Security Engineer (16745)
Amentum is looking for an experienced Security Engineer to join our team. Amentum is a trusted partner to U.S. federal government agencies, allied governments and corporations worldwide supporting critical programs of national significance across defense, security, intelligence, energy, and environment. Headquartered in Germantown, MD., we are more than 20,000 professionals in 48 states and 28 foreign countries and territories working together to ensure the success of our customers’ most vital missions. Responsibilities for this position include:
1. Author DoD IA Assessment and Accreditation artifacts.
2. Document a system from an IA perspective using Microsoft Office including MS Word, MS Excel and MS Visio and other appropriate tools.
3. Derive, document and/or identify system CONOPS for Mission Assurance Categorization per DoDI 8500.2.
4. Research and recommend logical and physical solutions that prevent, detect and correct the system to be certified and accredited.
5. Apply DISA Security Technical Implementation Guides (STIGs) and NSA recommendations.
6. Identify disagreements between as built specifications, security requirements and DoD security policies and recommend approaches to bring the system into compliance.
7. Author and revise system requirements and specifications to meet DoD security policies.
8. Perform vulnerability tests as Red Team and Blue Team using manual techniques, Assured Compliance Assessment Solution (ACAS) and other similar and appropriate IA and security tools.
9. Plan, execute and document risk assessments against known vulnerabilities based upon security approaches and known hacker techniques and exploits.
10. Identify and perform security analysis of connectivity relationships between the subject US Naval warfare system and the equipment to which it interfaces, both physically and virtually.
11. Lead and perform as Information Assurance Officer to be focal point for all security matters related to specific sets of information systems.
12. Define an Information Assurance Vulnerability Management (IAVM) Plan.
13. Plan, execute and document results of security tests.
Bachelor’s degree from an accredited college or university in an engineering, scientific, business, or technical discipline and five (5) years of experience as well as:
- (a) 5 years’ experience in analyzing and securing DoD or Information Technology systems for compliance with specifications, requirements and policies.
1. At least six (6) Security Engineers shall have at least (2) of the five (5) years of engineering experience on Combat Weapons Systems experience in Aegis, SSDS, or Zumwalt combat systems.
- (b) Certified as IAT Level II or Level III per DoD 8570.01, or successor. When performing as an ISSO or ISSE, an NQV Level II certification per DoD 8570.01, or successor, must be held and maintained.
- (c) If performing as a Privileged User (Individuals who have access to system control, monitoring, or administration functions (e.g., system administrator, IAO/ISSO, system programmers, etc.)) a final adjudicated Single Scope Background Investigation (SSBI) with an IT level-1 designation in JPAS must be achieved and maintained.
- (d) At least two (2) Intermediate Navy Qualified Validator. (see Mandatory Requirement C.12.0)
- (e) Understanding of computer security, military system specifications, DoD IA policies for both Land Based and afloat/tactical systems, and the ability to communicate clearly and succinctly in written and oral presentations.
- (f) At least One (1) Security Engineer shall have Top Secret Clearance.