​This is a full-time, 100% Remote role at Peraton supporting the NOAA AWIPS (Advanced Weather Interactive Processing System) program. AWIPS is a critical national infrastructure platform used by the National Weather Service to process weather data and issue life-saving warnings. The role is heavily focused on the Risk Management Framework (RMF) and securing the software development lifecycle within an Agile/SAFe environment.

• ​Location: 100% Remote.
• ​Clearance: Ability to obtain/maintain a Public Trust.
• ​Experience Required: 8+ years with a BS; 6+ years with an MS; or 3+ years with a PhD (4 years of experience can sub for a degree).
• ​Focus: Gaining and maintaining Authorizations to Operate (ATO), DevSecOps strategy, and continuous monitoring.
• ​Frameworks: Strong knowledge of NIST 800-37 (RMF) and NIST 800-53 security controls.

​What You’ll Do: Accreditation and Mission Readiness

​You will work at the intersection of systems engineering and federal compliance, ensuring the AWIPS platform remains resilient against evolving threats.

• ​RMF Implementation: Drive the full Risk Management Framework (RMF) lifecycle to gain and maintain system ATOs.
• ​Agile/SAFe Backlog: Work with the Cyber Lead to populate the Agile backlog with technical security tasks and DevSecOps strategies.
• ​Security Documentation: Develop and maintain critical artifacts including POA&Ms (Plan of Action and Milestones), SECONOPS (Security Concepts of Operations), and Standard Operating Procedures (SOPs).
• ​Defense-in-Depth: Conduct security activities using established TTPs (Tactics, Techniques, and Procedures) to secure the platform as it is built.
• ​Stakeholder Collaboration: Liaise with multiple Approving Organizations (AO), software architects, and data scientists to establish enterprise-wide security postures.

​Required Technical Qualifications

​Peraton is looking for a “mission capability integrator” who understands how to bake security into complex, large-scale federal systems.

• ​ATO Lifecycle: Proven experience in the software development lifecycle (SDLC) specifically regarding gaining and maintaining ATOs.
• ​Compliance Mastery: Expert knowledge of NIST processes and the application of security controls.
• ​Operational Security: Experience in Security Incident and Event Management (SIEM) and incident response.
• ​Artifact Management: Hands-on experience creating the technical documentation required for federal audits and authorizations.

​Preferred Qualifications

• ​Certifications: Security+, CISSP, or similar industry-standard credentials.
• ​Active Status: An active/current Public Trust is a significant advantage.

​Why This Role is Unique

​This isn’t a typical “corporate” security job; you are protecting the system that enables weather forecasters to protect lives and property across the U.S. It requires a blend of compliance architecture and DevSecOps mindset. You will be working on a “mission of consequence” where system reliability is directly tied to national readiness.