Information Security Manager /Chief Security Architect

Peraton is hiring an Information Security Manager /Chief Security Architect that will serve as the principal advisor on all cybersecurity matters, technical and otherwise, involving the security of infrastructure supporting delivery of enterprise information technology services to a state agency.

This position is remote.

Day to Day Roles and Responsibilities:

• Ensuring all aspects of the project remain in compliance with all applicable security standards and requirements.
• Ensures the implementation of the Risk Management Framework (RMF), through the required government policy, make recommendations on process tailoring, participate in and document process activities.
• Will deliver information security support and design recommendations adhering to customer security policies and compliance mandates while fulfilling customer requirements.
• Will perform periodic assessments of systems and networks within the networking environment and/or enclave and will identify where those systems and networks deviate from acceptable configurations, enclave policy, and compliance requirements.
• Includes support of process, analysis, coordination, security certification test, security documentation, as well as investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits.
• Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards.
• Document the results of Assessment and Authorization (A&A) activities and technical or coordination activity and prepare the System Security Plans and update the Plan of Actions and Milestones (POA&M).
• Provide oversight and guidance of information security personnel performing system analysis looking for patterns of non-compliance; ensure appropriate administrative or programmatic actions which minimize security risks and insider threats.
• Provide oversight and guidance ensuring systems are properly configured, optimized, and tested ensuring all policy and technical standards are met.
• Manage all cybersecurity related processes and procedures in the documentation of access control lists on routers, firewalls, CE, printing devices, and other network devices.
• Assess the performance of cybersecurity security controls within the environment.
• Perform control validation and remediation validation of network servers, routers, and switches to ensure they comply with security policy, procedures, and technical requirements.
• Evaluate potential cybersecurity security risk and take appropriate corrective and recovery action utilizing various tasking mechanisms such as Service Now

Basic Qualifications:

• Bachelors degree and 8 years of experience or a Masters degree and 6 years of experience or a High School diploma and 12 years of experience.
• Must be a U.S. Citizen.
• 2+ years’ experience with Risk Management Framework (RMF)
• 5 years of experience with FISMA, NIST, and state or federal information system requirements.
• Advanced written and verbal communication skills to effectively communicate security concepts and policies
• Certifications(must have 1 of the following):
  • Security+
  • CISSP
  • CISA, or equivalent certifications (DoD 8570 IAM Level 2 equivalent).