the necessary security protocols system details (Architecture data flow security cat requirements configuration management process/procedures and user profile) firewalls rules and configurations intrusion detection tools and prevention systems encryption techniques Windows Unix and Linux) operating systems along with other applications such as databases and web servers.
• Ability to execute tasks with little to no oversight or support as well as manage multiple and at times competing priorities without loss of productivity.
• Active Top Secret clearance with SCI eligibility.
• Bachelors degree and 8 years of experience; OR Masters Degree and 6 years of experience; OR 3 years with PhD. Bachelors degree must be in one of the following fields:
  • Information Technology
  • Cybersecurity
  • Computer Science
  • Information Systems
  • Data Science
  • Software Engineering
• Required Certification (one or more of the following):
  • Cloud
  • GSEC
  • FITSP-O
  • GCIA
  • GCFA
  • GDSA
  • GICSP
  • Security
  • GCED
  • GFACT
  • GISF
  • PenTest
  • CBROPS
  • CFR
  • CySA

Desired Qualifications:

• Experience transitioning from RMF v4 to v5.
• Basic understanding of identity and access management system capabilities and configuration.
• Experience with cloud computing platforms such as AWS and Azure.
• Experience with TASKORDS OPORDS etc.
• Experience leading Cybersecurity (ISSO & ISSE) teams.

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the worlds leading mission capability integrator and transformative enterprise IT provider we deliver trusted highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land sea space air and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day our employees do the cant be done by solving the most daunting challenges facing our customers. Visit to learn how were keeping people around the world safe and secure.