Senior Information System Security Officer (ISSO) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Peraton Labs · 3 weeks ago

Senior Information System Security Officer (ISSO)

positionCollege Park, MD
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$135K/yr - $216K/yr
date12+ years exp

Peraton Labs is a next-generation national security company that drives missions of consequence. They are seeking a Senior Information System Security Officer to manage security operations aligned to RMF, enhance network resilience, and support cybersecurity efforts across multiple security domains.

ConsultingInformation ServicesMarket Research
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Lead or co-lead ATO/reauthorization efforts for complex boundary systems
Mentor junior ISSOs and shape security operations playbooks
Perform risk analysis and author formal recommendations to leadership
Drive security engineering outcomes by partnering with internal teams on scalable compliance patterns
Brief senior internal and customer stakeholders on security posture, systemic risk trends, remediation burn-down, and authorization readiness
Act as the Senior ISSO supporting the system security lifecycle across development, operations, and modernization
Execute and maintain RMF activities (e.g., control implementation oversight, evidence collection, assessment support, POA&M management, continuous monitoring)
Maintain security authorization artifacts (e.g., SSP, control narratives, diagrams, inheritance/leverage controls, CM plan, incident handling plan, contingency artifacts, user/admin procedures)
Operate continuous monitoring: vulnerability management, config compliance, patching coordination, scan result triage, risk acceptance, and remediation verification
Review and approve security-relevant changes through configuration/change control and validate security configurations after major upgrades
Support incident response and reporting: participate in investigations, coordinate containment actions, preserve evidence, and contribute to post-incident lessons learned
Ensure least privilege/access governance: account management oversight, privileged access workflows, periodic access reviews, and audit compliance requirements
Translate security requirements into implementation guidance that engineering teams can operationalize (clear, testable, and automatable where possible)

Qualification

Risk Management Framework (RMF)Continuous MonitoringNIST SP 800-53Information Security ComplianceSecurity Authorization ArtifactsVulnerability ManagementLinux EnvironmentsSecurity CertificationsIncident ResponseContainer SecurityData Protection RequirementsMentorshipLeadership Experience

Required

12+ years of experience and a BS in Computer Science, Cybersecurity, or related technical discipline, MS and 10+ years of experience, or a PhD and 8+ years of experience. Four years of additional experience is required in lieu of a Bachelors' degree for a total of 16 years of experience
8+ years of experience in information security/compliance supporting DOD/IC or government systems, including ownership of major RMF deliverables and ATO events for complex systems
Demonstrated leadership experience coordinating across security, engineering, and customer stakeholders
Ability to provide mentorship and direction to team members
Proven ability to write risk decisions and packages that stand up to assessor/AO scrutiny
Deep understanding of continuous monitoring at scale (recurring evidence, metrics, audit readiness, remediation governance)
Hands-on experience executing RMF tasks and maintaining authorization artifacts (SSP, POA&Ms, continuous monitoring evidence)
Strong working knowledge of NIST SP 800-53 controls and how they map to technical implementations and procedures
Experience with vulnerability and configuration compliance workflows
Familiarity with Linux-based enterprise environments and common hardening concepts
Ability to communicate risk clearly to both technical engineers and non-technical leadership
One or more active/current certifications such as: CISSP, CISM, CAP, GSLC, Security+, CCSP, INCOSE, CCNA, RHCE, MCSE, VCP, ITIL, PMP, Agile, and etc
This position requires an active/current TS/SCI w/ Polygraph

Preferred

Experience securing or assessing containerized workflows (e.g., container runtime hardening, image governance, supply chain considerations)
Experience with eMASS (or comparable GRC tooling), security control inheritance models, and assessor engagement
Familiarity with vulnerability tooling and security monitoring concepts
Experience with data protection requirements relevant to sensitive environments

Benefits

Medical
Dental
Vision
Life
Health savings account
Short/long term disability
EAP
Parental leave
401(k)
Paid time off (PTO) for vacation
Company paid holidays

Company

Peraton Labs

twittertwitter
company-logo
At Peraton Labs, we refuse to think inside the box. As Peraton’s innovation hub, we are molding the future of emerging technologies.
dateFounded in 2018
location
Basking Ridge, New Jersey, USA
people-size10001+ employees
web-link
https://www.perspectalabs.com/

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Stefano Galli
Chief Scientist
linkedin

Recent News

Google Patent
Adaptive radio frequency communication
2025-08-21
Google Patent
Common-mode signaling and coupler bypass in legacy busses
2025-02-20
Google Patent
Migration of traffic flows
2025-02-20
Company data provided by crunchbase