Your Impact\:
Are you interested in using your skills to help shape the Cyber, Security, & Intel space? If so, look no further. Amentum is seeking a Principal Information System Security Engineer to join our team of passionate individuals in Chantilly, VA. In this role you will support challenging, mission-critical projects that make a direct impact on the Nation’s security and intelligence mission.
We are seeking a highly skilled and experienced Principal Information System Security Engineer to join our team. The successful candidate will bring extensive knowledge and hands-on experience in cybersecurity engineering, risk management frameworks, and secure software development lifecycle management. This role involves leading and managing accreditation efforts, conducting risk assessments, and collaborating with cross-functional teams to ensure the highest standards of information security across our applications and systems.
Responsibilities\:
Oversee cybersecurity measures for applications within an agile software environment. Manage the assessment and authorization (A&A) efforts for accrediting and reaccrediting system authorizations. Performs vulnerability scanning to uncover any potential security concerns within the information systems. Utilize common control provider (CCP) knowledge to secure authorization for applications on new platforms. Work closely with stakeholders to ensure seamless decommissioning and accreditation of replacement systems with no downtime. Conduct technical exchange meetings (TEMs) and liaise with key departments to facilitate A&A efforts. Track and manage Plan of Action and Milestones (POAMs) across all systems, ensuring completion and recommending remediation steps. Conduct system self-scans to support initial, update, and reaccreditation efforts. Perform technical planning, system integration, verification and validation, and risk assessments. Create Basis of Estimate (BOE) documentation and other critical artifacts for system A&A efforts. Develop and document security evaluation test plans and procedures. Provide documentation and recommendations for security best practices and risk management framework (RMF) accreditation. Drive application security and secure software development lifecycles, including containerization security as per NIST SP 800190. Conduct hands-on security testing, analyze test results, and recommend countermeasures. Provide guidance on cloud computing services, deployment architecture, and network management tools. Review project requirements and assist in the development and tracking of project tasks and client deliverables. Communicate with clients on project specific activities and manage project related deliverables. Facilitate process working groups to analyze existing processes and create new business strategies. *Your Impact\:
Are you interested in using your skills to help shape the Cyber, Security, & Intel space? If so, look no further. Amentum is seeking a Principal Information System Security Engineer to join our team of passionate individuals in Chantilly, VA. In this role you will support challenging, mission-critical projects that make a direct impact on the Nation’s security and intelligence mission.
We are seeking a highly skilled and experienced Principal Information System Security Engineer to join our team. The successful candidate will bring extensive knowledge and hands-on experience in cybersecurity engineering, risk management frameworks, and secure software development lifecycle management. This role involves leading and managing accreditation efforts, conducting risk assessments, and collaborating with cross-functional teams to ensure the highest standards of information security across our applications and systems.
Responsibilities\:
Oversee cybersecurity measures for applications within an agile software environment. Manage the assessment and authorization (A&A) efforts for accrediting and reaccrediting system authorizations. Performs vulnerability scanning to uncover any potential security concerns within the information systems. Utilize common control provider (CCP) knowledge to secure authorization for applications on new platforms. Work closely with stakeholders to ensure seamless decommissioning and accreditation of replacement systems with no downtime. Conduct technical exchange meetings (TEMs) and liaise with key departments to facilitate A&A efforts. Track and manage Plan of Action and Milestones (POAMs) across all systems, ensuring completion and recommending remediation steps. Conduct system self-scans to support initial, update, and reaccreditation efforts. Perform technical planning, system integration, verification and validation, and risk assessments. Create Basis of Estimate (BOE) documentation and other critical artifacts for system A&A efforts. Develop and document security evaluation test plans and procedures. Provide documentation and recommendations for security best practices and risk management framework (RMF) accreditation. Drive application security and secure software development lifecycles, including containerization security as per NIST SP 800190. Conduct hands-on security testing, analyze test results, and recommend countermeasures. Provide guidance on cloud computing services, deployment architecture, and network management tools. Review project requirements and assist in the development and tracking of project tasks and client deliverables. Communicate with clients on project specific activities and manage project related deliverables. Facilitate process working groups to analyze existing processes and create new business strategies. *Requirements\:
Bachelor's Degree in Security and Intelligence, or a related field. Security CE, AWS Advanced Architect, and Splunk Fundamentals 1 and 2 certifications. Extensive experience in information system security engineering, risk assessment, and vulnerability management. Strong understanding of cloud computing services, secure software development lifecycles, and containerization security. Proficient in creating and maintaining security documentation and Standard Operating Procedures (SOPs). Demonstrated experience in leading technical exchange meetings, managing project deliverables, and ensuring compliance with security standards and policies.Clearance Required\:
TS/SCI w/ polyMinimum Education\:
B.S. in Mathematics and/or Security and Intelligence, or a related field.Minimum Years of Experience\:
8Preferred\:
Excellent technical writing and documentation skills Proven ability to collaborate with multidisciplinary teams#javelin
*Requirements\:
Bachelor's Degree in Security and Intelligence, or a related field. Security CE, AWS Advanced Architect, and Splunk Fundamentals 1 and 2 certifications. Extensive experience in information system security engineering, risk assessment, and vulnerability management. Strong understanding of cloud computing services, secure software development lifecycles, and containerization security. Proficient in creating and maintaining security documentation and Standard Operating Procedures (SOPs). Demonstrated experience in leading technical exchange meetings, managing project deliverables, and ensuring compliance with security standards and policies.Clearance Required\:
TS/SCI w/ polyMinimum Education\:
B.S. in Mathematics and/or Security and Intelligence, or a related field.Minimum Years of Experience\:
8Preferred\:
Excellent technical writing and documentation skills Proven ability to collaborate with multidisciplinary teams#javelin
*Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, religion, color, sex, gender, national origin, age, United States military veteran’s status, ancestry, sexual orientation, gender identity, marital status, family structure, medical condition including genetic characteristics or information, veteran status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. Learn more about your rights under Federal EEO laws and supplemental language at EEO including Disability/Protected Veterans and Labor Laws Posters.