Information System Security Manager (ISSM)

Peraton is seeking an Information Systems Security Manager in support of Peraton Labs information assurance and information technology operations. This is a full-time on-site position working out of the Basking Ridge New Jersey office with occasional travel to our other facilities in New Jersey New Hampshire and Maryland. This role includes the personnel management of two information assurance individuals.

Responsibilities include but are not limited to:

• Lead and manage information assurance efforts personnel and systems across numerous environments in New Jersey and New Hampshire.
• Perform Information System Security Manager (ISSM) roles and responsibilities as prescribed by the DAAG JSIG ICD-503 and other applicable regulations.
• Create manage and maintain RMF Package documentation submissions and associated artifacts. This will include A&A packages ASA packages SCRs etc.
• Prepare deliver and update all required documentation using the current approved templates forms regulations and methods.
• Meet continuous monitoring requirements for the accredited information systems to include weekly auditing performing of backups AV updates OS patching vulnerability scanning and other prescribed tasks.
• Manage security vulnerabilities implement timely remediation monitor security logs for violations and anomalous events and report information security concerns and problems when necessary.
• Generate Plan of Actions & Milestones (POA&Ms) for each non-compliant control manage all applicable POA&Ms throughout the information system lifecycle. Proper documentation shall be filed and updated as required.
• Oversee the management and maintenance of Linux and Microsoft classified information systems with the ability to assist in technical efforts when needed. This may include building systems installing software and/or troubleshooting information systems and network devices.
• Apply security controls based on the DoD Security Technical Implementation Guidance and other customer requirements.
• Work closely with the key stakeholders to identify any additional controls that are applicable to the system(s) to maintain a favorable security posture.
• Assist in incident response annual self-inspection and inventory efforts.
• Track the deployment of all applicable software and hardware to classified environments.
• Provide track and report security requirements throughout the system life cycle of all information systems that are within the accreditation boundary.
• Provide timely and detailed responses to user and customer requests.
• Continuously maintain a thorough understanding of all relevant corporate policies security control plans as well as system configurations architecture installed software accounts (both Operating System and Application) data flows ports protocols and other relevant data for each Information System.
• Maintain required certifications for this role.

Required Qualifications:

• Minimum 10 years of experience.
• CISSP or equivalent certification (DoD 8570 IAM Level III).
• Experience with DARPA and DCSA assessments and authorizations.
• 5 years experience with Authority to Operate (ATO) process continuous monitoring POA&Ms Security Authorizations (SA) NIST 800-37 NIST 800-53 Rev4/ Rev5 working with Information System Owners (ISO) and Program Managers (PM).
• Experience with SCAP STIGs and other compliance tools.
• Proven written and verbal communication skills and the ability to work well with team members.
• Active TS clearance with ability to obtain SCI.

Desired Qualifications:

• Degree in a technical discipline such as computer science cybersecurity or information technology
• Experience with Ongoing Authorizations
• Experience with eMASS
• Experience with ACAS Nessus and/or other vulnerability scanners
• 3 years of solid Linux system administration working experience with specific focus on Ubuntu and RedHat distributions.
• Experience with Linux shell scripting include writing new scripts and troubleshoot existing codes.
• In-depth knowledge of TCP/IP and networking concepts and a solid understanding of the well-known services including DHCP DNS SSH TLS IPSec etc.

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the worlds leading mission capability integrator and transformative enterprise IT provider we deliver trusted highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land sea space air and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day our employees do the cant be done by solving the most daunting challenges facing our customers. Visit to learn how were keeping people around the world safe and secure.