Information Technology Security, Advisor

Peraton•United States•🌍 Remote

Full-timeSenior

$104k - $166k

per year

👁️ 2 views•📝 0 applications•Posted 6/19/2026•Expires 8/18/2026

Tailor Resume for This Job Check ATS Score View Original Posting ↗

Job Description

Responsibilities Peraton is seeking an Information System Security Officer (ISSO) to join our team of qualified, diverse professionals supporting the Health State and Local Sector. The ideal candidate will oversee all activities related to system security authorization, compliance, and continuous monitoring for a complex federal environment. The ISSO will play a critical role in ensuring secure, compliant, and resilient systems across both legacy integrations and modern cloud-based platforms, while supporting major cybersecurity initiatives and mission‑critical efforts at the Centers for Medicare & Medicaid Services (CMS). Responsibilities: Information System Security Officer (ISSO) responsibilities shall include, but are not limited to: Serving as the ISSO for the Program and ensuring full compliance with FISMA Moderate , FedRAMP Moderate , and CMS ARS 5.1 security control baselines. Overseeing the full lifecycle of the Authorization to Operate (ATO) process, including preparation, maintenance, and submission of all Security Authorization (SA) and Certification & Accreditation (C&A) documentation. Conducting comprehensive risk and vulnerability assessments , tracking remediation activities, and ensuring zero open Critical/High vulnerabilities at go‑live . Managing security incidents, ensuring notification within 1 hour , and coordinating with stakeholders on mitigation, reporting, and after‑action activities. Developing, maintaining, and updating security policies, procedures, SSPs, SOPs, and other RMF documentation consistent with federal and CMS requirements. Supporting annual and ad‑hoc federal security assessments, including CSRAP , CFO , and OMB A‑123 reviews, and ensuring timely and accurate submission of evidence packages. Managing POA&M entries, validating mitigation strategies, supporting audit responses, and ensuring high‑quality documentation in accordance with CMS and federal guidance. Performing continuous monitoring activities, analyzing security repo