Information Security Engineer

*Position is Contingent Upon Award**Peraton seeks innovative professionals who thrive in mission-critical environments and are passionate about protecting our national critical infrastructure. This is your chance to make an impact on one of the nation’s vital organizations, working alongside leaders in cybersecurity engineering, operations, forensics, threat analysis, data science, and systems integration.Join Peraton in supporting a large critical infrastructure operator to defend its corporate and operations networks from nation-state attacks, ensure the confidentiality, integrity, and availability of its systems and operations infrastructure, and comply with federal and industry cybersecurity regulation. As a Risk / security controls assessment and remediation manager working alongside a state of the art 24-hour Cybersecurity Operations Center (CSOC), you will be responsible for leading the assessment, validation, and remediation of security controls across the organization. This role ensures that security risks are identified, prioritized, and effectively mitigated in alignment with regulatory requirements, security frameworks, and organizational risk tolerance.Primary Responsibilities:The Information Security Engineer will be responsible to:Lead security control assessments across systems, applications, and infrastructureEvaluate the effectiveness of technical, administrative, and operational security controlsIdentify control gaps, weaknesses, and residual riskDevelop, track, and manage remediation plans in coordination with system ownersPrioritize remediation efforts based on risk, impact, and business contextValidate remediation actions and confirm control effectiveness post-fixMaintain risk registers, control assessment documentation, and remediation evidenceSupport internal and external audits, assessments, and regulatory inquiriesCommunicate risk posture, trends, and remediation status to leadershipWork with stakeholders to continuously improve assessment and remediation processes and methodologiesStay current on emerging threats and incorporate lessons learned into recommendations to policies, procedures, and cybersecurity systems and network modificationsPrepare reports and brief CSOC Manager, infrastructure stakeholders and corporate management on requestsAdditional Responsibilities:Contribute to the development and periodic review of security policies, standards, and control proceduresProvide advisory support to system owners and project teams during system design or major changesParticipate in tabletop exercises, risk workshops, and threat modeling sessions as a controls SMESupport onboarding and training of staff on control assessment and remediation processesAssist with defining control metrics, KPIs, and maturity indicatorsReview and provide input on third-party risk assessments and vendor security reviewsSupport merger, acquisition, organizational role changes or system onboarding activities from a risk and controls perspectiveTrack emerging threats, regulatory changes, and framework updates to inform assessment strategyMentor junior risk analysts or assessment team membersSupport executive reporting and briefings on risk trends and remediation progressRequired:U.S. Citizenship RequiredMust have the ability to obtain / maintain a DOE L Level or DOE Secret clearanceDegree in computer science, engineering, cybersecurity, information technology, risk management or related field8 years of experience with BS/BA; 6 years with MS/MAExperience in cybersecurity compliance, analyst, governance, or risk management rolesUnderstanding of industry cybersecurity standards such as FISMA, NIST 800 series, ISO 27001 and regulatory compliance requirementsExperience with vulnerability assessment, enterprise risk assessments, and remediation workflowsAbility to analyze scan results and control findings to determine true risk to the organizationExperience creating and managing POA&Ms or remediation plansFamiliarity with patch management and configuration remediation processesAbility to lead cross-functional remediation efforts without direct authorityExperience coordinating with engineering, IT, security, and compliance teamsStrong project management and prioritization skillsStrong analytical and problem-solving skills Desired:Hold technical and/or cybersecurity certification such as CISSP, GIAC GSEC, GIAC GCIH, CISA SSCP, CompTIA Security+A master's degree in computer science, engineering, cybersecurity, information technology, or related fieldPeraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.$104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.

Created: 2026-01-26