RMF Engineer - ISSM(Information Systems Security Manager)

Responsibilities

Peraton is hiring an RMF Engineer/ISSM (Information Systems Security Manager) in Colorado Springs, Colorado.

 

This Engineer will provide Risk Management Framework (RMF) in support the North American Aerospace Defense Command/United States Northern Command (N&NC) Information Technology (IT) Enterprise Services (NITES) contract, with primary work onsite in Colorado Springs.

 

The candidate selected for this position:

• Oversees system registration and record within eMASS to support the Risk Management Framework (RMF) process and authorization for N&NC Enterprise to ensure compliance and mitigate risk
• Assure standards consistent to meet and exceed standards to minimize risks and remain Cyber Operational Readiness Assessment (CORA) ready status
• Manage continious Cyber Security posture of enterprise systems and identify mitigations to meet DoDD 85001, DoDI 85002, DoDI 851001, DoD 857001-M, and NIST SP800-53.
• Understands scans from ACAS, SCAP, and/or other approved tools to determine security posture of systems to develop/maintain Authority to Operate (ATO) for systems and enclaves
• Refine the determination of the system categorization is accordance with CNSSI 1253 in areas of Confidentiality, Integrity, and Availability as information types and system interconnections change
• Manage development/maintenance of Security Plans, ensuring proper Security Technical Implementation Guides (STIGs) are applied for each system and enclave
• Ensure that all findings are properly documented in the Plan of Action and Milestones (POA&M) on an on-going basis
• Create and refine correct policies, procedures, and artifacts necessary to ensure controls are met

Qualifications

What you'll need:

• Education:  Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD, or 12 years of experience with Information Assurance/Cybersecurity in lieu of a degree
• Certifications:  IAM Level III certification required per DoD 8570, current CISSP, CISM, or GSLC certification
• Must have 8 years of IT security experience and 2 years of experience as a primary ISSO or security compliance lead for an IT system
• Clearance:  active TS/SCI clearance
• Guide working groups and teams for Milestone Reviews, Configuration Management, etc
• Prepare/conduct cybersecurity presentations and make cybersecurity risk recommendations
• Provide status updates to System Owners and leadership
• Provide monthly status report to reflect the activities accomplished, issues, and path forward

Desired:

• Security Information and Event Management (SIEM) Experience
• Ability to work in a team focused, dynamic environment
• Cross Domain Solutions Certification Experience
• Must be flexible, independent, and self-motivated
• Must be punctual with regular and consistent attendance

Peraton Overview

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

Target Salary Range

$86,000 - $138,000. This represents the typical salary range for this position based on experience and other factors.