Sr Information Security Engineer

About PeratonPeraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees solve the most daunting challenges that our customers face. Visit peraton.com to learn how we're keeping people around the world safe and secure.About The Role**Position is Contingent Upon Award**Peraton seeks innovative professionals who thrive in mission-critical environments and are passionate about protecting our national critical infrastructure. This is your chance to make an impact on one of the nation's vital organizations, working alongside leaders in cybersecurity engineering, operations, forensics, threat analysis, data science, and systems integration.Join Peraton in supporting a large critical infrastructure operator to defend its corporate and operations networks from nation-state attacks, ensure the confidentiality, integrity, and availability of its systems and operations infrastructure, and comply with federal and industry cybersecurity regulation. As a Sr Information Security Engineer working alongside a state of the art 24-hour Cybersecurity Operations Center (CSOC), you will be responsible for leading the assessment, validation, and remediation of security controls across the organization. This role ensures that security risks are identified, prioritized, and effectively mitigated in alignment with regulatory requirements, security frameworks, and organizational risk tolerance.Primary Responsibilities:The Sr Information Security Engineer will be responsible to:Lead security control assessments across systems, applications, and infrastructureEvaluate the effectiveness of technical, administrative, and operational security controlsIdentify control gaps, weaknesses, and residual riskDevelop, track, and manage remediation plans in coordination with system ownersPrioritize remediation efforts based on risk, impact, and business contextValidate remediation actions and confirm control effectiveness post-fixMaintain risk registers, control assessment documentation, and remediation evidenceSupport internal and external audits, assessments, and regulatory inquiriesCommunicate risk posture, trends, and remediation status to leadershipWork with stakeholders to continuously improve assessment and remediation processes and methodologiesStay current on emerging threats and incorporate lessons learned into recommendations to policies, procedures, and cybersecurity systems and network modificationsPrepare reports and brief CSOC Manager, infrastructure stakeholders and corporate management on requestsAdditional Responsibilities:Contribute to the development and periodic review of security policies, standards, and control proceduresProvide advisory support to system owners and project teams during system design or major changesParticipate in tabletop exercises, risk workshops, and threat modeling sessions as a controls SMESupport onboarding and training of staff on control assessment and remediation processesAssist with defining control metrics, KPIs, and maturity indicatorsReview and provide input on third-party risk assessments and vendor security reviewsSupport merger, acquisition, organizational role changes or system onboarding activities from a risk and controls perspectiveTrack emerging threats, regulatory changes, and framework updates to inform assessment strategyMentor junior risk analysts or assessment team membersSupport executive reporting and briefings on risk trends and remediation progressQualificationsRequired:U.S. Citizenship RequiredMust have the ability to obtain / maintain a DOE L Level or DOE Secret clearanceDegree in computer science, engineering, cybersecurity, information technology, risk management or related fieldMinimum of 12 years with BS/BA; Minimum of 10 years with MS/MA; Minimum of 7 years with Ph.DExperience in cybersecurity compliance, analyst, governance, or risk management rolesUnderstanding of industry cybersecurity standards such as FISMA, NIST 800 series, ISO 27001 and regulatory compliance requirementsExperience with vulnerability assessment, enterprise risk assessments, and remediation workflowsAbility to analyze scan results and control findings to determine true risk to the organizationExperience creating and managing POA&Ms or remediation plansFamiliarity with patch management and configuration remediation processesAbility to lead cross-functional remediation efforts without direct authorityExperience coordinating with engineering, IT, security, and compliance teamsStrong project management and prioritization skillsStrong analytical and problem-solving skills Desired:Hold technical and/or cybersecurity certification such as CISSP, GIAC GSEC, GIAC GCIH, CISA SSCP, CompTIA Security+A master's degree in computer science, engineering, cybersecurity, information technology, or related fieldDetailsTarget Salary Range: $135,000 - $216,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.Benefits Statement: Peraton offers eligible employees a variety of benefits including medical, dental, vision, life, health savings account, short/long term disability, EAP, parental leave, 401(k), paid time off (PTO) for vacation, and company paid holidays. A full listing of available benefits can be viewed at https://www.careers.peraton.com/benefits.Application Statements: The application period for the job is estimated to be 30 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates. By applying to this job, you are expressing interest in the role and the Company. During the review of your application, you may be required to participate in an on-camera interview, as well as participate in a process to verify your identity.EEO:Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.