Amentum is seeking a **Systems Engineer III** to support the National Geospatial-Intelligence Agency (NGA) and Office of Security (SIS) in Springfield, VA. **Duties May Include:** + Develop, update, and or review Risk Management Framework (RMF) documentation to include (Security Plans, Implementation Plans, Plans of Action and Milestones (POA&Ms), and Risk Assessment Reports. + Assess system compliance against National Institute Standards and Technology (NIST), Department of Defense (DOD), and NGA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRG). + Produce evidence as necessary to compliance status of NIST, DOD and National Geospatial Agency (NGA) security requirements as necessary to meet government requirements. + Work with system administrators, engineers, and developers to create or update system/site policies, procedures, and process guides. + Coordinate with other SME’s, internal, and external customers to identify and develop authorization boundary diagrams, architecture diagrams, and hardware and software inventories. + Analyze vulnerability scans of information systems and assist in remediation tasks. + Conduct risk and vulnerability assessment of information systems to identify vulnerabilities, risks, and protection needs. + Facilitate or participate in meetings with stakeholders to discuss statuses and efforts of SIS systems and report to government on findings. + Prepare and submit bi-weekly reports to team leads and government engineering team regarding system/program status. + Serve as a Subject Matter Expert (SME) on one or more technologies/skills related to Assessment & Authorization (A&A) activities. + Actively facilitate and participate in regular A&A status meetings with government and task order personnel to facilitate progress and address potential issues of RMF system efforts. + Participate in sessions aimed and identifying, planning, and executing strategies in response to emerging cybersecurity RMF policies. + Maintain industry awareness and knowledge of evolving security and risk management standards to include DOD, and NGA policies, procedures and regulations and communicate and apply relevant changes to existing processes. + Ensure proper use of remote access connectivity from NGA to Background Investigations systems approved by NGA’s CIO-T office, and maintained in accordance with NGA’s policy and procedures. + Ensure File Transfer Protocol (FTP) connections from NGA to the Background Investigation system meets NGA and NIST requirements. + Ensure site to site Virtual Private Network (VPN) tunnels are established based on NGA and DOD requirements. + Ensure NGA approved documentation of all interconnections with systems in the SIS footprint connected to NGA infrastructures. + Conduct audits on computer systems to detect, prevent, and record computer use and abnormalities, Report to Information System Security Officer (ISSO) or Information System Security Manager (ISSM) any attempts by non-authorized users to access SIS systems and provide monthly logs to NGA + Ensure data is being protected in accordance with NGA and DOD policies, standards, regulations, and procedures for the SIS specified systems. + Coordinate the use of multiple security countermeasures to protect the integrity of the information assets in SIS systems enterprise i.e. firewalls, access control, auditing etc. In accordance with accreditation standards using NIST’s Intelligence Community Directive (ICD) 503. + Develop, update, ensure security policy and procedures follow the accreditation standards using the NIST’S ICD 503, Risk Management Framework (RMF), and categorizing methods. + Ensure the protection of the security system through implementation of security controls that protect against malicious behavior to include intrusion, tampering and virus detection. + Ensure documentation of specific equipment restrictions, to include documentation on all interconnections required for all SIS systems. + Ensure no personal computers, peripherals or other agencies computers, not authorized by NGA CIOT, will be used across interconnection or on NGA Networks. **Required:** + TS/SCI clearance and must be willing to undergo a polygraph exam. + Bachelor’s Degree or equivalent experience in a related field to security engineering. + Minimum of 3-6 years of experience. + Experience in assessing systems using NIST 800-53 and DISA STIGs and SRG. + DOD 8070/8140 Compliant, CompTIA Security+ certified. + Efficient with RMF Package development, including POAM (mitigation statements) Security plans, Risk assessment system/site policies, procedures and processes, architecture. + Windows Operating systems. + AWS Services. **Desired:** + Testing Security Test Cases for NIST 800-53 Security Controls + Nessus & DISA STIG Remediation + Troubleshooting system issues + Linux Operating systems Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, sex, sexual orientation, pregnancy (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, ancestry, United States military or veteran status, color, religion, creed, marital or domestic partner status, medical condition, genetic information, national origin, citizenship status, low-income status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. Learn more about your rights under Federal laws and supplemental language at Labor Laws Posters (https://postings.govdocs.com/#/vxSkbztPuAwwxfs) .