AddressResponsibilities
Provides technical and programmatic information assurance services to internal and external customers in support of network and Information Security systems. Designs, develops, and implements security requirements within an organization’s business processes. Prepares documentation from information obtained from customer using accepted guidelines. Prepares security test and evaluation plans. Provides certification and accreditation support in the development of security and contingency plans and conducts complex risk and vulnerability assessments. Analyzes policies and procedures against Federal laws and regulations and provides recommendations for closing gaps. Recommends system enhancements to improve security deficiencies. Develops, tests, and integrates computer and network security tools. Secures system configurations and installs security tools, scans systems to determine compliancy and report results and evaluates products and various aspects of system administration. Conducts security program audits and develops solutions to lessen identified risks. Provides information assurance support for the development and implementation of security architectures to meet new and evolving security requirements. Provides assistance in computer incident investigations. Performs vulnerability assessments including development of risk mitigation strategies.
Key Responsibilities:
- Participate in governance boards, such as the ARB, ERB, TRB, Change Control Board (CCB), and provide and advise on best practices for managing the lifecycle of system changes with minimal disruption to enterprise IT services.
- Develop and grow existing and new team members to foster collaboration, career development, and a culture of ownership and accountability.
- Lead all security-related activities on the program.
- Create and maintain documentation in the O&M manual and SOPs for all security- related hardware and software.
- Develop and maintain security Work Plan across all SecOps task areas.
- Administer, configure and manage security-related tools, sensors, and devices to include maintaining the latest malware device signature.
- Update tools signatures to detect the latest cyber threats.
- Establish device security settings and configurations in accordance with enterprise security guidance. This includes access control, audit, and network configuration settings.
- Collect, aggregate, and review Intrusion Detection System/Intrusion Prevention System (IDS)/IPS) data from network sensors, including raw data from collection agents, firewalls, proxy servers, Data Loss Prevention (DLP), antivirus, vulnerability scanner elements and other security-relevant devices centralized in the Security Incident Event Management (SIEM) system.
- Ensure all systems and network configurations are meeting USAID secure configuration baselines and document any deviations according to the Security Assessment and Authorization (SA&A) process.
- Support ISSO for continuous monitoring and SA&A activities.
- Support 1/3 controls testing annually.
- Provision of Elevated Privilege access rights for all Agency applications.
*Contingent on Contract Award*
Qualifications
Basic Qualification:
- U.S. Citizen
- An active SECRET or the ability to obtain a SECRET Clearance.
- Bachelor’s degree with 10 years, master’s degree with 8 years; four (4) years of experience can be substituted in lieu of a bachelor’s degree.
- Must hold a Certified Information Systems Security Professional (CISSP) certification.
- Experience with effective policy, instruction, and development for Federal or DoD Information Security Programs.
- Ability to correlate operational concepts and apply appropriate security measures to mitigate threats or vulnerabilities.
- Experience with risk analysis and assessment determinations incorporating system/mission owner, and unique operational constraints.
- Experience performing Security Control Assessments in accordance with NIST 800 guide series.
Peraton Overview
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.
