RMF Lead

About Peraton

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.
Responsibilities

Peraton is currently seeking to hire an experienced RMF Lead in support of the Army Department of Defense Information Network (DoDIN-A) Cybersecurity and Network Operations Mission Support (ADCNOMS) program located at Fort Huachuca, AZ.

Candidate must reside within a 90-mile radius of Ft. Huachuca, AZ, with the ability to come on-site as required. Will follow the same telework arrangements as their NETCOM Government counterparts.

In this role, you will:

• Be responsible for ensuring compliance with current and emerging RMF requirements for all capabilities and services in support of the ADCOMS program.

• Manage and maintain valid, current eMASS records
• Utilize the RMF Knowledge Service, policy and guidance
• Develop System Security Plans
• Apply relevant control baselines
• Update/maintain software and hardware list
• Update/maintain RMF records (hardware, software, scans, etc.)
• Update/maintain required documentation (PPS/Firewall)
• Ensure security scans are completed
• STIG management (review, addressed, implementation)
• POA&Ms (creation, tracking, updating, remediation)
• System documentation (create, review, edit, upload)
• Security Reviews (accomplish, document, review)
• ATO support (verification, creation, submition, etc.)
• Oversees system registration and record within eMASS to support the Risk Management Framework (RMF) process and authorization for N&NC Enterprise to ensure compliance and mitigate risk
• Assure standards consistent to meet and exceed standards to minimize risks and remain Cyber Operational Readiness Assessment (CORA) ready status
• Manage continuous Cyber Security posture of enterprise systems and identify mitigations to meet DoDD 85001, DoDI 85002, DoDI 851001, DoD 857001-M, and NIST SP800-53.
• Understands scans from ACAS, SCAP, and/or other approved tools to determine security posture of systems to develop/maintain Authority to Operate (ATO) for systems and enclaves
• Manage development/maintenance of Security Plans, ensuring proper Security Technical Implementation Guides (STIGs) are applied for each system and enclave
• Ensure that all findings are properly documented in the Plan of Action and Milestones (POA&M) on an on-going basis
• Create and refine correct policies, procedures, and artifacts necessary to ensure controls are met

Qualifications

Required:

• Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD
• Bachelor's degree from an accredited college or university in Computer Science, Engineering, or related discipline.
• Minimum of 8 years of experience, in Cybersecurity position.
• Minimum of 8 years' IT security experience and 4 years of experience as a primary ISSO or security compliance lead for an IT system
• Experience guiding working groups and teams for Milestone Reviews, Configuration Management, etc
• Experience preparing/conducting cybersecurity presentations and making cybersecurity risk recommendations
• Experience providing status updates to System Owners and leadership
• Experience providing monthly status report to reflect the activities accomplished, issues, and path forward
• Demonstrated strong attention to detail and organizational skills. Excellent communications skills.
• Strong analytical and problemsolving skills.
• Demonstrated experience with ITSM tools (e.g., ServiceNow, Remedy)
• Ability to travel as required (CONUS/OCONUS)
• DoD 8140 Cybersecurity Foundation Qualification (Certified Information Systems Security Professional (CISSP) or Federal IT Security Professional-Designer-NG (FITSP-D) or GIAC Cloud Security Automation (GCSA) or GIAC Security Essentials Certification (GSEC) or Information Systems Security Engineering Professional (ISSEP)
• Requires ITILv4 Foundation Certification
• U.S. citizenship required.
• Active SECRET Security clearance
• Ability to obtain a higher security clearance if required (TOP Secret/SCI).

Desired:

• Master's degree in Cybersecurity, Information Technology, Computer Science or related discipline
• Security Information and Event Management (SIEM) Experience
• Cross Domain Solutions Certification Experience
• Experience as a primary ISSO or security compliance lead for an IT system
• Experience supporting a DoD Army customer

Target Salary Range

$104,000 - $166,000. This represents the typical salary range for this position based on experience and other factors.

SCA / Union / Intern Rate or Range

EEO

An Equal Opportunity Employer including Disability/Veteran.

Our Values

Benefits

At Peraton, our benefits are designed to help keep you at your best beyond the work you do with us daily. We're fully committed to the growth of our employees. From fully comprehensive medical plans to tuition reimbursement, tuition assistance, and fertility treatment, we are there to support you all the way.

• Paid Time-Off and Holidays
• Retirement
• Life & Disability Insurance
• Career Development
• Tuition Assistance and Student Loan Financing
• Paid Parental Leave
• Additional Benefits
• Medical, Dental, & Vision Care