×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Senior Information System Security Officer; ISSO

Job in College Park, Prince George's County, Maryland, 20741, USA
Listing for: Peraton
Full Time position
Listed on 2025-12-20
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 135000 - 216000 USD Yearly USD 135000.00 216000.00 YEAR
Job Description & How to Apply Below
Position: Senior Information System Security Officer (ISSO)

Responsibilities

Peraton Labs is seeking a poly cleared Senior Information System Security Officer for a mission-critical, highly complex HPC environment enabling research across multiple security domains. You will own day-to-day security operations aligned to RMF, drive continuous monitoring, maintain ATO posture, and partner closely with subcontractor and customer personnel.

This position requires full-time on-site work in Laurel, or a customer site near College Park, MD.

Key responsibilities may include

  • Lead or co-lead ATO/reauthorization efforts for complex boundary systems
  • Mentor junior ISSOs and shape security operations playbooks
  • Perform risk analysis and author formal recommendations to leadership
  • Drive security engineering outcomes by partnering with internal teams on scalable compliance patterns
  • Brief senior internal and customer stakeholders on security posture, systemic risk trends, remediation burn-down, and authorization readiness
  • Act as the Senior ISSO supporting the system security lifecycle across development, operations, and modernization
  • Execute and maintain RMF activities (e.g., control implementation oversight, evidence collection, assessment support, POA&M management, continuous monitoring)
  • Maintain security authorization artifacts (e.g., SSP, control narratives, diagrams, inheritance/leverage controls, CM plan, incident handling plan, contingency artifacts, user/admin procedures)
  • Operate continuous monitoring: vulnerability management, config compliance, patching coordination, scan result triage, risk acceptance, and remediation verification.
  • Review and approve security-relevant changes through configuration/change control and validate security configurations after major upgrades
  • Support incident response and reporting: participate in investigations, coordinate containment actions, preserve evidence, and contribute to post-incident lessons learned
  • Ensure least privilege/access governance: account management oversight, privileged access workflows, periodic access reviews, and audit compliance requirements
  • Translate security requirements into implementation guidance that engineering teams can operationalize (clear, testable, and automatable where possible)
Qualifications

Required qualifications

  • 12+ years of experience and a BS in Computer Science, Cybersecurity, or related technical discipline, MS and 10+ years of experience, or a PhD and 8+ years of experience. Four years of additional experience is required in lieu of a Bachelors’ degree for a total of 16 years of experience
  • 8+ years of experience in information security/compliance supporting DOD/IC or government systems, including ownership of major RMF deliverables and ATO events for complex systems
  • Demonstrated leadership experience coordinating across security, engineering, and customer stakeholders
  • Ability to provide mentorship and direction to team members
  • Proven ability to write risk decisions and packages that stand up to assessor/AO scrutiny
  • Deep understanding of continuous monitoring at scale (recurring evidence, metrics, audit readiness, remediation governance)
  • Hands-on experience executing RMF tasks and maintaining authorization artifacts (SSP, POA&M, continuous monitoring evidence)
  • Strong working knowledge of NIST SP 800-53 controls and how they map to technical implementations and procedures
  • Experience with vulnerability and configuration compliance workflows
  • Familiarity with Linux-based enterprise environments and common hardening concepts
  • Ability to communicate risk clearly to both technical engineers and non-technical leadership
  • One or more active/current certifications such as: CISSP, CISM, CAP, GSLC, Security+, CCSP, INCOSE, CCNA, RHCE, MCSE, VCP, ITIL, PMP, Agile, and etc.
  • This position requires an active/current TS/SCI w/ Polygraph.

Preferred qualifications

  • Experience securing or assessing containerized workflows (e.g., container runtime hardening, image governance, supply chain considerations)
  • Experience with eMASS (or comparable GRC tooling), security control inheritance models, and assessor engagement.
  • Familiarity with vulnerability tooling and security monitoring concepts
  • Experience with data protection requirements relevant…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search