Information Assurance and Security, Lead Associate

Peraton

$86K — $138K *
US-AnywhereRemote in United States
Healthcare
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 5+ years of experience with a BS/BA or 3+ years with an MS/MA.
  • Proven leadership in security analysis, compliance, and risk management for Federal programs.
  • In-depth knowledge of Federal information security standards like FISMA and NIST SP 80053.
  • Hands-on experience in vulnerability assessments and risk mitigation planning.
  • Experience with Federal security audits and ATO processes.
  • Ability to assess system designs for security and compliance issues.
  • Strong communication skills for technical and non-technical audiences.

Responsibilities

  • Lead security analysis and compliance oversight for Health Sector.
  • Conduct comprehensive security assessments of system architecture.
  • Develop and enforce security policies per Federal and CMS standards.
  • Manage program's vulnerability assessment and remediation activities.
  • Lead risk mitigation strategy development and implementation.
  • Prepare and support security audits and compliance reviews.
  • Integrate security requirements into Agile workflows and provide guidance.

Benefits

  • Hybrid work environment with flexible scheduling.
  • Opportunity to work on high-impact programs with major stakeholders.
  • Professional development through training and certifications offered.
  • Contributions to mission-critical health initiatives.
  • Collaborative team atmosphere with diverse skill sets.
  • Engagement in innovative security practices and technology solutions.
Full Job Description
Responsibilities

Peraton is seeking a Lead Security Analyst to join our team of qualified, diverse professionals supporting the Health State and Local Sector. The ideal candidate will lead security analysis, compliance oversight, and risk management efforts across a complex, mission critical environment. This role plays a pivotal part in ensuring secure and compliant solutions, guiding vulnerability management activities, and supporting major modernization efforts for the Centers for Medicare & Medicaid Services (CMS). The Lead Security Analyst will help shape and maintain a robust security posture, ensuring that all program capabilities adhere to CMS and Federal security standards.

Lead Security Analyst’s responsibilities shall include, but are not limited to:

  • Leading all security analysis, compliance, and oversight activities for the Program.• Conducting comprehensive security assessments, including evaluation of system architecture, data flows, interfaces, and inherited controls.• Developing, maintaining, and enforcing program-wide security policies, procedures, and documentation consistent with Federal and CMS security requirements.• Managing the program’s vulnerability assessment program, including vulnerability scanning, analysis, reporting, and coordination of remediation activities.• Leading the development of risk mitigation strategies and providing recommendations to address findings from scans, assessments, POA&Ms, and audits.• Preparing and supporting all security audits, reviews, and checkpoints, including CMS security assessments, FISMA reviews, and relevant ATO activities.• Ensuring security requirements are integrated into Agile development workflows, providing direct guidance to Scrum teams, architects, and developers.• Reviewing technical designs, user stories, and system enhancements for security impacts and compliance alignment.• Monitoring regulatory and CMS security updates to ensure program compliance remains current and accurate.• Collaborating with cross functional stakeholders including engineering, operations, compliance, and program leadership to ensure secure-by-design solution delivery.• Developing and delivering security awareness and compliance training tailored to the Program needs.• Maintaining accurate and up-to-date security documentation, dashboards, and metrics reporting for program leadership.
Qualifications

Basic Qualifications:

  • 5 years with BS/BA; 3 years with MS/MA
  • Demonstrated experience leading security analysis, compliance, and risk management activities for large-scale Federal programs.
  • Strong understanding of Federal information security standards and frameworks such as FISMA, NIST SP 80053, NIST RMF, and CMS ARS.
  • Hands-on experience conducting or managing vulnerability assessments, security scanning, POA&M lifecycle management, and risk mitigation planning.
  • Experience preparing for and supporting Federal security audits, assessments, and ATO activities.
  • Ability to review system designs, data flows, and architecture diagrams for security considerations and compliance alignment.
  • Experience working directly with Agile teams and integrating security requirements into Agile SDLC processes.
  • Excellent written and verbal communication skills, with the ability to communicate with both technical and nontechnical stakeholders.
  • US. Citizenship required.
  • Must have the ability to obtain and maintain a Public Trust clearance.
  • Must reside near or be able to work in alignment with the program’s hybrid work expectations.

Preferred Qualifications:

  • Experience supporting CMS programs, including familiarity with CMS ARS, ATO processes, and CMS governance expectations.
  • Relevant security certifications such as CISSP, CISM, Security+, CEH, or equivalent.
  • Experience with vulnerability management platforms, SIEM tools, and security automation technologies.
  • Prior experience in healthcare IT and knowledge of compliance requirements such as HIPAA.
  • Experience integrating or modernizing systems in environments with legacy system dependencies.
  • Experience supporting large-scale, multi-team modernization or transformation initiatives.
Target Salary Range$86,000 - $138,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

Similar Jobs

More Jobs at Peraton

More Healthcare Jobs

Find similar Information Assurance and Security, Lead Associate jobs: