Cloud Security Subject Matter Expert; SME Security Clearance

Position: Cloud Security Subject Matter Expert (SME) with Security Clearance
About Peraton Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace.

The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees solve the most daunting challenges that our customers face. Visit  to learn how we're keeping people around the world safe and secure. Program Overview Encompasses technical, engineering, data analytics, cyber security, management, operational, logistical, and administrative support for Bureau of Diplomatic Security, Cyber and Technology Security Directorate in three key offices/functional areas:
Cyber Monitoring and Operations, Cyber Threat and Investigations, and Technology Innovation and Engineering State. About

The Role Peraton is currently seeking an experienced CIRT Cloud Security Subject Matter Expert (SME) to join our Federal Strategic Cyber Program, delivering leading cyber and technology security expertise to enable innovative, effective, and secure business processes.

Location:

Beltsville, MD and Rosslyn, VA.
* The customer requirement requires every employee to be onsite for the first 90 days. After the 90 day period, a hybrid schedule may be offered.

* Need to be able to support a hybrid and flexible work schedule; in the event of significant cyber incident a continuous on-site presence will be required.
This role directly supports the Cyber Incident Response Team (CIRT) as a key member of the Advanced Response and Tactics Team (ARTT). In this role, you will:
* Provide Subject Matter Expert (SME) level Cloud Security support in a 24x7x365 environment.

* Share in-depth knowledge and intelligence gained from cyber security events with stakeholders.

* Protect against potential cyber security incidents by pro-actively identifying steps to remediate threats and vulnerabilities.

* Provide SME level response, technical assistance and expertise for significant cyber incidents, investigations, operational events, and related cyber projects.

* Develop and implement training programs for CIRT Tier 1 and Tier 2 analysts.

* Conduct detailed research to increase awareness and readiness levels of the security operations center.

* Conduct advanced analysis and recommend remediation steps.

* Analyze network events to determine impact.

* Conduct all-source research to determine threat capability and intent.

* Develop and maintain analytical procedures to meet changing requirements.

* Coordinate with cross-functional teams during significant cyber incidents.

* Identify emergent cybersecurity technologies and develop methodologies for their employment.

* Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.

* Identify and determine tactics, techniques, and procedures for intrusion sets.

* Work with stakeholders to resolve computer security incidents and vulnerability compliance.

* Collect and analyze intrusion artifacts (e.g., source code, malware, and system configurations) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.

* Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support incident response.

* Publish after-action reports, cyber defense techniques, guidance, and incident reports.

* Review, draft, edit, update and publish cyber incident response plans. Qualifications

Minimum requirements:

* Bachelor's degree and minimum of 14 years of relevant experience; 12 years with Masters.
* To be considered for this position, applicants must either currently hold one of the professional certifications listed below or obtain one prior to their start date. Continued certification is required as a condition of employment.
* CASP+ CE, CCNP Security, CISA, CISSP (or Associate), CISSP-ISSAP, CISSP-ISSEP, GCED, GCIH

* Demonstrated expertise in the Incident Response Lifecycle and how it applies to cloud, legacy and hybrid environments.

* Demonstrated experience with cloud computing technologies to include Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), and Identity as a Service (IDaaS)

* Demonstrated expertise in traditional computing technologies architecture, design and security.

* Demonstrated proficiency in using Endpoint Detection and Response (EDR) platforms (e.g. Microsoft Defender for Endpoint, Elastic Defend, Carbon Black)

* Demonstrated proficiency in using Security Information and Event…