AWS Cybersecurity, Information System Security Officer (ISSO)

Responsibilities

The AWS Security Engineer, Information System Security Officer (ISSO) is part of the PERATON DHS’ Security team and plays a Cybersecurity operational compliance role within the Citizen Security and Public Services Sector (CS&PSS). The ideal candidate will become part of Peraton’s Department of Homeland Security (DHS) Datacenter Consolidation and Cloud Optimization (DCCO) program providing ISSO support to the DHS Homeland Advanced Recognition Technology (HART) biometric system. The position is responsible for performing as a named ISSO for a Government Systems and assisting other ISSOs with end-to-end Governance Risk and Compliance (GRC) functions that entails security control implementation, continuous monitoring, and federal Assessment and Authorization (A&A) activities. 

 

Candidates must meet the basic requirements to qualify. Only applicants who fulfill the minimum qualifications will be considered.

 

Day to Day Work Responsibilities: 

 

• Works closely under the supervision of Cybersecurity Manager and with other security personnel within Peraton CS&PSS Sector to ensure operational security measures are implemented. 

• Assesses and mitigates system security risks; determines and analyzes security requirements for implementation and testing.  

• Reviews and continuously monitors implemented security controls.  

• Creates and maintains security checklists, templates, and other tools to aid in the A&A process.  

• Performs security control assessment using Agency guidelines/NIST guidance and as per continuous monitoring requirements. 

• Performs risk analyses to determine and recommends essential safeguards. 

• Proactively mitigates system vulnerabilities and recommends compensating controls. 

• Contributes vulnerability information in development of core documents such as System Security Plan, Contingency Plan, Incident Response Plan, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, Configuration Management Plan, etc. 

• Maintains client-specific vulnerability-based Plan of Action and Milestones and supports remediation activities. 

• Maintains an inventory of hardware and software for the information system. 

 

In a typical engagement, the ISSO operates as a trusted advisor in the organization, working with senior management and focusing specifically on the security environment in relation to client business objectives. The ISSO helps to understand operational issues and plans the next steps in collaboration with Cybersecurity Manager from an information security viewpoint. The position will be able to demonstrate industry expertise and thorough understanding of security governance, vulnerability assessment, risk and compliance domains.  This position requires the ability to interact and influence at an organizational level to carry out governance, risk and compliance activities. 

Qualifications

Basic Qualifications:

• Bachelors degree and 5 years of experience or a HS Diploma and 9 years of experience.
• Minimum of 5 years of hands-on experience as an ISSO or in IT security.
• U.S. citizenship and the ability to obtain/maintain a U.S. government agency level clearance (the DHS EOD, which you must have prior to starting).
• Must have excellent written and verbal communication skills.
• Hands-on experience with cloud platforms, particularly AWS
• Knowledge of cloud security controls, risk management, and implementation in a federal or highly regulated environment
• Strong knowledge of NIST frameworks (NIST 800-53, NIST 800-37), FISMA, and FedRAMP compliance
• Experience implementing NIST, FISMA, and FedRAMP frameworks in cloud environments
• Experience conducting security control assessments and developing security authorization packages
• Experience with continuous monitoring for federal systems
• Experience performing risk assessments and managing security incidents
• Experience developing Incident Response Plans and tracking remediation efforts
• Proficiency in developing and maintaining security documentation, including SSPs, SOPs, Contingency Plans, and POA&Ms
• Experience managing security Certification and Accreditation activities utilizing common control frameworks
• Experience with risk mitigation and selecting or designing security controls
• Experience applying cloud security concepts, design, implementation, and integration for technology solutions
• Experience overseeing compliance programs in Microsoft Azure, AWS, PCI DSS, and FedRAMP environments
• Experience with Tenable, Palo Alto, or other cloud-based infrastructure vulnerability scanning platforms
• Experience coordinating, monitoring, and tracking security activities across multiple organizations
• Experience managing cloud security posture and working with engineering teams on remediation efforts
• Ability to communicate overall risk posture and identify areas for security improvement
• Understanding and experience with DevSecOps principles
• Demonstrated understanding and experience with DevSecOps. 

Preferred Qualifications:

• Experience of working with Federal Information Processing (FIPS), FISMA, FedRAMP and Other Cyber Security related laws, regulations and directives
• Experience of presenting at client meetings
• Experience of translating contractual security requirements to deliverables
• CISSP or CISM; At least one Cloud Security Certification: AWS Security Professional; CCSP; MS Azure Security Certification; CCSK, CISA, CRISC, GSEC, ComTIA Sec+

Peraton Overview

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

Target Salary Range

$80,000 - $128,000. This represents the typical salary range for this position based on experience and other factors.