IT Risk Specialist

Peraton is seeking a IT Risk Specialist to join our team of qualified, diverse individuals and risk identification, assessment, and mitigation strategies in a dynamic IT environment. . The ideal candidate will support the Department of Homeland Security (DHS). The ideal candidate will have a strong background in IT governance, cybersecurity, compliance, and enterprise risk management, ensuring that IT operations align with business objectives while minimizing risks.

Day to Day Responsibilities:

Risk Assessment & Mitigation: Identify, evaluate, and mitigate IT and cybersecurity risks across infrastructure, applications, and business processes.
• Governance & Compliance: Ensure adherence to industry standards and regulatory frameworks (e.g., NIST, ISO 27001, COBIT, SOC 2, GDPR, HIPAA).
• Security & Threat Management: Collaborate with cybersecurity teams to assess vulnerabilities, manage incident response plans, and enhance threat detection mechanisms.
• Policy & Framework Development: Design and implement IT risk management policies, controls, and frameworks to safeguard digital assets.
• Business Continuity & Disaster Recovery: Oversee IT risk-related aspects of BCP/DR planning and testing.
• Vendor & Third-Party Risk Management: Assess and monitor risks associated with third-party vendors, cloud services, and IT outsourcing partners.
• IT Audit & Compliance Reviews: Support internal and external audits, ensuring IT systems and processes meet compliance requirements.
• Incident & Root Cause Analysis: Lead post-incident reviews, analyze root causes, and implement corrective actions to prevent future occurrences.
• Stakeholder Communication: Work closely with IT leadership, security teams, and business units to ensure risk transparency and alignment with corporate objectives.
• Training & Awareness: Conduct risk awareness training and promote a strong IT risk management culture.

#TSAIMPACT

Basic Qualifications:

• Bachelors degree and 0 years of experience or a High School diploma and 4 years of experience.

• Must be a U.S. Citizen with the ability to obtain a public trust clearance.

• Experience in IT risk management, cybersecurity, or IT governance.
• Strong understanding of IT infrastructure, cloud computing (AWS, Azure), and cybersecurity principles.
• Hands-on experience with risk assessment methodologies (ISO 31000, FAIR, OCTAVE, etc.).
• Knowledge of regulatory compliance frameworks (e.g., NIST 800-53, ISO 27001, PCI DSS, GDPR, HIPAA, SOX).
• Familiarity with security tools and technologies (SIEM, IDS/IPS, vulnerability scanners, firewalls, endpoint protection).
• Experience with GRC (Governance, Risk, and Compliance) tools such as Archer, ServiceNow GRC, or MetricStream.
• Strong analytical, problem-solving, and decision-making skills.
• Excellent communication and stakeholder management abilities.

Preferred Certifications:

• Certified Information Systems Auditor (CISA)
• Certified Information Systems Security Professional (CISSP)
• Certified in Risk and Information Systems Control (CRISC)
• Certified Information Security Manager (CISM)
• ITIL Foundation certification (preferred), must obtain within 30 days of job acceptance

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.