Senior Information Systems Engineer

Peraton is seeking a Senior Information Systems Engineer (Endpoint Security & C&A) to provide advanced security engineering endpoint device management certification/accreditation (C&A) and federal vulnerability reporting support. The position will be in support of the Information Technology Service Desk and Engineering Support program for a Contract at U. S. Department of Health and Human Services.

The Information Systems Engineer will play a critical role in designing testing and implementing endpoint and network security solutions ensuring compliance with NIST FISMA FedRAMP CISA Binding Operational Directives (BODs) and HHS OIG standards. This position requires hands-on expertise in endpoint engineering vulnerability reporting security architecture and certification/accreditation processes with an emphasis on presenting security findings and remediation strategies to management.

What youll do:

Security Engineering

• Support Government-furnished security services assets plus systems including refreshes and upgrades. Deliver monthly status reports.
• Engineer security solutions for hardware software and services to protect networks from unauthorized devices users and malicious code.
• Provide security engineering support in compliance with federal and HHS security mandates including NIST SP 800-53 NIST SP 800-207 (Zero Trust) DISA STIGs FedRAMP and FIPS standards.
• Conduct security reviews of network configurations firewall rules and endpoint solutions providing recommendations for continuous improvements.
• Safeguard Personally Identifiable Information (PII) in compliance with NIST SP 800-122.
• Provide real-time or near real-time log forwarding to SIEM systems and support audit requirements.

Vulnerability & Compliance Reporting

• Monitor and assess CVE and Known Exploited Vulnerability (KEV) catalogs published by CISA.
• Develop document and deliver reports on CVE/KEV findings remediation timelines and risk ratings.
• Track and report compliance with CISA Binding Operational Directives (BODs) including mandated remediation deadlines.
• Prepare executive summaries and technical reports on vulnerability management activities for leadership.
• Present vulnerability risk and remediation findings to management and stakeholders in a clear actionable manner.

Endpoint Engineering & Certification/Accreditation

• Provide engineering support for endpoint devices (desktops laptops thin clients tablets mobile phones and wearables).
• Develop technical plans for endpoint engineering covering design scheduling resources and monitoring.
• Conduct endpoint integration and security testing to ensure compliance with defined requirements and HHS-OIG policies.
• Develop and maintain endpoint-related SOPs requirements documentation and acceptance criteria.
• Perform regular technical reviews with Government staff and present recommendations to improve efficiency and cybersecurity concerns.
• Assist with System Security Plans (SSPs) Contingency Plans POA&Ms and Penetration Test Reports.
• Mitigate high-risk vulnerabilities within 30 days and moderate-risk vulnerabilities within 90 days.
• Collaborate with HHS OIG and internal technical teams regarding incidents escalations and reporting.

Required Qualifications:

• Associates degree and 7 years Bachelors degree and 5 years or Masters degree and 3 years or High School diploma and 9 years of experience.
• Must have experience in IT security engineering endpoint security vulnerability management and C&A processes.
• Degree in Information Systems Computer Science Engineering or related field (or equivalent practical experience).
• Strong knowledge of federal IT security frameworks including:
• NIST SP 800 series (etc.)
• FIPS 140-2 and FIPS 201-2
• FedRAMP standards
• FISMA requirements
• CISA Binding Operational Directives (BODs) and KEV reporting requirements
• Hands-on experience with vulnerability assessment CVE/KEV reporting and remediation tracking.
• Experience preparing and presenting security findings and compliance reports to executive management.
• Expertise in endpoint engineering and SIEM integration.
• Strong documentation and technical writing skills including C&A documentation.
• This role involves direct collaboration with Government staff and requires strict adherence to security and confidentiality protocols.
• Must be able to obtain and maintain a Public Trust clearance.
• Must be a US Citizen.
• Must reside within 50 miles of Washington DC as this is a hybrid role.

Preferred Qualifications:

• Advanced degree in Cybersecurity Engineering or related field.
• Security certifications such as CISSP CISM CISA CEH CompTIA Security or equivalent.
• Experience supporting HHS DHS DoD or other federal agencies in endpoint security and compliance reporting.
• Expertise in Zero Trust Architecture endpoint detection/response and advanced vulnerability management solutions.
• Strong presentation and stakeholder presentation skills.

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the worlds leading mission capability integrator and transformative enterprise IT provider we deliver trusted highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land sea space air and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day our employees do the cant be done by solving the most daunting challenges facing our customers. Visit to learn how were keeping people around the world safe and secure.