Remote Information System Security Officer (ISSO)

Responsibilities

Peraton is seeking an Information System Security Officer (ISSO) to join our team of qualified, diverse individuals. The ideal candidate will be part of the Peraton Security Team and play a Cybersecurity operational compliance role within the Data Center and Cloud Optimization (DCCO) program. This individual will be able to demonstrate industry expertise of security governance, risk and compliance domain in AWS GovCloud.

This is a 100% Remote position.

If you enjoy learning about new technologies and applying them to provide cutting-edge services to customers, Peraton is the place for you. With a strong focus on biometric security and the science of fingerprint, face, and iris recognition, we develop state-of-the-art technologies that preserve freedom and advance human discovery. Our pioneering and inventive spirit has placed us at the forefront of numerous technological advancements. We continue to innovate, with our employees not only being part of history but also actively making it.

Day to Day Work Responsibilities:

• Responsible for performing one or more Government Information Systems and assisting with end-to-end Governance Risk and Compliance (GRC) functions.
• Ensure information systems are following National Institute of Standards and Technology (NIST), Federal Information Security Management Act (FISMA), and Department of Homeland Security (DHS) requirements.
• Develop project and task schedules, track and report metrics, and to identify and communicate potential risks and/or impediments to project success.
• Manage and maintain System Security Plans (SSP) in accordance with NIST Special Publication 800-53 and DHS 4300a requirements in the DHS instance of CSAM (Cyber Security Assessment and Management Application).
• Develop core SSP documentation such as: Configuration Management Plans; Contingency and Disaster Recovery Plans; Incident Response Plans; relevant system Standard Operating Procedures; and Plan of Actions and Milestones (POA&M).
• Prepare SSPs for Security Authorization and High Value Asset assessments.
• Maintain system artifacts for evidence-based proof that SSP security controls are implemented, documented, operating as intended, and producing the desired results.
• Maintain hardware, software, ports, protocols, and services inventories.
• Manage and update the SSPs of responsibility to reflect the security impacts of system changes based upon activities and projects resulting from the Change Management process and procedures.
• Identify potential POA&Ms, open, track remediation efforts, and support fact-based efforts to close system POA&Ms with the consent of the ISSO/ISSM.
• Oversee SSP compliance in an Amazon Web Service (AWS) GovCloud, a FedRAMP environment.
• Manage the security posture of cloud environment through the use cloud native security tools, and non-native Security Event …