Today
Secret
Unspecified
Unspecified
IT - Security
Fort Lee, VA (On-Site/Office)
About Peraton
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.
Program Overview
About The Role
The Information Assurance and Security Advisor will provides certification and accreditation support in the development of security and contingency plans and conducts complex risk and vulnerability assessments. Analyzes policies and procedures against Federal laws and regulations and provides recommendations for closing gaps.
What you'll do:
Qualifications
Basic Qualifications:
SCA / Union / Intern Rate or Range
Details
Target Salary Range: $104,000 - $166,000. This represents the typical salary range for this position based on experience and other factors.
EEO:Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.
Program Overview
About The Role
The Information Assurance and Security Advisor will provides certification and accreditation support in the development of security and contingency plans and conducts complex risk and vulnerability assessments. Analyzes policies and procedures against Federal laws and regulations and provides recommendations for closing gaps.
What you'll do:
- Assist in maintaining the existing System Security Plan (SSP), internal testing against the SSP, support for DeCA sponsored Security Testing & Accreditation (ST&E); development of the plan of Actions & Milestones (POAMs) and assistance with any submission to the DeCA accrediting official for issuance of the Authority To Operate (ATO).
- Assist with weekly reviews, documentation, and resolve all findings identified in vulnerability assessments and security compliance reviews, IAW DoDI 8531.01, DeCAM 35-31.01 and published USCYBERCOM directives for enterprise infrastructure
- .Assist with ensuring audit logs meet the current audit requirements (Figure 1 of DeCAM 35-31.01).
- Assist in maintaining audit logs and record findings per DeCAM 31-31.01.
- Report anomalies identified during audit log reviews or alert notifications to the NCR IA Manager and/or DeCA's incident response team, as appropriate, and address identified anomalies and alert notifications per the guidance and reporting timelines defined by DeCAM 35-31.01 and DeCA Incident Response procedures.
- Assist with enforcement of security policies and safeguards on all personnel having access to the information system for which NCR is responsible. Recommend the suspension of network access for users not complying with security policies of the system to the SISO/CISO..
- Assist with developing procedures for and conduct periodic security reviews to enforce service account and DB password strengths.
- Assist with Cybersecurity personnel reviews regarding DEBOSS responsibilities and accounts twice per year IAW DeCAM 35-31.0.
- Assist with conducting periodic benchmark scans to test products for STIG compliance and apply new STIGs IAW timelines and guidance in DeCAM 35-31.01.
- Identify, analyze, and remediate applicable OS/DB STIG severity Category I, II or III finding (STIG Viewer) that occurs in systems or software IAW DeCAM 35-31.01.
- Document and update deviations from STIGs or other hardening guides as new vulnerability issues are identified.
- Assist with submitting evidence for security control and continuous monitoring compliance that impact ATO, vulnerability remediation activities, to include POA&Ms and security patching.
Qualifications
Basic Qualifications:
- Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD
- Must have an active CISSP certification
- Must have an Secret Clearance
- U.S citizenship is required
- Abiltiy to assist with hardening DEBOSS systems and software per DISA STIGs.
- Must be able to perform vulnerability assessments including development of risk mitigation strategies.
- Must be able to provide assistance in computer incident investigations.
- Ability to recommend system enhancements to improve security deficiencies.
- This is a remote position but must reside close for possible in office days in Fort Lee, VA.
SCA / Union / Intern Rate or Range
Details
Target Salary Range: $104,000 - $166,000. This represents the typical salary range for this position based on experience and other factors.
EEO:Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.
group id: 91005870
