Peraton is seeking an Information Assurance Security Engineer to join our team of qualified, and diverse individuals
The Governance, Risk and Compliance (GRC) Team is responsible for ensuring compliance to company policies and procedures, client requirements and local, state, and federal law. The GRC Engineer must also assist in the discovery of acceptable vendors for the client and internal Peraton business owners and identify and manage the risks imposed by internal and external entities, products, and services and the identification, analysis, treatment and ongoing monitoring of risks imposed by these entities using industry accepted frameworks.
The ideal candidate has a strong working knowledge of Information Technology and background in information security risk management, information security standards and compliance requirements, and security GRC frameworks. They are a motivated self-starter that is capable of ensuring successful security involvement in IT projects from kick-off to closing in alignment with Secure by Design principles.
Work location: This position can be worked remotely
Day to Day Work Responsibilities:
- Provide expertise to the client and internal Peraton teams in the best security practices during the vendor on-boarding process.
- Determine product/services that meet the needs of the client and NIST 800-53 standards.
- Identify, analyze, treat, and monitor risk imposed by third-party and internal systems being on-boarded.
- Improve the security posture of the company and the client by documenting and managing existing risks as needed.
- Update and maintain GRC policies and procedures in a timely manner.
- Ensure compliance to local, state, and federal requirements applicable by policy/contractual or legality.