Information Assurance and Security, Lead Associate

Peraton Inc
Arlington, United States of America
14 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 138K

Job location

Arlington, United States of America

Tech stack

Agile Methodologies
Health Informatics
CompTIA Security+
Scrum
Security Information and Event Management
Data Streaming
Systems Architecture
Systems Integration
Software Vulnerability Management
Security Orchestration, Automation & Response
Plan of Action and Milestones
Vulnerability Analysis

Job description

Peraton is seeking a Lead Security Analyst to join our team of qualified, diverse professionals supporting the Health State and Local Sector. The ideal candidate will lead security analysis, compliance oversight, and risk management efforts across a complex, mission critical environment. This role plays a pivotal part in ensuring secure and compliant solutions, guiding vulnerability management activities, and supporting major modernization efforts for the Centers for Medicare & Medicaid Services (CMS). The Lead Security Analyst will help shape and maintain a robust security posture, ensuring that all program capabilities adhere to CMS and Federal security standards.

Lead Security Analyst's responsibilities shall include, but are not limited to:

  • Leading all security analysis, compliance, and oversight activities for the Program.
  • Conducting comprehensive security assessments, including evaluation of system architecture, data flows, interfaces, and inherited controls.
  • Developing, maintaining, and enforcing program-wide security policies, procedures, and documentation consistent with Federal and CMS security requirements.
  • Managing the program's vulnerability assessment program, including vulnerability scanning, analysis, reporting, and coordination of remediation activities.
  • Leading the development of risk mitigation strategies and providing recommendations to address findings from scans, assessments, POA&Ms, and audits.
  • Preparing and supporting all security audits, reviews, and checkpoints, including CMS security assessments, FISMA reviews, and relevant ATO activities.
  • Ensuring security requirements are integrated into Agile development workflows, providing direct guidance to Scrum teams, architects, and developers.
  • Reviewing technical designs, user stories, and system enhancements for security impacts and compliance alignment.
  • Monitoring regulatory and CMS security updates to ensure program compliance remains current and accurate.
  • Collaborating with cross functional stakeholders including engineering, operations, compliance, and program leadership to ensure secure-by-design solution delivery.
  • Developing and delivering security awareness and compliance training tailored to the Program needs.
  • Maintaining accurate and up-to-date security documentation, dashboards, and metrics reporting for program leadership.

Requirements

  • 5 years with BS/BA; 3 years with MS/MA
  • Demonstrated experience leading security analysis, compliance, and risk management activities for large-scale Federal programs.
  • Strong understanding of Federal information security standards and frameworks such as FISMA, NIST SP 80053, NIST RMF, and CMS ARS.
  • Hands-on experience conducting or managing vulnerability assessments, security scanning, POA&M lifecycle management, and risk mitigation planning.
  • Experience preparing for and supporting Federal security audits, assessments, and ATO activities.
  • Ability to review system designs, data flows, and architecture diagrams for security considerations and compliance alignment.
  • Experience working directly with Agile teams and integrating security requirements into Agile SDLC processes.
  • Excellent written and verbal communication skills, with the ability to communicate with both technical and nontechnical stakeholders.
  • US. Citizenship required.
  • Must have the ability to obtain and maintain a Public Trust clearance.
  • Must reside near or be able to work in alignment with the program's hybrid work expectations., * Experience supporting CMS programs, including familiarity with CMS ARS, ATO processes, and CMS governance expectations.
  • Relevant security certifications such as CISSP, CISM, Security+, CEH, or equivalent.
  • Experience with vulnerability management platforms, SIEM tools, and security automation technologies.
  • Prior experience in healthcare IT and knowledge of compliance requirements such as HIPAA.
  • Experience integrating or modernizing systems in environments with legacy system dependencies.
  • Experience supporting large-scale, multi-team modernization or transformation initiatives.

Benefits & conditions

3.13.1 out of 5 stars Arlington, TX Hybrid work $86,000 - $138,000 a year, Pulled from the full job description

  • Parental leave
  • 401(k)
  • Health insurance
  • Paid time off
  • Vision insurance
  • Health savings account
  • Dental insurance, Target Salary Range: $86,000 - $138,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

Benefits Statement: Peraton offers eligible employees a variety of benefits including medical, dental, vision, life, health savings account, short/long term disability, EAP, parental leave, 401(k), paid time off (PTO) for vacation, and company paid holidays. A full listing of available benefits can be viewed at https://www.careers.peraton.com/benefits.

About the company

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees solve the most daunting challenges that our customers face. Visit peraton.com to learn how we're keeping people around the world safe and secure.

Apply for this position