×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Information Technology Security, Advisor

Job in Herndon, Fairfax County, Virginia, 22070, USA
Listing for: Peraton
Full Time position
Listed on 2026-06-22
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 125000 - 150000 USD Yearly USD 125000.00 150000.00 YEAR
Job Description & How to Apply Below

Job Summary

Peraton is seeking an Information System Security Officer (ISSO) to join our team of qualified, diverse professionals supporting the Health State and Local Sector. The ideal candidate will oversee all activities related to system security authorization, compliance, and continuous monitoring for a complex federal environment. The ISSO will play a critical role in ensuring secure, compliant, and resilient systems across both legacy integrations and modern cloud‑based platforms, while supporting major cybersecurity initiatives and mission‑critical efforts at the Centers for Medicare & Medicaid Services (CMS).

Responsibilities

Information System Security Officer (ISSO) responsibilities shall include, but are not limited to:

  • Serving as the ISSO for the Program and ensuring full compliance with FISMA Moderate
    , FedRAMP Moderate
    , and CMS ARS 5.1 security control baselines.
  • Overseeing the full lifecycle of the Authorization to Operate (ATO) process, including preparation, maintenance, and submission of all Security Authorization (SA) and Certification & Accreditation (C&A) documentation.
  • Conducting comprehensive risk and vulnerability assessments
    , tracking remediation activities, and ensuring zero open Critical/High vulnerabilities at go‑live
    .
  • Managing security incidents, ensuring notification within 1 hour
    , and coordinating with stakeholders on mitigation, reporting, and after‑action activities.
  • Developing, maintaining, and updating security policies, procedures, SSPs, SOPs, and other RMF documentation consistent with federal and CMS requirements.
  • Supporting annual and ad hoc federal security assessments, including CSRAP
    , CFO
    , and OMB A123 reviews, and ensuring timely and accurate submission of evidence packages.
  • Managing POA&M entries, validating mitigation strategies, supporting audit responses, and ensuring high‑quality documentation in accordance with CMS and federal guidance.
  • Performing continuous monitoring activities, analyzing security reports (e.g., vulnerability scans, audit logs), and recommending corrective actions.
  • Collaborating closely with engineering, operations, and program management teams to ensure security is embedded into system design, modernization efforts, and integrations with legacy systems.
  • Providing guidance and subject‑matter expertise on NIST 800‑53 controls, FedRAMP requirements, and CMS‑specific security processes to technical and non‑technical stakeholders.
  • Ensuring all system changes follow proper security impact analysis procedures prior to deployment.
  • Supporting contractor, government, and third‑party security assessments and participating in technical discussions related to architecture, compliance, and risk.
Basic Qualifications
  • Bachelor's degree and 8+ years of relevant cybersecurity, information assurance, or system security experience. Or 12 years of relevant experience with a high school diploma.
  • Demonstrated experience serving as an ISSO or similar security lead on federal programs following FISMA
    , NIST RMF
    , and FedRAMP requirements.
  • Hands‑on experience developing, maintaining, and reviewing RMF documentation (SSP, SAR, POA&M, CMP, Incident Response Plan, Contingency Plan, etc.).
  • Experience conducting or supporting risk assessments
    , vulnerability analysis, and security audits.
  • Familiarity with CMS ARS 5.1, CMS ATO processes, and federal cybersecurity reporting requirements.
  • Experience supporting incident response processes, including rapid notification, coordination, and reporting.
  • Strong understanding of vulnerability management tools and processes (e.g., Nessus, Tenable.sc, Qualys).
  • Ability to communicate clearly and effectively with both technical and non‑technical stakeholders.
  • U.S. Citizenship required for federal security requirements.
  • Ability to obtain and maintain a Public Trust clearance.
Preferred Qualifications
  • Relevant certifications such as CISSP
    , CISM
    , Security+,
    CEH
    , or CAP
    .
  • Previous experience supporting CMS
    , federal healthcare programs, or large federal IT modernization efforts.
  • Experience working in hybrid environments involving both legacy systems and cloud environments (AWS/Azure) subject to FedRAMP Moderate controls.
  • Familiarity with continuous…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search