Information Systems Security Manager

Responsibilities

Peraton Labs is seeking an Information Systems Security Manager in support of Strategic Innovation Group's information assurance and information technology operations. This is a full-time on-site position working out of either Basking Ridge or Red Bank, New Jersey office with occasional travel to our other facilities in Maryland and New Hampshire.

Responsibilities include but not limit to:

• Manage classified and unclassified information systems running flavors of Linux and Microsoft operating systems; perform monthly system patches outside of the normal business hours

• Apply security controls based on the DoD Security Technical Implementation Guidance

• Build, install, maintain, effectively troubleshoot, and make enhancement to information systems, IT services, and network devices-- include operating system, hardware, firmware and software application

• Perform regular data backup; recommend and implement enhancement to data backup solutions

• Perform a Weekly audit (review of logs) for each accredited information system.

• Identify root-causes of operational issues and process inefficiencies

• Manage security vulnerabilities; implement remediation timely; monitor security logs for violations and anomalous events; report information security concerns and problems when necessary;

• Provide support to Information System Security Manager (ISSM) for the ISSM Roles and Responsibilities as laid out in DAAPM 2.2, JSIG Rev 4, ICD-503, and other applicable documentation.

• Prepare, deliver and update all required documentation using the current approved templates, forms, regulations, and methods.

• Work closely with the key stakeholders to identify any additional controls that are applicable to the system(s) to maintain a favorable security posture.

• Assist in incident response and annual self-inspection and inventory efforts.

• Track the deployment of software to the environment.

• Generate Plan of Actions & Milestones (POA&Ms) for each non-compliant control, manage all applicable POA&Ms throughout the information system lifecycle. Proper documentation shall be filed and updated as required.

• Provide, track, and report security requirements throughout the system life cycle of all information systems that are within the accreditation boundary.

• Provide timely and detailed responses to all user requests.

• Continuously maintain a thorough understanding of all relevant corporate policies, security control plans as well as system configurations, architecture, installed software, accounts (both Operating System and Application), data flows, ports, protocols, and other relevant data for each Information System.

• Maintain required certifications for this role.

Qualifications

Required Qualifications/Skills:

• Minimum 8 years with BS/BA, 6 years with MS/MA, 3 years with PhD

• Degree in a technical discipline such as computer science, cybersecurity, or information technology

• Additional relevant experience will be considered in lieu of formal education

• Security+ CE or equivalent certification (DoD 8570 IAT 2) with ability to obtain IAT 3 certification within 12 months of employment

• 3+ years of solid Linux system administration working experience with specific focus on Ubuntu and RedHat distributions

• Experience with Linux shell scripting include writing new scripts and troubleshoot existing codes

• Have in-depth knowledge of TCP/IP and networking concepts; have solid understanding of the well-known services including DHCP, DNS, SSH, TLS, IPSec, etc.

• 5+ years experience with Authority to Operate (ATO) process, continuous monitoring, POA&Ms, Security Authorizations (SA), NIST 800-37, NIST 800-53 Rev4/ Rev5, working with System Owners (SO)

• Experience with Compliance Check and Security Technical Implementation Guidance

• Work well with team members, good written and verbal communication skills

• Active TS clearance with ability to obtain SCI

Desired Skills/Qualifications

• Experience with Ongoing Authorizations

• Experience with eMASS

• Experience with ACAS, Nessus, and/or other vulnerability scanners

Peraton Overview

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.

Target Salary Range

$112,000 - $179,000. This represents the typical salary range for this position based on experience and other factors.