Be an early applicantLess than 25 applicants

Company

Peraton · 4 hours ago

AWS Security Engineer, Information System Security Officer (ISSO)

United States

Full-time

Remote

Mid, Senior Level

$80K/yr - $128K/yr

5+ years exp

Maximize your interview chances

Information TechnologyRobotics

Actively Hiring

No H1B

U.S. Citizen Only

Insider Connection @Peraton

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Works closely under the supervision of Cybersecurity Manager and with other security personnel within Peraton CS&PSS Sector to ensure operational security measures are implemented.

Assesses and mitigates system security risks; determines and analyzes security requirements for implementation and testing.

Reviews and continuously monitors implemented security controls.

Creates and maintains security checklists, templates, and other tools to aid in the A&A process.

Performs security control assessment using Agency guidelines/NIST guidance and as per continuous monitoring requirements.

Performs risk analyses to determine and recommends essential safeguards.

Proactively mitigates system vulnerabilities and recommends compensating controls.

Prepares security authorization packages in accordance with the client contractual requirements.

Develops core documents such as System Security Plan, Contingency Plan, Incident Response Plan, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, Configuration Management Plan, etc.

Maintains client-specific Plan of Action and Milestones and supports remediation activities.

Maintains an inventory of hardware and software for the information system.

Develops, tests and trains on Contingency and Incident Response planning.

Experience working with the National Institute of Standards National Institute of Standards and Technology (NIST) and Federal Information Security Management Act (FISMA) requirements and reporting.

Experience in managing security Certification and Accreditation activities utilizing common control frameworks.

Experience with risk mitigation and selecting or designing appropriate security controls for implementation.

Experience applying cloud security concepts, requirements, design development, implementation, and integration for existing and new technology product offerings.

Experience with overseeing compliance programs in Microsoft Azure, Amazon AWS, PCI DSS, and FedRamp cloud environments

Experience in coordinating, monitoring and tracking security activities across multiple organizations.

Experience in managing security posture of cloud environment, and working with engineering teams to remediate, and communicating overall risk of environment while identifying areas of improvement.

Demonstrated understanding and experience with DevSecOps.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

AWSNIST standardsFISMAFedRAMPRisk managementCloud securityDevSecOpsSecurity assessmentsIncident Response PlansCISSPCISMSecurity documentationMicrosoft AzurePCI DSSCCSPCISACRISCGSECComTIA Sec+

Required

High School diploma or equivalent and 5 years of experience.

U.S. citizenship and the ability to obtain/maintain a U.S. government agency level clearance (the DHS EOD, which you must have prior to starting).

Must have excellent written and verbal communication skills.

Hands-on experience with cloud platforms, particularly AWS, with knowledge of cloud security controls, risk management, and implementation in a federal or highly regulated environment.

Strong working knowledge of NIST standards (NIST 800-53, NIST 800-37), FISMA, and FedRAMP compliance requirements, along with experience implementing these frameworks in cloud environments.

Proven experience conducting security control assessments, developing security authorization packages, and handling continuous monitoring responsibilities for federal systems.

Experience in conducting risk assessments, managing incidents, developing Incident Response Plans, and tracking remediation efforts to ensure ongoing compliance.

Proficiency in developing and maintaining essential security documentation, including System Security Plans (SSP), Standard Operating Procedures (SOPs), Contingency Plans, and Plan of Action and Milestones (POA&M) documents.

Preferred

Bachelors degree and 5 years of experience or a Masters degree and 3 years of experience or a High School diploma and 9 years of experience.

Experience of working with Federal Information Processing (FIPS), FISMA, FedRAMP and Other Cyber Security related laws, regulations and directives.

Experience of presenting at client meetings.

Experience of translating contractual security requirements to deliverables.

CISSP or CISM; At least one Cloud Security Certification: AWS Security Professional; CCSP; MS Azure Security Certification; CCSK, CISA, CRISC, GSEC, ComTIA Sec+.