Information Assurance and Security Specialist

Peraton•Herndon, VA

About The Position

Ready to make an impact! Peraton has an exciting opportunity for a cleared Information Assurance Specialist join our dynamic multi-disciplinary team, developing a next generation satellite terminal on a mission critical Space and Intelligence Program. Responsibilities of the position: The Information Assurance Specialist will be responsible for the following but not limited to: Monitors, analyzes, and detects cyber events and incidents within information systems and networks under general supervision. Develop techniques and procedures for conducting IS and cyber security risk assessments and compliance audits, evaluation and testing of hardware, firmware, and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, attacks, or leaks. Perform patch management and vulnerability remediation for IT assets, ensuring compliance with security benchmarks (DISA STIGs, CIS Benchmarks, SCAP). Ensures that IS and cyber security plans, controls, processes, standards, policies, and procedures are aligned with IS standards and overall IS and cyber security. Support the implementation of Zero Trust Architecture (ZTA) and Identity & Access Management (IAM) controls. Conduct security reviews for third-party applications and vendors to mitigate supply chain risks. Communicates frequently with customer IA team regarding any asset changes, determine impact of any upcoming policy changes, and flow down information about other evolving IA requirements Assist in securing cloud-based environments (AWS, Azure, Google Cloud) through security controls like CASB, CSPM, and cloud encryption. Work with engineering and operations teams to review and update procedures and SOPs to produce positive cybersecurity outcomes

Requirements

Bachelor’s degree and five years of experience
Four (4+) years of experience with NIST 800-53 security controls and Risk Management Framework (RMF) process with a U.S. Government agency.
Two (2+) years of experience with vulnerability management for networks, operating systems, and software.
Familiarity with Cyber security tools such as Splunk, HBSS, Nessus Security Center, etc. Capable of designing user-focused dashboards and reports.
Current Security+ or similar DoD 8570 IAT certification
Must possess an active, current Top Secret/sensitive Compartmented Information (TS/SCI) and the ability to pass a polygraph

Responsibilities

Monitors, analyzes, and detects cyber events and incidents within information systems and networks under general supervision.
Develop techniques and procedures for conducting IS and cyber security risk assessments and compliance audits, evaluation and testing of hardware, firmware, and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, attacks, or leaks.
Perform patch management and vulnerability remediation for IT assets, ensuring compliance with security benchmarks (DISA STIGs, CIS Benchmarks, SCAP).
Ensures that IS and cyber security plans, controls, processes, standards, policies, and procedures are aligned with IS standards and overall IS and cyber security.
Support the implementation of Zero Trust Architecture (ZTA) and Identity & Access Management (IAM) controls.
Conduct security reviews for third-party applications and vendors to mitigate supply chain risks.
Communicates frequently with customer IA team regarding any asset changes, determine impact of any upcoming policy changes, and flow down information about other evolving IA requirements
Assist in securing cloud-based environments (AWS, Azure, Google Cloud) through security controls like CASB, CSPM, and cloud encryption.
Work with engineering and operations teams to review and update procedures and SOPs to produce positive cybersecurity outcomes

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume