Senior Security Systems Engineer (16742)
Amentum is seeking an experienced Senior Security Systems Engineer to join our team. Amentum is a trusted partner to U.S. federal government agencies, allied governments and corporations worldwide supporting critical programs of national significance across defense, security, intelligence, energy, and environment. Headquartered in Germantown, MD., we are more than 20,000 professionals in 48 states and 28 foreign countries and territories working together to ensure the success of our customers’ most vital missions. Responsibilities for this position include:
- Author DoD IA Assessment and Accreditation (A&A) artifacts.
- Document a system from IA perspective using Microsoft Office including MS Word, MS Excel, MS Visio and other appropriate tools.
- Derive, document and/ or identify system CONOPS for Mission Assurance Categorization per DoD I 8500.2.
- Lead the research, recommend and document logical and physical solutions that prevent, detect and correct the system to be certified and accredited.
- Research and apply DISA Security Technical Implementation Guides (STIGs) and NSA recommendations.
- Lead the identification of disagreements between as built specifications, security requirements and DoD security policies and design implementations to bring the system into compliance.
- Plan, Develop, execute and document results of security test procedures.
- Lead the analysis and testing of a designated US Naval warfare system against known vulnerabilities based upon security approaches and known hacker techniques and exploits.
- Lead and perform as Information Assurance Officer to be focal point for all security matters related to specific sets of information systems.
- Lead the preparation and execution and Information Assurance Vulnerability Management (IAVM) Plan.
- Lead the preparation and production of a System Security Administrator and Operators Manual (SSAOM).
- Lead obtaining Authorization To Operate (ATO) and resolve issues in the event a US Naval Warfare system is issued an Interim Authorization To Operate (IATO).
- Lead the technical support effort in identifying and specifying requirement and performing risk assessments.
- Bachelor’s degree from an accredited college or university in an engineering, scientific, business, or technical discipline.
- Seven (7) year of cybersecurity/Information Assurance/Risk Management Framework (RMF) experience.
- Must be a U.S. Citizen and have an active Top Secret security clearance and/or SCI Eligible.
- Must be a certified Navy Qualified Validator (NQV) Level II or Level III per DoD 8570.01, or a Fully Qualified Marine Corps Validator, or a successor below:
- SLBM – Seven (7) years of or for SLBM experience.
- All other Programs/WE is Five (5) years program specific experience.
- When performing as an Information Assurance Office (ISSO) or Information Systems Security (ISSE) Officer, an NQV Level II or Level III certification per DoD 8570.01, or successor, must be held and maintained. If perfoming as a Privileged User (Individuals who have access to system control, monitoring, or administration functions (e.g., system administrator, IAO/ISSO, system programmers, etc) a final adjudicated Single Scope Background Investigation (SBBI) with an IT level-1 designation in JPAS must be achieved and maintained.
- Must have 5 or years of engineering experience on Aegis, SSDS, or Zumwalt combat systems.
- Possess an in-depth understanding of computer security, military system specifications, DoD IA policies for both land based, afloat/tactical systems, or SSP CSSE, and the ability to communicate clearly and succinctly in written and oral presentations.
- For afloat/tactical systems support, the contractor shall have combat weapons systems knowledge.
- For SLBM the support shall also have prior experience using the SSP Validator handbook.
- Experience in executing all aspects of the Systems Engineering Technical Review (SETR) Process.
- Possess an in-depth understanding and experience in Risk Management Framework (RMF), Platform IT (PIT), and the implementation of Cyber Security and IA boundary defense techniques and various IA-enabled appliances. The appliances and applications are Firewalls, IDS, IPS, Switch/Routers, Cross Domain Solutions (CDS) and a Host Based Security Systems (HBSS).