Compare your current skills to what this opportunity needs—we'll show you what you already have and what could strengthen your application.
Job Description
Information Technology Security, Advisor Peraton United States, Virginia, Reston 1875 Explorer St (Show on map) Jun 18, 2026 Information Technology Security, Advisor
Job Locations US Requisition
ID 2026-167722
Position Category Cyber Security Clearance Public Trust Responsibilities Peraton is seeking an Information System Security Officer (ISSO) to join our team of qualified, diverse professionals supporting the Health State and Local Sector. The ideal candidate will oversee all activities related to system security authorization, compliance, and continuous monitoring for a complex federal environment. The ISSO will play a critical role in ensuring secure, compliant, and resilient systems across both legacy integrations and modern cloud-based platforms, while supporting major cybersecurity initiatives and missioncritical efforts at the Centers for Medicare & Medicaid Services (CMS).
Responsibilities:
Information System Security Officer (ISSO) responsibilities shall include, but are not limited to: Serving as the ISSO for the Program and ensuring full compliance with FISMA Moderate, FedRAMP Moderate, and
CMS ARS 5.1
security control baselines.
Overseeing the full lifecycle of the Authorization to Operate (ATO) process, including preparation, maintenance, and submission of all Security Authorization (SA) and Certification & Accreditation (C&A) documentation.
Conducting comprehensive risk and vulnerability assessments, tracking remediation activities, and ensuring zero open Critical/High vulnerabilities at golive.
Managing security incidents, ensuring notification within 1 hour, and coordinating with stakeholders on mitigation, reporting, and afteraction activities.
Developing, maintaining, and updating security policies, procedures, SSPs, SOPs, and other RMF documentation consistent with federal and CMS requirements.
Supporting annual and adhoc federal security assessments, including CSRAP, CFO, and
OMB A123
reviews, and ensuring timely and accurate submission of evidence packages.
Managing POA&M entries, validating mitigation strategies, supporting audit responses, and ensuring highquality documentation in accordance with CMS and federal guidance.
Performing continuous monitoring activities, analyzing security reports (e.g., vulnerability scans, audit logs), and recommending corrective actions.
Collaborating closely with engineering, operations, and program management teams to ensure security is embedded into system design, modernization efforts, and integrations with legacy systems.
Providing guidance and subject matter expertise on
NIST 80053
controls, FedRAMP requirements, and CMS-specific security processes to technical and non-technical stakeholders.
Ensuring all system changes follow proper security impact analysis procedures prior to deployment.
Supporting contractor, government, and thirdparty security assessments and participating in technical discussions related to architecture, compliance, and risk.
Qualifications Basic Qualifications:
Bachelor's degree and 8+ years of relevant cybersecurity, information assurance, or system security experience. Or 12 years of relevant experience with a high school diploma.
Demonstrated experience serving as an ISSO or similar security lead on federal programs following
FISMA, NIST
RMF, and FedRAMP requirements.
Handson experience developing, maintaining, and reviewing RMF documentation (SSP, SAR, POA&M, CMP, Incident Response Plan, Contingency Plan, etc.).
Experience conducting or supporting risk assessments, vulnerability analysis, and security audits.
Familiarity with
CMS ARS 5.1, CMS ATO
processes, and federal cybersecurity reporting requirements.
Experience supporting incident response processes, including rapid notification, coordination, and reporting.
Strong understanding of vulnerability management tools and processes (e.g., Nessus, Tenable.sc, Qualys).
Ability to communicate clearly and effectively with both technical and nontechnical stakeholders.
U.S. Citizenship required for federal security requirements.
Ability to obtain and maintain a Public Trust clearance.
Preferred Qualifications:
Relevant certifications such as CISSP, CISM, Security+, CEH, or CAP.
Previous experience supporting CMS, federal healthcare programs, or large federal IT modernization efforts.
Experience working in hybrid environments involving both legacy systems and cloud environments (AWS/Azure) subject to FedRAMP Moderate controls.
Familiarity with continuous monitoring processes and automation tools aligned with federal environments.
Experience supporting external audits such as CSRAP, CFO, and
OMB A123.
Knowledge of secure software development practices and DevSecOps concepts.
Experience with enterprisescale government contractors or large federal IT programs. Peraton Overview Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure. Target Salary Range $104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.
EEO EEO:
Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.
