Computer Systems Security Analyst (Info Sys Sec Officer)

Requisition ID: 21008344

  • Category IconCategory: Information Technology
  • Location IconLocation: Woodlawn, Maryland
  • Citizenship IconUS Citizenship Required for this Position: Yes
  • Clearance IconClearance Type: Position of Public Trust
  • Telecommute IconTelecommute: No –Teleworking not available for this position
  • Shift IconShift: 1st Shift
  • Travel IconTravel Required: No
  • Positions IconPositions Available: 2

Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets. Every day, our 22,000 employees do the can’t be done, solving the most daunting challenges facing our customers. Peraton is seeking a Computer Systems Security Analyst (Info Sys Sec Officer) to support the Social Security Administration located in Woodlawn, MD. Description of Work:
  • Perform risk analysis for supporting customer requirements.
  • Assess information systems for compliance with the NIST RMF and the associated security controls.
  • Review current security assessment, authorization processes, policies and SOPs, and provide recommendations for improvement.
  • Conduct Security Impact Analysis as per NIST 800-128 guidance.
  • Support the Security Assessment & Authorization Branch by implementing appropriate methods to evaluate risk levels associated with improperly implemented security controls, characterizing aggregate levels of risk to include recommendations to fix, mitigate, or accept the risk.
  • Conduct system security categorizations, security control assessments, risk assessments, and provide recommendations to enhance the security posture of the information system.
  • Draft agency specific security control assessment (SCA) guidance, procedures, and templates to allow thorough and accurate control assessments, risk analysis, and final documentation in the Security Assessment Report (SAR).
  • Analyze Interconnection Security Agreements for compliance to NIST 800-47.
  • Develop Security Risk Assessment Reports (SRA, RAR).
  • Provide support by providing guidance on control requirements and agency implementation.
  • Assist with migrating system data contained within the System Security Document,  Information System Contingency Plan,  Service Control Policies) into the comprehensive enterprise risk assessment and management solutions Xacta
  • Assisting stakeholders in building security documentation (i.e. FIPS 100, SSP’s, ISCP’s, BIA’s)

Basic Qualifications:
  • Bachelor’s degree and 7 years of experience, OR Master's degree and 5 years of experience, OR 11 years of experience in lieu of a degree
  • Must have minimum 4 years’ experience in cybersecurity documentation and system authorization artifacts (System Security Plan, lifecycle documentation, continuous monitoring plan, Security Assessment Plan, Security Assessment Report, Risk Assessment, etc.)
  • CompTia Security+ Certification
  • 3 years’ experience and working knowledge of:
    • NIST SP 800-53 r4 Security and Privacy Controls for Federal Information Systems and Organizations
    • NIST SP 800-37 r2 Guide for Applying the Risk Management Framework to Federal Information Systems
    • NIST SP 800-30 Guide for Conducting Risk Assessments
    • NIST SP 800-39 Managing Information Security Risk
  • 3 years’ experience and working knowledge of:
    • Reviewing, analyzing, and documenting the secure implementation of logical controls, physical controls, environmental controls, personnel security and incident handling
    • FedRamp Cloud security
    • Federal regulatory bodies such as the Office of Management Budget (OMB), National Institute of Standards and Technology (NIST), Federal Information Security Management Act of 2002 (FISMA), Federal Risk and Authorization Management Program (FedRAMP) and the Health Insurance Portability and Accountability Act (HIPAA).
  • 3 years’ experience and working knowledge of:
    • Conducting Security Control Assessments.
    • Interpreting security architecture diagrams independently with the ability to articulate to the team
    • Assessing security requests, gathering requirements and communicating with customers, subject matter experts and various agency stakeholders
  • Must have minimum of 1 years’ experience in
    • AGILE and SDLC processes
    • Ability to conduct security control assessments independently
  • Must be able to obtain and maintain a US Public Trust security clearance
  • Must be a US Citizen or Green Card Holder (Permanent Resident)

Preferred Qualifications:
  • CISSP certification
  • Ability to work independently to determine and develop a risk assessment approach to proposed new agency solutions, only needing review upon completion for adequacy in meeting objectives
  • Ability to interpret and provide consulting on the development of security guidance, complex system security requirements, and serve as a RMF SME at key stakeholder meetings
  • Critical thinking/analytical skills, creativity, proven drive for quality, and excellent technical oral and written communication skills
  • Migrating systems from on-prem to cloud
  • NIST SP 800-53 r5 Security and Privacy Controls for Federal Information Systems and Organizations
  • Has strong organizational skills and an ability to stay focused while managing multiple tasks concurrently
  • Experience with Xacta
  • Proficient knowledge and experience with Microsoft Office products, including Word, PowerPoint, Excel, and SharePoint.
  • Prior experience supporting the Social Security Administration or similar government agencies and/or cybersecurity programs 
  • Proven ability to be a self-starter and work in a utility/hybrid role supporting multiple tasks and technical security projects

We are an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law.

Apply Now
Apply Now

What's great about
Northrop Grumman

  1. Be part of a culture that thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work.
  2. Use your skills to build and deliver innovative tech solutions that protect the world and shape a better future.
  3. Enjoy benefits like work-life balance, education assistance and paid time off.

Did you know?

We offer an array of benefits to give you the support you need, including matching 401K, tuition assistance, health insurance and wellness options, coaching, mentoring and more.