Information System Security Officer

About Peraton
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees solve the most daunting challenges that our customers face. Visit to learn how we're keeping people around the world safe and secure.

Program OverviewThe program, led by Peraton Labs with external infrastructure support, conducts advanced research for the customer on a variety of topics, including cybersecurity, RF solutions, and quantum communications. Mission focus is on developing next-gen tools for detecting cyber-attacks, enhancing network resilience, and improving small-form factor sensor systems while maintaining a focus on cutting-edge technologies like machine learning and software-defined networking.

About The Role

Peraton Labs is seeking a poly cleared Information System Security Officer for a mission-critical, highly complex HPC environment enabling research across multiple security domains. You will own day-to-day security operations aligned to RMF, drive continuous monitoring, maintain ATO posture, and partner closely with subcontractor and customer personnel to ensure implementation and compliance.

This position requires full-time on-site work in Laurel, or at a customer site near College Park, MD.

Key responsibilities may include

• Act as the ISSO supporting the system security lifecycle across development, operations, and modernization
• Execute and maintain RMF activities (e.g., control implementation oversight, evidence collection, assessment support, POA&M management, continuous monitoring)
• Maintain security authorization artifacts (e.g., SSP, control narratives, diagrams, inheritance/leverage controls, CM plan, incident handling plan, contingency artifacts, user/admin procedures)
• Operate continuous monitoring: vulnerability management, config compliance, patching coordination, scan result triage, risk acceptance, and remediation verification
• Review and approve security-relevant changes through configuration/change control and validate security configurations after major upgrades
• Support incident response and reporting: participate in investigations, coordinate containment actions, preserve evidence, and contribute to post-incident lessons learned
• Ensure least privilege/access governance: