Senior Information Systems Engineer Security Clearance

Position: Senior Information Systems Engineer with Security Clearance
About Peraton Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace.

The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees solve the most daunting challenges that our customers face. Visit  to learn how we're keeping people around the world safe and secure. Program Overview About

The Role Peraton is seeking a Senior Information Systems Engineer (Endpoint Security & C&A) to provide advanced security engineering, endpoint device management, certification/accreditation (C&A), and federal vulnerability reporting support. The position will be in support of the Information Technology Service Desk and Engineering Support program for a Contract at U. S. Department of Health and Human Services. The Information Systems Engineer will play a critical role in designing, testing, and implementing endpoint and network security solutions, ensuring compliance with NIST, FISMA, FedRAMP, CISA Binding Operational Directives (BODs), and HHS OIG standards.

This position requires hands-on expertise in endpoint engineering, vulnerability reporting, security architecture, and certification/accreditation processes, with an emphasis on presenting security findings and remediation strategies to management. What you'll do:
Security Engineering
* Support Government-furnished security services assets plus systems, including refreshes and upgrades. Deliver monthly status reports.

* Engineer security solutions for hardware, software, and services to protect networks from unauthorized devices, users, and malicious code.

* Provide security engineering support in compliance with federal and HHS security mandates, including NIST SP 800-53, NIST SP 800-207 (Zero Trust), DISA STIGs, FedRAMP, and FIPS standards.

* Conduct security reviews of network configurations, firewall rules, and endpoint solutions, providing recommendations for continuous improvements.

* Safeguard Personally Identifiable Information (PII) in compliance with NIST SP 800-122.

* Provide real-time or near real-time log forwarding to SIEM systems and support audit requirements.

Vulnerability & Compliance Reporting
* Monitor and assess CVE and Known Exploited Vulnerability (KEV) catalogs published by CISA.

* Develop, document, and deliver reports on CVE/KEV findings, remediation timelines, and risk ratings.

* Track and report compliance with CISA Binding Operational Directives (BODs), including mandated remediation deadlines.

* Prepare executive summaries and technical reports on vulnerability management activities for leadership.

* Present vulnerability, risk, and remediation findings to management and stakeholders in a clear, actionable manner.

Endpoint Engineering & Certification/Accreditation
* Provide engineering support for endpoint devices (desktops, laptops, thin clients, tablets, mobile phones, and wearables).

* Develop technical plans for endpoint engineering, covering design, scheduling, resources, and monitoring.

* Conduct endpoint integration and security testing to ensure compliance with defined requirements and HHS-OIG policies.

* Develop and maintain endpoint-related SOPs, requirements documentation, and acceptance criteria.

* Perform regular technical reviews with Government staff and present recommendations to improve efficiency and cybersecurity concerns.

* Assist with System Security Plans (SSPs), Contingency Plans, POA&Ms, and Penetration Test Reports.

* Mitigate high-risk vulnerabilities within 30 days and moderate-risk vulnerabilities within 90 days.

* Collaborate with HHS OIG and internal technical teams regarding incidents, escalations and reporting.
Qualifications

Required Qualifications:

* Associates degree and 7 years, Bachelors degree and 5 years or Masters degree and 3 years or High School diploma and 9 years of experience.

* Must have experience in IT security engineering, endpoint security, vulnerability management, and C&A processes.

* Degree in Information Systems, Computer Science, Engineering, or related field (or equivalent practical experience).

* Strong knowledge of federal IT security frameworks, including:

* NIST SP 800 series (800-53, 800-122, 800-157, 800-207, etc.)

* FIPS 140-2 and FIPS 201-2

* FedRAMP standards

* FISMA requirements

* CISA Binding Operational Directives (BODs) and KEV reporting requirements

* Hands-on experience with vulnerability assessment, CVE/KEV reporting, and remediation tracking.

* Experience preparing and presenting security findings and compliance reports to executive management.

* Expertise in endpoint…