Job Description

Program Overview

About The Role

The Chief Information Security Officer (CISO) for the FAA BNATC contract provides strategic leadership and direction for all cybersecurity, compliance, and risk activities supporting FAA mission systems and enterprise services. This role oversees the development, implementation, and continuous improvement of information security policies, vulnerability management processes, and GRC functions to ensure alignment with FAA, DOT, NIST, and federal cybersecurity mandates.

The CISO serves as the primary cybersecurity advisor to program leadership, ensuring secure operations for critical systems supporting the National Airspace System (NAS) and related FAA infrastructure.

Key Responsibilities:

Strategic Leadership & Program Oversight

• Lead cybersecurity strategy, governance, and risk management across the FAA BNATC program.
• Serve as principal advisor to FAA leadership regarding cybersecurity posture, threats, and compliance requirements.
• Develop and maintain the program’s Information Security Management Framework in alignment with FAA AMS, FAA Order 1370.121, NIST RMF, and DOT security directives.

Vulnerability & Threat Management

• Direct the Vulnerability Management Program, including scanning, assessment, prioritization, reporting, and remediation tracking.
• Ensure timely remediation of vulnerabilities in accordance with FAA Service Level Agreements (SLAs) and federal guidance (e.g., BOD 22-01).
• Oversee penetration testing, continuous monitoring initiatives, and threat modeling activities.
• Coordinate rapid response to emergent threats, zero-days, and security incidents.

Governance, Risk & Compliance (GRC)

• Establish, maintain, and enforce cybersecurity policies, standards, and procedures tailored to FAA environments.
• Manage risk assessments, POA&M activities, security control implementation, and monitoring in compliance with NIST SP 800-53 and FAA ISSO guidance.
• Ensure full lifecycle support for ATO packages and security authorizations.
• Lead audits, internal assessments, and compliance reviews, including FAA ISCP, FISMA reporting, and continuous monitoring deliverables.

Security Architecture & Engineering Oversight

• Provide guidance on secure system design, change management, and architecture decisions within the NAS and mission-support environments.
• Ensure all new systems, upgrades, and cloud/on-premise deployments meet FAA cybersecurity requirements.

Stakeholder Engagement & Reporting

• Interface with FAA security offices, program managers, contractors, and engineering teams to ensure alignment on cybersecurity priorities.
• Produce executive-level reports, risk dashboards, and briefings for FAA stakeholders.
• Represent cybersecurity interests during technical reviews, governance boards, and acquisition processes.

Team Leadership

• Lead, mentor, and develop security analysts, ISSOs, vulnerability engineers, and GRC specialists.
• Foster a culture of continuous improvement, transparency, and compliance across the BNATC team.

Qualifications

Required Qualifications

• Bachelor’s degree in Cybersecurity, Information Systems, Engineering, or related field (Master’s preferred).
• 16+ years of cybersecurity leadership experience, including management of GRC and vulnerability programs.
• Deep knowledge of FAA and federal cybersecurity frameworks, including:
• NIST RMF / NIST SP 800-53
• FAA AMS Security & Privacy guidance
• FISMA / OMB A-130
• DOT cybersecurity policies
• Experience managing large-scale cybersecurity programs supporting federal agencies.
• Strong understanding of cloud security, enterprise networks, and mission-critical systems.
• Exceptional communication and executive briefings skills.
• US Citizenship.
• Must have the ability to obtain / maintain a Public Trust clearance.

Preferred Qualifications

• CISSP, CISM, or CISA
• CRISC, CGRC (formerly CAP), or similar GRC certifications
• PMP or program management certification
• FAA background or aviation/critical infrastructure cyber experience highly desirable

SCA / Union / Intern Rate or Range

Details

Target Salary Range: $190,000 - $304,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

Benefits Statement: Peraton offers eligible employees a variety of benefits including medical, dental, vision, life, health savings account, short/long term disability, EAP, parental leave, 401(k), paid time off (PTO) for vacation, and company paid holidays. A full listing of available benefits can be viewed at

Application Duration Statement: The application period for the job is estimated to be 30 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates. 

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.

Job Tags

Similar Jobs