Job Description
Program Overview
About The Role
Peraton is seeking a senior ‐ level Security Engineer to lead secure configuration, continuous monitoring, and compliance engineering efforts. You’ll drive baseline hardening, risk assessments, and automation across cloud and on-prem systems, ensuring adherence to federal mandates and Zero Trust principles. Prior FAA experience is highly desirable. Direct collaboration with FAA customers is expected. Remote position with occasional local on-site meeting support in the Washington, DC, Oklahoma City, OK, or Egg Harbor Township, NJ area required.
KEY RESPONSIBILITIES: - Lead Secure Configuration Management baselines for applications, operating systems, databases, network devices, and platforms
- Conduct Continuous Diagnostics and Mitigation (CDM) program activities—vulnerability management, configuration management, identity & access controls, and incident response
- Perform risk assessments and manage POA&Ms; oversee Cybersecurity Assessment and Secure Mission (CASM) workflows
- Implement and automate DISA STIG and SCAP standards across Windows, Red Hat, iOS/iPadOS, macOS, and Chrome environments
- Design and enforce Zero Trust controls: micro-segmentation, least-privilege access, continuous verification of users, devices, and services
- Apply NIST RMF (SP 800-37/800-53) controls from system categorization through continuous authorization
- Facilitate FedRAMP compliance for cloud services; author and maintain SSPs, SARs, and authorization packages
- Map security controls to CISA CDM dashboard metrics; integrate data into monitoring solutions
- Collaborate with stakeholders to define baseline exceptions, track remediation progress, and report metrics
- Maintain documentation in enterprise wiki and compliance portals; manage Jira boards for tasks and exceptions
- Mentor junior security engineers and coordinate cross-team compliance reviews
Qualifications
Basic Qualifications:
- Bachelor’s degree in Computer Science, Cybersecurity, Engineering, Information Systems, Mathematics, Technology, or related IT field with at least 5 years of relevant experience in enterprise security engineering and compliance; or Master’s Degree and 3 years’ relevant experience; or high school diploma/equivalent and 9 years relevant experience
- At least 5 years’ experience with Continuous Diagnostics and Mitigation program and its phases
- At least 3 years’ experience utilizing Zero Trust principles: micro-segmentation, least-privilege access, continuous verification
- At least 7 years’ experience with the NIST Risk Management Framework (RMF) (SP 800-37/800-53)
- Must be a US Citizen
Preferred Qualifications:
- Bachelor’s degree in Computer Science, Cybersecurity, Engineering, Information Systems, Mathematics, Technology, or related IT field with at least 8 years of relevant experience in enterprise security engineering and compliance; or Master’s Degree and 6 years’ relevant experience; or high school diploma/equivalent and 12 years relevant experience
- Experience supporting FAA systems
- Familiarity with the Cybersecurity Assessment and Secure Mission (CASM) model
- Knowledge of FISMA requirements and annual reporting processes
- Experience with the following Tools and Technologies:
**Cloud & Database Platforms**
MS SQL Server (2019/2022) · AWS GovCloud · Azure compliance baselines · AWS RDS · Power Platform & M365 Baselines · SharePoint 2019 · Tomcat 9/10
**Identity & Access Management**
Okta · CyberArk EPM & Privileged Access Management · ClearPass · Active Directory
**Endpoint & Network Security**
Tanium · Zscaler · Cisco IOS XE
**Configuration Management & Compliance Baselines**
Belarc · DISA STIG Tools · SCAP · CDM & CSAM tools · POA&M tracking systems · Secure Configuration dashboards
**Monitoring & Reporting**
Power BI · DLP / Information Protection solutions · Risk assessment workflows
**Collaboration & Documentation**
- Jira · Enterprise Wiki / KSN portals · Runbook documentation
- Experience applying FedRAMP controls for cloud service providers and managing authorization packages
- Strong knowledge of DISA STIG and SCAP automation for multiple OS platforms
- Ability to map organizational controls to CISA CDM dashboard metrics and drive data integrations
SCA / Union / Intern Rate or Range
Details
Target Salary Range: $80,000 - $128,000. This represents the typical salary range for this position based on experience and other factors.
EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.
Job Tags
Remote job, Local area,