AWS Security Engineer (Incident Response)

Peraton is seeking an Incident Response Engineer to join our dynamic Security Team within the Department of Homeland Security (DHS) Datacenter Consolidation and Cloud Optimization (DCCO) program. This role supports our Security Team's efforts by leading incident response and cybersecurity operational compliance. The Incident Response Engineer will ensure our systems remain secure, compliant, and resilient, actively contributing to our Governance, Risk, and Compliance (GRC) initiatives. This role is entirely telework based with core hours between 9 am- 3 pm (EST) Monday - Friday; applicant must reside and perform all work within the United States.

Day to Day Responsibilities:

• Lead and coordinate the response to cybersecurity alerts and incidents, ensuring rapid Detection and Analysis; Containment, Eradication, and Recovery; and Post- Incident Activity Recommendations.

• Develop, implement, and maintain Incident Response Plans in line with organizational policies and NIST guidelines.

• Conduct forensic analysis and post-incident investigations to identify root causes and recommend improvements.

• Proactive Security Operations:

• Analyze system vulnerabilities, propose compensating controls, and work with engineering teams to remediate issues.

• Oversee the security posture of cloud environments (AWS) and recommend improvements.

• Maintain and update security documentation such as System Security Plans, Incident Response Plans, and Standard Operating Procedures.

• Develop and conduct security training for incident response and contingency planning.

• Collaboration and Communication:

• Work closely with the Cybersecurity Manager, ISSOs, and other security personnel to ensure the effective implementation of operational security measures.

• Collaborate with engineering and IT teams to address security incidents and develop proactive strategies.

• Communicate risks and remediation activities effectively to clients and senior management.

• Tool and Process Development:

• Create and maintain security tools, checklists, and templates to aid A&A and incident response processes. I.E. Splunk, Cloud Trail, Guard duty, Swim Lane, etc.

• Leverage tools such as Cyber Security Assessment and Management (CSAM) to manage risk and monitor compliance.

Basic Qualifications:

• High school diploma and 6 years of experience
• U.S. citizenship and the ability to obtain/maintain a DHS EOD clearance (required prior to start).
• 5 years of relevant experience in Information Technology
• Demonstrated experience with incident response, forensics, and root cause analysis.
• Knowledge of security countermeasures, NIST guidelines, and RMF.
• Experience with cloud security, including FedRAMP and AWS
• Strong communication skills with a history of engaging stakeholders to deliver security solutions.
• Ability to influence security practices across multiple teams and organizations.

Some Desired Certifications:

• One or more of the following: GCIH, CISSP, CISM, AWS Security Professional, CCSP, GISCP, or GSEC.

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.