Your Impact:

Are you interested in using your skills to help shape the Cyber, Security, & Intel space? If so, look no further. Amentum is seeking an Expert Security Engineer to join our team of passionate individuals in Springfield, VA. In this role you will support challenging, mission-critical projects that make a direct impact on the Nation’s security and intelligence mission.

Responsibilities:

• Bridge the gap between high-level security policies/requirements and technical/operational implementation of those requirements.

• Apply Risk Management Framework (RMF) security controls in accordance with regulatory policies into formal system test plans.

• Serve as the security subject matter expert (SME) and will manage the execution of systems security activities for multiple applications.

• Provide guidance to teams on the A&A Process to include: related security documentation such as systems concept of operations (ConOps), system security design, implementation plans, operational procedures, and maintenance training materials.

• Provide support to development teams for mitigation and management of Plan of action and Milestones (POA&Ms)

• Conducts assessments of existing IT architecture for compliance with security requirements in accordance with regulatory security frameworks (IAW NIST SP 800-53 Rev. 4)

• Provide engineering support and assistance to authorization/accreditation test and evaluation activities

• Conduct IT Disaster Recovery exercises and maintain all associated documentation

• Management of software in use and updates as required

• Evaluate proposed security architectures and designs and provide input as to the adequacy of those security designs to meet required security compliance objectives

• Conduct and review security scans

• Track and mitigate customer system vulnerabilities

• Participate in IAVA Testing and provide recommendations of baseline acceptance of system patches

• Ensure STIG compliance and mitigation

• Ensure and maintain integration compliance with enterprise services

• Provide continuous monitoring support for information systems

• Assist with running vulnerability scans on various applications and provide recommendations for compliance

• Ability to work closely with leadership, engineers, admins, and developers to efficiently work through the A&A process and Continuous Monitoring.

Requirements:

• Bachelor's degree plus 10 years experience, Associates degree plus 12 years experience, or a minimum of 14 years of experience, in a related field.

• Physical Requirements: Most work will be done at a desk or computer.

• Work Environment: General Office environment. The work environment is fast-paced and sometimes involves extreme deadline pressures. The nature of the work requires a high degree of teamwork and cooperation with other members of the staff as well as individuals across the Company and Customers.

• Equipment & Machines: General office equipment including PC/laptop, Fax, Copiers, Shredder, Printers, Telephone, and other miscellaneous office equipment.

• Attendance: Attendance is always critical. Must be able to work a 40-hour workweek, normally Monday through Friday. However, times and days may vary depending on business requirements. Needs to be available to work overtime during critical peaks and be available to meet last minute requests for overtime should the situation occur.

• Must be able to communicate effectively both verbally and in writing

• Grooming and dress must be appropriate for the position and must not impose a safety risk/hazard to the employee or others. Must put forward a professional behavior that enhances productivity and promotes teamwork and cooperation.

• Must be able to interface with individuals at all levels of the organization both verbally and in writing.

• Must be well-organized with the ability to coordinate and prioritize multiple tasks simultaneously.

• Must work well under pressure to meet deadline requirements.

• Must be willing to travel as needed.

• Must take and pass a drug test and background check as well as a motor vehicle records check.

• Must be a US citizen.

• XACTA 360 experience

• Certified Information Systems Security Professional (CISSP), CompTIA CASP, or other IAT II Certification

• Extensive experience with Security Framework regulations, to include: NIST 800-53 Rev4; ICD 503; CNSS 1253; RMF

• Extensive experience with Plan of Action Milestones (POA&Ms) and knowledge of appropriate corrective action for unacceptable risks

• Experience with a variety of systems (e.g. desktop, cloud, etc.)

• Knowledge of Enterprise Security Best Practices (IAW NIST 800-53 Rev4; ICD 503; CNSS 1253; RMF)

• Applicable software/ hardware/management training & certification (e.g.; specialties like Amazon Web Service architect/engineering, ServiceNow/Service+)

Clearance Required:

• Must have an active TS/SCI and be able to obtain and maintain a CI poly

#javelin #externalreferral