Peraton
Senior Security Engineer
Senior Security Engineer position in the US (remote with occasional on-site support). The role involves leading secure configuration, continuous monitoring, and compliance engineering efforts, driving baseline hardening, risk assessments, and automation across cloud and on-prem systems, and ensuring adherence to federal mandates and Zero Trust principles. Direct collaboration with FAA customers is expected where applicable. Responsibilities
Lead Secure Configuration Management baselines for applications, operating systems, databases, network devices, and platforms Conduct Continuous Diagnostics and Mitigation (CDM) program activities—vulnerability management, configuration management, identity & access controls, and incident response Perform risk assessments and manage POA&Ms; oversee Cybersecurity Assessment and Secure Mission (CASM) workflows Implement and automate DISA STIG and SCAP standards across Windows, Red Hat, iOS/iPadOS, macOS, and Chrome environments Design and enforce Zero Trust controls: micro-segmentation, least-privilege access, continuous verification of users, devices, and services Apply NIST RMF (SP 800-37/800-53) controls from system categorization through continuous authorization Facilitate FedRAMP compliance for cloud services; author and maintain SSPs, SARs, and authorization packages Map security controls to CISA CDM dashboard metrics; integrate data into monitoring solutions Collaborate with stakeholders to define baseline exceptions, track remediation progress, and report metrics Maintain documentation in enterprise wiki and compliance portals; manage Jira boards for tasks and exceptions Mentor junior security engineers and coordinate cross-team compliance reviews Qualifications
Basic Qualifications: Bachelor's degree in Computer Science, Cybersecurity, Engineering, Information Systems, Mathematics, Technology, or related IT field with at least 5 years of relevant experience in enterprise security engineering and compliance; or a Master’s Degree with 3 years of relevant experience; or high school diploma/equivalent with 9 years of relevant experience At least 5 years of experience with Continuous Diagnostics and Mitigation program and its phases At least 3 years of experience utilizing Zero Trust principles: micro-segmentation, least-privilege access, continuous verification At least 7 years of experience with the NIST Risk Management Framework (RMF) (SP 800-37/800-53) Must be a US Citizen Preferred Qualifications: Bachelor's degree in Computer Science, Cybersecurity, Engineering, Information Systems, Mathematics, Technology, or related IT field with at least 8 years of relevant experience in enterprise security engineering and compliance; or Master’s Degree with 6 years of relevant experience; or high school diploma/equivalent with 12 years relevant experience Experience supporting FAA systems Familiarity with the Cybersecurity Assessment and Secure Mission (CASM) model Knowledge of FISMA requirements and annual reporting processes Experience with the following Tools and Technologies: Cloud & Database Platforms:
MS SQL Server (2019/2022), AWS GovCloud, Azure compliance baselines, AWS RDS, Power Platform & M365 Baselines, SharePoint 2019, Tomcat 9/10 Identity & Access Management:
Okta, CyberArk EPM & Privileged Access Management, ClearPass, Active Directory Endpoint & Network Security:
Tanium, Zscaler, Cisco IOS XE Configuration Management & Compliance Baselines:
Belarc, DISA STIG Tools, SCAP, CDM & CSAM tools, POA&M tracking systems, Secure Configuration dashboards Monitoring & Reporting:
Power BI, DLP / Information Protection solutions, Risk assessment workflows Collaboration & Documentation:
Jira, Enterprise Wiki / KSN portals, Runbook documentation Experience applying FedRAMP controls for cloud service providers and managing authorization packages Strong knowledge of DISA STIG and SCAP automation for multiple OS platforms Ability to map organizational controls to CISA CDM dashboard metrics and drive data integrations Peraton Overview
Peraton is a next-generation national security company that drives missions of consequence spanning the globe. As a leading mission capability integrator and transformative IT provider, we deliver trusted solutions to protect our nation and allies. Peraton supports critical national security work across all domains and serves essential government agencies and the U.S. armed forces. Visit peraton.com to learn more. Target Salary Range
$80,000 - $128,000. This represents the typical salary range for this position based on experience and other factors. EEO
EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.
#J-18808-Ljbffr
Senior Security Engineer position in the US (remote with occasional on-site support). The role involves leading secure configuration, continuous monitoring, and compliance engineering efforts, driving baseline hardening, risk assessments, and automation across cloud and on-prem systems, and ensuring adherence to federal mandates and Zero Trust principles. Direct collaboration with FAA customers is expected where applicable. Responsibilities
Lead Secure Configuration Management baselines for applications, operating systems, databases, network devices, and platforms Conduct Continuous Diagnostics and Mitigation (CDM) program activities—vulnerability management, configuration management, identity & access controls, and incident response Perform risk assessments and manage POA&Ms; oversee Cybersecurity Assessment and Secure Mission (CASM) workflows Implement and automate DISA STIG and SCAP standards across Windows, Red Hat, iOS/iPadOS, macOS, and Chrome environments Design and enforce Zero Trust controls: micro-segmentation, least-privilege access, continuous verification of users, devices, and services Apply NIST RMF (SP 800-37/800-53) controls from system categorization through continuous authorization Facilitate FedRAMP compliance for cloud services; author and maintain SSPs, SARs, and authorization packages Map security controls to CISA CDM dashboard metrics; integrate data into monitoring solutions Collaborate with stakeholders to define baseline exceptions, track remediation progress, and report metrics Maintain documentation in enterprise wiki and compliance portals; manage Jira boards for tasks and exceptions Mentor junior security engineers and coordinate cross-team compliance reviews Qualifications
Basic Qualifications: Bachelor's degree in Computer Science, Cybersecurity, Engineering, Information Systems, Mathematics, Technology, or related IT field with at least 5 years of relevant experience in enterprise security engineering and compliance; or a Master’s Degree with 3 years of relevant experience; or high school diploma/equivalent with 9 years of relevant experience At least 5 years of experience with Continuous Diagnostics and Mitigation program and its phases At least 3 years of experience utilizing Zero Trust principles: micro-segmentation, least-privilege access, continuous verification At least 7 years of experience with the NIST Risk Management Framework (RMF) (SP 800-37/800-53) Must be a US Citizen Preferred Qualifications: Bachelor's degree in Computer Science, Cybersecurity, Engineering, Information Systems, Mathematics, Technology, or related IT field with at least 8 years of relevant experience in enterprise security engineering and compliance; or Master’s Degree with 6 years of relevant experience; or high school diploma/equivalent with 12 years relevant experience Experience supporting FAA systems Familiarity with the Cybersecurity Assessment and Secure Mission (CASM) model Knowledge of FISMA requirements and annual reporting processes Experience with the following Tools and Technologies: Cloud & Database Platforms:
MS SQL Server (2019/2022), AWS GovCloud, Azure compliance baselines, AWS RDS, Power Platform & M365 Baselines, SharePoint 2019, Tomcat 9/10 Identity & Access Management:
Okta, CyberArk EPM & Privileged Access Management, ClearPass, Active Directory Endpoint & Network Security:
Tanium, Zscaler, Cisco IOS XE Configuration Management & Compliance Baselines:
Belarc, DISA STIG Tools, SCAP, CDM & CSAM tools, POA&M tracking systems, Secure Configuration dashboards Monitoring & Reporting:
Power BI, DLP / Information Protection solutions, Risk assessment workflows Collaboration & Documentation:
Jira, Enterprise Wiki / KSN portals, Runbook documentation Experience applying FedRAMP controls for cloud service providers and managing authorization packages Strong knowledge of DISA STIG and SCAP automation for multiple OS platforms Ability to map organizational controls to CISA CDM dashboard metrics and drive data integrations Peraton Overview
Peraton is a next-generation national security company that drives missions of consequence spanning the globe. As a leading mission capability integrator and transformative IT provider, we deliver trusted solutions to protect our nation and allies. Peraton supports critical national security work across all domains and serves essential government agencies and the U.S. armed forces. Visit peraton.com to learn more. Target Salary Range
$80,000 - $128,000. This represents the typical salary range for this position based on experience and other factors. EEO
EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.
#J-18808-Ljbffr