About Peraton
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.
Responsibilities
Exposure Response Group -Subject Matter Expert (SME)
Location: Rosslyn, VA
Peraton is seeking a qualified candidate who will become part of Peraton's Department of State (DoS) Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable innovative, effective, and secure business processes. The DSCM program encompasses technical, engineering, data analytics, cyber security, management, operational, logistical, and administrative support to aid and advise DoS Cyber & Technology Security (CTS) Directorate. This includes protecting a global cyber infrastructure comprising networks, systems, information, and mobile devices all while identifying and responding to cyber risks and threats. Those supporting Peraton's DSCM program strive to leverage their expert knowledge and propose creative solutions to real-world cybersecurity challenges.
In this role as the Exposure Response Group -Subject Matter Expert (SME), you will support the Exposure Response Team (Blue Team).
What you'll do:
- Assist with enterprise efforts on cybersecurity assessment, provide detailed technical recommendations and coordination of remediation and mitigation strategies.
- Provide technical assistance related to internal system assessments supporting both the Authorization and Accreditation process and ad hoc assessments, often concerning zero-day vulnerability exposure.
- Coordinate with relevant personnel to obtain pertinent vulnerability information and findings concerning network security.
- Prepare reports and conducting briefings for senior leadership related to both routine and high-profile vulnerability disclosures and analysis.
- Communicate cybersecurity recommendations to responsible parties such as system owners and engaging in both tracking and verification of their remediation efforts.
- Document team processes for use in internal Standard Operating Procedures (SOPs), and other on-the-shelf documentation of processes for future team reference.
- Build working relationships to effectively complete the mission, while acknowledging and respecting stakeholder needs and requirements.
- Consult and support to other parties concerning Computer Network Defense (CND), often on an ad hoc basis, as necessary for the mission.
- Assist with enterprise efforts on to assess systems, provide technical recommendations using a variety of tools, and coordinate remediation of findings.
- Leverage multiple SIEM platforms and SOAR to ensure tracking and coordinate with relevant teams to determine exposure to vulnerabilities and misconfigurations, and to get them remediated.
- Ensure security of all types of cloud systems from various major vendors, including Infrastructure-as-a-Service, Platform-as-a-Service, and Software-as-a-Service offerings in use.
- Communicate cybersecurity recommendations to responsible parties such as system owners and engaging in both tracking and verification of their remediation efforts.
- Develop and test new tools and services as they become available for applicability of findings on customer networks, and later refining those findings to eliminate false positive results.
- Apply a zero-trust architecture framework to on-premises, standalone, and cloud IaaS, PaaS and SaaS system types
- Build working relationships, within the team, office, and with external stakeholders to effectively complete the mission, while acknowledging and respecting stakeholder needs and requirements.
#DSCM
Qualifications
Required:
- Bachelor's degree and a minimum of 9 years' experience required. An additional 4 years of experience may be substituted in lieu of degree.
- At least one of the following certifications: CCNA-Security, CND, CySA+ , GICSP, GSEC, Security+ CE, SSCP, or equivalent certification required.
- Demonstrated experience in traditional Blue Team, Red Team, or Incident Response network security roles.
- Proven expertise in performing analyses to validate established security requirements and recommended additional security requirements and safeguards.
- U.S. citizenship required.
- An Active Secret security clearance required; ability to obtain a final Top Secret security clearance.
Desired:
- Demonstrated ability to perform assessments of systems and networks within the networking environment or enclave and identifying where those systems and networks deviated from acceptable configurations, enclave or local policy.
- Effective written and verbal communications skills to prepare and present cybersecurity assessment results to stakeholders, and to further build relationships with them to continue to protect the enterprise.
- Proficient in SIEM platform usage, such as Splunk.
- Proficient in the use of Endpoint Detection & Response tools, such as Tanium and Microsoft Defender for Endpoint.
- Proficient in the use of the ServiceNow SOAR platform.
- Understanding with cloud native portals such as Azure Security Center or AWS Security Hub to identify misconfigurations and security issues.
- Knowledge of and experience with security subsystems (e.g. firewalls, VPN servers, IDS/IPS, etc.) is preferred.
- Working knowledge network technologies.
- Familiarity with the MITRE ATT&CK Framework
- The ability to solve network-related problems by using diagnostic techniques and protocols.
- Familiarity with backbone and Wide Area networking (WAN) components, wiring infrastructures, VPNs, Layer 2 and 3 networking protocols, multicast, firewalls, DHCP, DNS, IP address management and network monitoring software is preferred.
- Familiarity with Zero-Trust Architecture (ZTA) framework. Target Salary Range
$135,000 - $216,000. This represents the typical salary range for this position based on experience and other factors.
SCA / Union / Intern Rate or Range
EEO
An Equal Opportunity Employer including Disability/Veteran.
Our Values
Benefits
At Peraton, our benefits are designed to help keep you at your best beyond the work you do with us daily. We're fully committed to the growth of our employees. From fully comprehensive medical plans to tuition reimbursement, tuition assistance, and fertility treatment, we are there to support you all the way.
- Paid Time-Off and Holidays
- Retirement
- Life & Disability Insurance
- Career Development
- Tuition Assistance and Student Loan Financing
- Paid Parental Leave
- Additional Benefits
- Medical, Dental, & Vision Care