Information Security Engineer

**Position is Contingent Upon Award**

Peraton seeks innovative professionals who thrive in mission-critical environments and are passionate about protecting our national critical infrastructure. This is your chance to make an impact on one of the nations vital organizations working alongside leaders in cybersecurity engineering operations forensics threat analysis data science and systems integration.

Join Peraton in supporting a large critical infrastructure operator to defend its corporate and operations networks from nation-state attacks ensure the confidentiality integrity and availability of its systems and operations infrastructure and comply with federal and industry cybersecurity regulation. As a Risk / security controls assessment and remediation manager working alongside a state of the art 24-hour Cybersecurity Operations Center (CSOC) you will be responsible for leading the assessment validation and remediation of security controls across the organization. This role ensures that security risks are identified prioritized and effectively mitigated in alignment with regulatory requirements security frameworks and organizational risk tolerance.

Primary Responsibilities:

The Information Security Engineer will be responsible to:

• Lead security control assessments across systems applications and infrastructure
• Evaluate the effectiveness of technical administrative and operational security controls
• Identify control gaps weaknesses and residual risk
• Develop track and manage remediation plans in coordination with system owners
• Prioritize remediation efforts based on risk impact and business context
• Validate remediation actions and confirm control effectiveness post-fix
• Maintain risk registers control assessment documentation and remediation evidence
• Support internal and external audits assessments and regulatory inquiries
• Communicate risk posture trends and remediation status to leadership
• Work with stakeholders to continuously improve assessment and remediation processes and methodologies
• Stay current on emerging threats and incorporate lessons learned into recommendations to policies procedures and cybersecurity systems and network modifications
• Prepare reports and brief CSOC Manager infrastructure stakeholders and corporate management on requests

Additional Responsibilities:

• Contribute to the development and periodic review of security policies standards and control procedures
• Provide advisory support to system owners and project teams during system design or major changes
• Participate in tabletop exercises risk workshops and threat modeling sessions as a controls SME
• Support onboarding and training of staff on control assessment and remediation processes
• Assist with defining control metrics KPIs and maturity indicators
• Review and provide input on third-party risk assessments and vendor security reviews
• Support merger acquisition organizational role changes or system onboarding activities from a risk and controls perspective
• Track emerging threats regulatory changes and framework updates to inform assessment strategy
• Mentor junior risk analysts or assessment team members
• Support executive reporting and briefings on risk trends and remediation progress

Required:

• U.S. Citizenship Required
• Must have the ability to obtain / maintain a DOE L Level or DOE Secret clearance
• Degree in computer science engineering cybersecurity information technology risk management or related field
• 8 years of experience with BS/BA; 6 years with MS/MA
• Experience in cybersecurity compliance analyst governance or risk management roles
• Understanding of industry cybersecurity standards such as FISMA NIST 800 series ISO 27001 and regulatory compliance requirements
• Experience with vulnerability assessment enterprise risk assessments and remediation workflows
• Ability to analyze scan results and control findings to determine true risk to the organization
• Experience creating and managing POA&Ms or remediation plans
• Familiarity with patch management and configuration remediation processes
• Ability to lead cross-functional remediation efforts without direct authority
• Experience coordinating with engineering IT security and compliance teams
• Strong project management and prioritization skills
• Strong analytical and problem-solving skills

Desired:

• Hold technical and/or cybersecurity certification such as CISSP GIAC GSEC GIAC GCIH CISA SSCP CompTIA Security
• A masters degree in computer science engineering cybersecurity information technology or related field

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the worlds leading mission capability integrator and transformative enterprise IT provider we deliver trusted highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land sea space air and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day our employees do the cant be done by solving the most daunting challenges facing our customers. Visit to learn how were keeping people around the world safe and secure.