Sr Information Systems Security Engineer; ISSE - TS​/SCI w​/poly

Required

• Bachelor’s degree and 8 years of experience in secure design, analysis, and test of information security systems and products.
• Minimum of 8 years of experience applying methods, standards and approaches for ensuring the baseline security safeguards are appropriately implemented and documented.
• Minimum of 8 years of experience creating and updating security test plans for detecting and mitigating risk to information systems.
• Certification:
  • Certified Information Systems Security Professional (CISSP) or Certified Ethical Hacker (CEH)
• U.S. citizenship required.
• Active TS/SCI security clearance with the abilty to obtain a polygraph

• Cloud certification preferred

Peraton is seeking an Information Systems Security Engineer to support our Federal Strategic Cyber programs.

Location:

Huntsville AL

In this role, you will:

• Lead, mentor, and supervise a team of contractor security professionals responsible for the end-to-end implementation of the RMF lifecycle for FBI IT systems.
• Oversee and coordinate activities within the Prepare step, ensuring roles, responsibilities, and risk management strategies are clearly defined and maintained.
• Guide system categorization efforts to ensure all information systems are appropriately classified based on mission/business impact and regulatory requirements.
• Advise on the selection, tailoring, and documentation of security controls aligned with system categorizations, Bureau risk appetite, and compliance requirements.
• Oversee the implementation of technical, operational, and management controls throughout system and application life cycles, with a particular focus on quality and completeness of all deliverables.
• Ensure comprehensive security control assessments are planned, executed, and documented to validate the effectiveness of implemented safeguards.
• Prepare risk management documentation for system authorization and executive decision-making.
• Direct ongoing monitoring and continuous assessment activities, collecting metrics to adjust security strategies and ensure sustained compliance.
• Serve as a principal technical advisor on cybersecurity, bringing subject-matter expertise to risk analysis, incident response, system remediation, and audit support efforts.
• Foster a culture of security awareness, providing technical guidance and training to both team members and stakeholders.
• Track, report, and communicate status, risks, and improvement opportunities related to security engineering activities to leadership and stakeholders.
• Maintain up-to-date knowledge of RMF, NIST guidance, and industry best practices in support of continuous process improvement.