Information System Security Engineer - Senior

Information System Security Engineer - Senior - (CIS0003IA) 

Your Impact:

 

As a Top Secret Information Systems Security Engineer (ISSE) for this program, you will be working in an organization that’s mission is to develop and operate the best possible software for critical national security enterprise applications. This organization leverages SCRUM and SAFE Agile software development methodology and strong Dev Ops practices. 

You will be responsible for the secure design, analysis, and test of information security systems and products. You will ensure technical documentation exists for all systems and is kept up to date to include system security plans, business impact analyses, continuity of operations plans, mitigations, authorized software lists, authorized hardware lists, and elevated user access list and roles. You will create and update security test plans for detecting and mitigating risk to information systems. engineer and perform tests and test plans to satisfy audits. You will evaluate, validate and implement solutions for mitigating information systems findings or risks. You will apply methods, standards and approaches for ensuring the baseline security safeguards are appropriately implemented and documented. You will advise on a range of security related activities such as establishing system boundaries, assessing the severity of system weaknesses and deficiencies, security alerts and potential adverse effects of vulnerabilities.

Responsibilities:

Responsible for the secure design, analysis, and test of information security systems and products. Ensure technical documentation exists for all systems and is kept up to date to include system security plans, business impact analyses, continuity of operations plans, mitigations, authorized software lists, authorized hardware lists, and elevated user access list and roles. Create and update security test plans for detecting and mitigating risk to information systems. engineer and perform tests and test plans to satisfy audits. Evaluate, validate and implement solutions for mitigating information systems findings or risks. Apply methods, standards and approaches for ensuring the baseline security safeguards are appropriately implemented and documented. Advise on a range of security related activities such as establishing system boundaries, assessing the severity of system weaknesses and deficiencies, security alerts and potential adverse effects of vulnerabilities.

Possesses and applies a comprehensive knowledge across key tasks and high impact assignments. Plans and leads major technology assignments. Evaluates performance results and recommends major changes affecting short-term project growth and success. Functions as a technical expert across multiple project assignments. May supervise others. Minimum of 8 years’ experience recommended. In absence of years of experience, certifications or past work may be used to show the level of experience needed to perform at this level.

 A typical day in the life on this program involves:
•  Serve as the principal advisor to provide expert knowledge of system functions, security policies, technical safeguards and operational security measures to include products and systems implemented on a Cloud infrastructure
•  Design, analyze, and test information security systems, products, cloud architectures and cloud solutions
•  Develop, implement and evaluate security controls, measure, and frameworks in cloud-based systems to ensure data integrity, confidentiality and availability 
•  Draft and keep updated security documentation and reporting 
•  Comply with all applicable security protocols 

 

Here's What You'll Need:

 

Requirements:
•    Active Top Secret clearance with SCI eligibility
•    Minimum of 4 years of related experience
•    Hold one of the following security certifications or equivalent: Security +, CGRC, CASP, CISSP 
•    Education: Associate's Degree 
o    In absence of degree, additional years of experience may be substituted for educational requirements 

Clearance Required: Top Secret with SCI eligibility

Minimum Education: 
Associate's Degree

In absence of degree, additional years of experience may be substituted for educational requirements

Minimum Years of Experience: 
Minimum of 4 years of related experience
Hold one of the following security certifications or equivalent: Security +, CGRC, CASP, CISSP

Preferred: 
• Be familiar with NIST 800-53 Rev. 5
• AWS/Azure
• JIRA/CONFLUENCE
• Agile Methodologies
• Expertise on Information Security Principles, processes and guidelines
• Able to obtain and maintain an Authority To Operate (ATO) for Information Systems.
• Analyze logs using Splunk and AWS tools
• Scanning tools such as Tenable Nessus
• Able to work on multiple projects with various timelines, at times very short deadlines.
• Certification in one or more of the following: CompTIA Network+, CPT: Certified Penetration Tester, CEPT: Certified Expert Penetration Tester, CREA: Certified Reverse Engineering Analyst, CEH: Certified Ethical Hacker, CWAPT: Certified Web Application Penetration Tester

#javelin

 Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, religion, color, sex, gender, national origin, age, United States military veteran’s status, ancestry, sexual orientation, gender identity, marital status, family structure, medical condition including genetic characteristics or information, veteran status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. Learn more about your rights under Federal EEO laws and supplemental language at EEO including Disability/Protected Veterans  and Labor Laws Posters. 

Primary Location

: United States-District of Columbia-Washington-20364-WDC2

Job Posting

: Mar 19, 2025, 10:27:15 PM

Job

: Information Technology

Organization

: CMS

Job Type

: ExperiencedJob Classification: Fulltime-Regular

Work Locations

: 20364-WDC2 .  Washington 20016Capabilities: Intelligence