Job Description
Security Engineer Peraton United States, Washington, Home May 22, 2026 Security Engineer
Job Locations US-OR-Home | US-WA-Home | US-WA-Home Requisition
ID 2026-167116
Position Category Information Technology Clearance No Clearance Required Responsibilities Peraton is seeking an experienced Security Engineer to support the security, compliance, and maintenance of a large-scale, web-based government application. In this role, you will be responsible for implementing and sustaining a comprehensive security posture aligned with NIST SP 800-53
(Moderate), SOC 2 Type II, OWASP
Top 10, and applicable state and federal regulatory requirements. You will work closely with program teams, agency stakeholders, and independent auditors to ensure continuous compliance, rapid incident response, and robust data protection across all environments. Location:
This position is remote; however, candidates must reside within the Pacific Time Zone (PST) and be located in Oregon or Washington, or within close proximity to Salem, Oregon to support occasional onsite travel requirements. Day to Day Roles and Responsibilities:
Design, implement, and maintain security controls in accordance with NIST SP 800-53
(Moderate) across all system components
Deploy, configure, and maintain a Web Application Firewall (WAF) and enforce OWASP Top 10 validation throughout the software development lifecycle
Implement and manage TLS 1.2/1.3
encryption for data in transit and 256-bit AES (FIPS 140-2/140-3 compliant) encryption for data at rest
Conduct and coordinate SAST, DAST, and Software Composition Analysis (SCA) as part of the secure development lifecycle
Maintain a Software Bill of Materials (SBOM) for all applications and manage application allowlisting to prevent unauthorized software execution
Implement and manage IEEE 802.1x certificate-based network access control
Develop, maintain, and continuously update the Security Risk Management Plan
Manage real-time, automated hardware and software asset inventory tracking
Coordinate and support annual independent security audits (NIST SP 800-53
Moderate or SOC 2 Type II); deliver SOC 2 Type II reports.
Monitor system security logs and provide on-demand access to designated agency personnel
Lead incident response activities; deliver breach/incident notifications to the Agency within 24 hours of discovery
Ensure all Agency Data remains within the United States or its territories at all times - no overseas access, transmission, storage, or backup permitted
Manage cryptographic key lifecycle in accordance with NIST SP 800-57
Perform data sanitization and media destruction per NIST SP 800-88
(Rev. 1)
Classify and protect all Agency Data per applicable Oregon Information Asset Classification policies
Generate User Access Reports and Data Sanitization Certifications upon agency request
Provide prior notification to the Agency before responding to any third-party or law enforcement requests for Agency Data
Ensure all personnel complete periodic privacy and security training per NIST SP 800-53 AT
family controls
Support disaster recovery planning and geographically dispersed hosting operations within Oregon Qualifications Basic Qualifications:
Bachelors degree and 5 years of experience or an Associates degree and 7 years of experience or a High School diploma and 9 years of experience.
Must be a U.S. Citizen or Green Card holder.
Must be able to pass an FBI NCIC
fingerprint-based background check
Must reside in the Oregon/Washington area
5+ years of experience in information security engineering, cybersecurity, or a related discipline
Demonstrated experience implementing NIST SP 800-53
(Moderate) security controls in a production environment
Hands-on experience with SOC 2 Type II audit processes and remediation
Proficiency with OWASP Top 10 vulnerability identification and remediation
Experience deploying and managing Web Application Firewalls (WAF)
Working knowledge of SAST, DAST, and SCA tools and integration into CI/CD pipelines
Experience with TLS 1.2/1.3, AES-256, and FIPS 140-2/140-3
compliant encryption implementations
Familiarity with NIST SP 800-57
(cryptographic key management) and NIST SP 800-88
(media sanitization)
Experience with IEEE 802.1x network access control
Experience maintaining Software Bills of Materials (SBOM) and application allowlisting technologies
Knowledge of incident response procedures, including breach notification requirements
Familiarity with cloud infrastructure security and data residency requirements
Strong written and verbal communication skills; ability to produce audit-ready documentation and compliance reports Preferred Qualifications:
Experience supporting state or federal government IT systems or election infrastructure
Knowledge of Oregon Consumer Information Protection Act (OCIPA) (ORS 646A.600-646A.628) and Oregon Statewide Information Security Standards
Familiarity with Oregon Executive Order 23-26 (AI governance requirements)
Experience with Peraton Cloud Seed or similar government cloud environments
Relevant certifications: CISSP, CISM, CEH, CompTIA Security+, AWS/Azure Security Specialty, or equivalent
Experience with geographically dispersed hosting and disaster recovery in government environments Peraton Overview Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure. Target Salary Range $80,000 - $128,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. EEO EEO:
Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.
