Ciso- Faa Bnatcs

The Chief Information Security Officer (CISO) for the FAA BNATC contract provides strategic leadership and direction for all cybersecurity compliance and risk activities supporting FAA mission systems and enterprise services. This role oversees the development implementation and continuous improvement of information security policies vulnerability management processes and GRC functions to ensure alignment with FAA DOT NIST and federal cybersecurity mandates.

The CISO serves as the primary cybersecurity advisor to program leadership ensuring secure operations for critical systems supporting the National Airspace System (NAS) and related FAA infrastructure.

Key Responsibilities:

Strategic Leadership & Program Oversight

• Lead cybersecurity strategy governance and risk management across the FAA BNATC program.
• Serve as principal advisor to FAA leadership regarding cybersecurity posture threats and compliance requirements.
• Develop and maintain the programs Information Security Management Framework in alignment with FAA AMS FAA Order 1370.121 NIST RMF and DOT security directives.

Vulnerability & Threat Management

• Direct the Vulnerability Management Program including scanning assessment prioritization reporting and remediation tracking.
• Ensure timely remediation of vulnerabilities in accordance with FAA Service Level Agreements (SLAs) and federal guidance (e.g. BOD 22-01).
• Oversee penetration testing continuous monitoring initiatives and threat modeling activities.
• Coordinate rapid response to emergent threats zero-days and security incidents.

Governance Risk & Compliance (GRC)

• Establish maintain and enforce cybersecurity policies standards and procedures tailored to FAA environments.
• Manage risk assessments POA&M activities security control implementation and monitoring in compliance with NIST SP 800-53 and FAA ISSO guidance.
• Ensure full lifecycle support for ATO packages and security authorizations.
• Lead audits internal assessments and compliance reviews including FAA ISCP FISMA reporting and continuous monitoring deliverables.

Security Architecture & Engineering Oversight

• Provide guidance on secure system design change management and architecture decisions within the NAS and mission-support environments.
• Ensure all new systems upgrades and cloud/on-premise deployments meet FAA cybersecurity requirements.

Stakeholder Engagement & Reporting

• Interface with FAA security offices program managers contractors and engineering teams to ensure alignment on cybersecurity priorities.
• Produce executive-level reports risk dashboards and briefings for FAA stakeholders.
• Represent cybersecurity interests during technical reviews governance boards and acquisition processes.

Team Leadership

• Lead mentor and develop security analysts ISSOs vulnerability engineers and GRC specialists.
• Foster a culture of continuous improvement transparency and compliance across the BNATC team.

Required Qualifications

• Bachelors degree in Cybersecurity Information Systems Engineering or related field (Masters preferred).
• 16 years of cybersecurity leadership experience including management of GRC and vulnerability programs.
• Deep knowledge of FAA and federal cybersecurity frameworks including:
• NIST RMF / NIST SP 800-53
• FAA AMS Security & Privacy guidance
• FISMA / OMB A-130
• DOT cybersecurity policies
• Experience managing large-scale cybersecurity programs supporting federal agencies.
• Strong understanding of cloud security enterprise networks and mission-critical systems.
• Exceptional communication and executive briefings skills.
• US Citizenship.
• Must have the ability to obtain / maintain a Public Trust clearance.

Preferred Qualifications

• CISSP CISM or CISA
• CRISC CGRC (formerly CAP) or similar GRC certifications
• PMP or program management certification
• FAA background or aviation/critical infrastructure cyber experience highly desirable

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the worlds leading mission capability integrator and transformative enterprise IT provider we deliver trusted highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land sea space air and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day our employees do the cant be done by solving the most daunting challenges facing our customers. Visit to learn how were keeping people around the world safe and secure.