SECURITY Analyst

Security Analyst

Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets. Every day, our 22,000 employees do the can’t be done, solving the most daunting challenges facing our customers.

Peraton is seeking a Security Analyst to join our team of qualified, diverse individuals. This position is located in Herndon, VA with some remote work possible. The qualified applicant will become part of Peraton's Department of State (DOS) Consular Systems Modernization (CSM) Program, for the Bureau of Consular Affairs (CA). This initiative will modernize and consolidate the operational environment under a common technology framework in order to better support the services provided to CA’s customers.  This role will support the project Security SME in guiding the security direction on the program.

Roles and Responsibilities:

• Ensure compliance with all systems security requirements and updates, providing guidance and instruction as necessary to personnel and development teams
• Ensure Configuration Management (CM) for security-relevant software, hardware, and firmware is documented and maintained 
• Support ATO/certification and accreditation activities ensuring that system security requirements are met 
• Support and track resolving Vulnerability Alerts and Plan of Action and Milestones (POAMs)
• Track status of all system ATOs and recertification efforts
• Work with architecture and development teams to document security control implementation in accordance and compliance with NIST 800-53 rev 4 control requirements
• Work with team to initiate protective and corrective measures when a security incident or vulnerability is discovered
• Maintain relationships with customer security counterparts 

Qualifications

Basic Qualifications: 

To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:

• Bachelor's degree in a related field and at least 5 years’ experience
• Experience supporting the Accreditation and Certification process and obtaining an Approval To Operate (ATO) in accordance with the U.S Federal Information Systems Risk Management Framework (RMF)
• Experience in the NIST Framework and ISO Standards
• Experience in tracking and resolving Vulnerability Alerts and Plan of Action and Milestones (POAMs)
• Experience with writing security controls implementation statements for systems in development to deliver for evaluation and testing to the RMF4 team in support of ATO per NIST 800-53 rev4 control set
• Experience developing artifacts for the System Security Plan (SSP) 
• Experience working with in Agile/Scrum
• Experience working on multiple concurrent activities such as simultaneous ATOs
• Excellent communication skills, both verbally and in writing to effectively interact with multiple teams both internal and external and client interaction
• Must have a current, Interim Secret (or higher) clearance. Interim clearances are acceptable

Preferred Qualifications: 

Candidates with these desired skills will be given preferential consideration:  

• Experience with security controls and ATO process for cloud based environments including deploying solutions on public/hybrid clouds
• Familiarity with DevSecOps, SDLC, CI/CD pipelines, and related Agile processes
• Familiarity with any of the following: Jenkins, Docker, or other CD integration tools, and Fortify, CaST, or other SAST\DAST testing tools