Peraton
Basic Qualifications:
Read on to find out what you will need to succeed in this position, including skills, qualifications, and experience. Bachelor’s degree in Computer Science, Cybersecurity, Engineering, Information Systems, Mathematics, Technology, or related IT field with at least 5 years of relevant experience in enterprise security engineering and compliance; or Master’s Degree and 3 years’ relevant experience; or high school diploma/equivalent and 9 years relevant experience At least 5 years’ experience with Continuous Diagnostics and Mitigation program and its phases At least 3 years’ experience utilizing Zero Trust principles: micro-segmentation, least-privilege access, continuous verification At least 7 years’ experience with the NIST Risk Management Framework (RMF) (SP 800-37/800-53) Must be a US Citizen Preferred Qualifications: Bachelor’s degree in Computer Science, Cybersecurity, Engineering, Information Systems, Mathematics, Technology, or related IT field with at least 8 years of relevant experience in enterprise security engineering and compliance; or Master’s Degree and 6 years’ relevant experience; or high school diploma/equivalent and 12 years relevant experience Experience supporting FAA systems Familiarity with the Cybersecurity Assessment and Secure Mission (CASM) model Knowledge of FISMA requirements and annual reporting processes Experience with the following Tools and Technologies: **Cloud & Database Platforms**MS SQL Server (2019/2022) · AWS GovCloud · Azure compliance baselines · AWS RDS · Power Platform & M365 Baselines · SharePoint 2019 · Tomcat 9/10**Identity & Access Management**Okta · CyberArk EPM & Privileged Access Management · ClearPass · Active Directory**Endpoint & Network Security**Tanium · Zscaler · Cisco IOS XE**Configuration Management & Compliance Baselines**Belarc · DISA STIG Tools · SCAP · CDM & CSAM tools · POA&M tracking systems · Secure Configuration dashboards**Monitoring & Reporting**Power BI · DLP / Information Protection solutions · Risk assessment workflows**Collaboration & Documentation** Jira · Enterprise Wiki / KSN portals · Runbook documentation Experience applying FedRAMP controls for cloud service providers and managing authorization packages Strong knowledge of DISA STIG and SCAP automation for multiple OS platforms Ability to map organizational controls to CISA CDM dashboard metrics and drive data integrations Peraton is seeking a senior‐level Security Engineer to lead secure configuration, continuous monitoring, and compliance engineering efforts. You’ll drive baseline hardening, risk assessments, and automation across cloud and on-prem systems, ensuring adherence to federal mandates and Zero Trust principles. Prior FAA experience is highly desirable. Direct collaboration with FAA customers is expected. Remote position with occasional local on-site meeting support in the Washington, DC, Oklahoma City, OK, or Egg Harbor Township, NJ area required. KEY RESPONSIBILITIES: Lead Secure Configuration Management baselines for applications, operating systems, databases, network devices, and platforms Conduct Continuous Diagnostics and Mitigation (CDM) program activities—vulnerability management, configuration management, identity & access controls, and incident response Perform risk assessments and manage POA&Ms; oversee Cybersecurity Assessment and Secure Mission (CASM) workflows Implement and automate DISA STIG and SCAP standards across Windows, Red Hat, iOS/iPadOS, macOS, and Chrome environments Design and enforce Zero Trust controls: micro-segmentation, least-privilege access, continuous verification of users, devices, and services Apply NIST RMF (SP 800-37/800-53) controls from system categorization through continuous authorization Facilitate FedRAMP compliance for cloud services; author and maintain SSPs, SARs, and authorization packages Map security controls to CISA CDM dashboard metrics; integrate data into monitoring solutions Collaborate with stakeholders to define baseline exceptions, track remediation progress, and report metrics Maintain documentation in enterprise wiki and compliance portals; manage Jira boards for tasks and exceptions Mentor junior security engineers and coordinate cross-team compliance reviews
#J-18808-Ljbffr
Read on to find out what you will need to succeed in this position, including skills, qualifications, and experience. Bachelor’s degree in Computer Science, Cybersecurity, Engineering, Information Systems, Mathematics, Technology, or related IT field with at least 5 years of relevant experience in enterprise security engineering and compliance; or Master’s Degree and 3 years’ relevant experience; or high school diploma/equivalent and 9 years relevant experience At least 5 years’ experience with Continuous Diagnostics and Mitigation program and its phases At least 3 years’ experience utilizing Zero Trust principles: micro-segmentation, least-privilege access, continuous verification At least 7 years’ experience with the NIST Risk Management Framework (RMF) (SP 800-37/800-53) Must be a US Citizen Preferred Qualifications: Bachelor’s degree in Computer Science, Cybersecurity, Engineering, Information Systems, Mathematics, Technology, or related IT field with at least 8 years of relevant experience in enterprise security engineering and compliance; or Master’s Degree and 6 years’ relevant experience; or high school diploma/equivalent and 12 years relevant experience Experience supporting FAA systems Familiarity with the Cybersecurity Assessment and Secure Mission (CASM) model Knowledge of FISMA requirements and annual reporting processes Experience with the following Tools and Technologies: **Cloud & Database Platforms**MS SQL Server (2019/2022) · AWS GovCloud · Azure compliance baselines · AWS RDS · Power Platform & M365 Baselines · SharePoint 2019 · Tomcat 9/10**Identity & Access Management**Okta · CyberArk EPM & Privileged Access Management · ClearPass · Active Directory**Endpoint & Network Security**Tanium · Zscaler · Cisco IOS XE**Configuration Management & Compliance Baselines**Belarc · DISA STIG Tools · SCAP · CDM & CSAM tools · POA&M tracking systems · Secure Configuration dashboards**Monitoring & Reporting**Power BI · DLP / Information Protection solutions · Risk assessment workflows**Collaboration & Documentation** Jira · Enterprise Wiki / KSN portals · Runbook documentation Experience applying FedRAMP controls for cloud service providers and managing authorization packages Strong knowledge of DISA STIG and SCAP automation for multiple OS platforms Ability to map organizational controls to CISA CDM dashboard metrics and drive data integrations Peraton is seeking a senior‐level Security Engineer to lead secure configuration, continuous monitoring, and compliance engineering efforts. You’ll drive baseline hardening, risk assessments, and automation across cloud and on-prem systems, ensuring adherence to federal mandates and Zero Trust principles. Prior FAA experience is highly desirable. Direct collaboration with FAA customers is expected. Remote position with occasional local on-site meeting support in the Washington, DC, Oklahoma City, OK, or Egg Harbor Township, NJ area required. KEY RESPONSIBILITIES: Lead Secure Configuration Management baselines for applications, operating systems, databases, network devices, and platforms Conduct Continuous Diagnostics and Mitigation (CDM) program activities—vulnerability management, configuration management, identity & access controls, and incident response Perform risk assessments and manage POA&Ms; oversee Cybersecurity Assessment and Secure Mission (CASM) workflows Implement and automate DISA STIG and SCAP standards across Windows, Red Hat, iOS/iPadOS, macOS, and Chrome environments Design and enforce Zero Trust controls: micro-segmentation, least-privilege access, continuous verification of users, devices, and services Apply NIST RMF (SP 800-37/800-53) controls from system categorization through continuous authorization Facilitate FedRAMP compliance for cloud services; author and maintain SSPs, SARs, and authorization packages Map security controls to CISA CDM dashboard metrics; integrate data into monitoring solutions Collaborate with stakeholders to define baseline exceptions, track remediation progress, and report metrics Maintain documentation in enterprise wiki and compliance portals; manage Jira boards for tasks and exceptions Mentor junior security engineers and coordinate cross-team compliance reviews
#J-18808-Ljbffr