Information Assurance Security Engineer

Peraton is seeking an experienced Information Assurance Engineer to support the Transportation Security Administration (TSA) IMPACT II Program. In this mission-critical role, you will lead and execute key security engineering activities across TSA systems to ensure compliance with federal information assurance (IA) requirements, including FISMA, DHS ISVMs, and the NIST Risk Management Framework (RMF). Your focus will be on proactive cybersecurity operations, vulnerability management, and continuous authorization support.

This is a high-impact position that requires expert knowledge of cybersecurity architecture, federal compliance frameworks, and hands-on support for system risk assessments and remediation planning.

Day to Day Work Responsibilities:

• Lead the implementation and evaluation of IA controls for TSA systems in accordance with DHS and NIST RMF standards.
• Support TSA’s system security program by proactively managing Infrastructure systems security risks, vulnerabilities, & compliance with security configurations, guidance, & policies.
• Conduct security architecture assessments, vulnerability scans, and compliance reviews.
• Support DHS ISVM (Information Security Vulnerability Management) initiatives through scanning, patching, and remediation reporting.
• Provide A&A support, including security documentation (SSP, POA&M, SAR), plan of action development, and control validation.
• Deliver monthly FISMA scorecard inputs and compliance metrics for enterprise and system-level reporting.
• Coordinate with ISSOs, engineering teams, and federal stakeholders to align on system security goals.
• Advise TSA program leadership on emerging risks, security posture improvements, and audit readiness.
• Perform risk and impact assessments and deliver tailored mitigation strategies.
• Review and interpret cybersecurity guidance from DHS, OMB, and TSA for technical applicability.
• Participate in internal and external audits, readiness reviews, and cybersecurity inspections.
• Perform vulnerability management (e.g., scanning, patching) & DHS ISVM compliance, remediation, & reporting.
• Support TSA FISMA system ISSOs in all processes and activities for Security Authorization (SA) and Ongoing Authorization (OA) of TSA systems and
• Contractor subsystems in accordance with FISMA and OMB requirements.
• Provide IA support in the development, implementation, and evaluation of information systems under purview.
• Develops, tests and integrates computer and network security tools.
• Secures system configurations and installs security tools, scans systems in order to determine compliancy and report results and evaluates products and various aspects of system administration.
• Conducts security program audits and develops solutions to lessen identified risks. 
• Provides information assurance support for the development and implementation of security architectures to meet new and evolving security requirements.

#TSAImpact

Basic Qualifications:

• Bachelor’s degree and 5 years’ experience or Masters degree and 3 years’ experience or Associate’s degree and 7 years’ experience or HS diploma/equivalent and 9 years experience.  
• U.S. Citizenship required; Must have the ability to obtain / maintain a DHS Entrance on Duty (EOD) clearance.
• Knowledge of NIST 800-53, NIST 800-37, FISMA, FedRAMP, and cybersecurity directives.
• Demonstrated experience with RMF lifecycle execution, including ATO/ATO renewal support.
• Proficient in vulnerability management tools such as Tenable/Nessus, Qualys, or similar.
• Familiarity with security platforms like ServiceNow, Splunk, SCCM, and endpoint protection tools.
• Vulnerability management (e.g., scanning, patching) experience.
• Strong documentation skills and experience authoring security artifacts.

Preferred Qualifications:

• Experience supporting TSA, DHS, or other federal civilian agencies.
• Industry certifications: CISSP, CISM, CISA, Security+, CAP, or equivalent.
• Experience with cloud security, FedRAMP, and hybrid environments.
• Ability to advise senior stakeholders and translate policy into actionable technical direction.
• Working knowledge of audit readiness, ISCM processes, and FISMA reporting platforms.