Amentum
ExpertSecurityEngineer
Neural analysis suggests this role is
optimal for Mid+ candidates.
“Expert Security Engineer at Amentum. Skills: Security Subject Matter Expert, Risk Management Framework, Assessment & Authorization, NIST SP 800-53. Bridge gap between security policies and technical implementation. Apply RMF security controls into test plans”
What You'll Achieve.
Ensure system designs meet security objectives; Safeguard mission-critical systems; Reduce organizational risk; Ensure resilience of enterprise capabilities; Securely deliver operations; Protect integrity and availability of technological infrastructure; Meet required security compliance objectives
Industry & Context.
Mitigating vulnerabilities; Mitigation and management of Plan of action and Milestones (POA&Ms); Mitigate customer system vulnerabilities; Recommendations for compliance
TS/SCI w/Poly, Drug-free workplace, Comply with company drug and alcohol policies, Successful completion of drug screening process, Pre-hire screening for marijuana, Compliance with federal controlled substances policies, Safety culture, Complete all training requirements, Fulfill self-aid/buddy aid responsibilities, Participating in emergency response tasks, Serving on safety committees and teams, Conform to Amentum Quality Policy, Carry out job activities in compliance with Amentum Quality System documents, Read and understand Quality Management and Customer Satisfaction responsibilities, Read, understand and implement operational, safety, quality and environmental requirements, Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status
What They're Looking For.
Must Have
Bridge the gap between high-level security policies/requirements and technical/operational implementation of those requirements, Apply Risk Management Framework (RMF) security controls in accordance with regulatory policies, Serve as the security subject matter expert (SME) and will manage the execution of systems security activities for multiple applications, Provide guidance to teams on the A&A Process to include: related security documentation such as systems concept of operations, system security design, implementation plans, operational procedures, and maintenance training System Security Plan (SSP); System Test Plan, Provide support to development teams for mitigation and management of Plan of action and Milestones (POA&Ms), Conducts assessments of existing IT architecture for compliance with security requirements in accordance with regulatory security frameworks (IAW NIST SP 800-53 Rev. 4), Provide engineering support and assistance to authorization/accreditation test and evaluation activities, Evaluate proposed security architectures and designs and provide input as to the adequacy of those security designs to meet required security compliance objectives, Conduct and review security scans, Track and mitigate customer system vulnerabilities, Participate in IAVA Testing and provide recommendations of baseline acceptance of system patches, Ensure STIG compliance and mitigation, Provide continuous monitoring support for information systems, Assist with running vulnerability scans on various applications and provide recommendations for compliance
Nice to Have
XACTA 360 experience, Certified Information Systems Security Professional (CISSP), CompTIA CASP, other IAT II Certification, Extensive experience with Security Framework regulations, to include: NIST 800-53 Rev4; ICD 503; CNSS 1253; RMF, Extensive experience with Plan of Action Milestones (POA&Ms) and knowledge of appropriate corrective action for unacceptable risks, Experience with a variety of systems (e. g. desktop, cloud, etc. ), Knowledge of Enterprise Security Best Practices (IAW NIST 800-53 Rev4; ICD 503; CNSS 1253; RMF), Applicable software/ hardware/management training & certification (e. g. ; specialties like Amazon Web Service architect/engineering, ServiceNow/Service+)
What You'll Do.
Bridge gap between security policies and technical implementation
Apply RMF security controls into test plans
Manage systems security activities for applications
Provide guidance on A&A Process
Support development teams for POA&Ms mitigation
Assess IT architecture for security compliance
Provide engineering support for accreditation activities
Evaluate security architectures and designs
Conduct and review security scans
Track and mitigate system vulnerabilities
Participate in IAVA Testing
Ensure STIG compliance
Ensure integration compliance
Provide continuous monitoring support
Assist with vulnerability scans
Work closely with leadership
Conduct IT Disaster Recovery exercises
Maintain disaster recovery documentation
Management of software and updates
How You'll Work.
Team & Collaboration
Guiding development teams; Provide guidance to teams; Provide support to development teams; Work closely with leadership, engineers, admins, and developers
Full Job Description
**Purpose and Impact:** As the Security Subject Matter Expert, you will serve as the critical bridge between high-level security policies and their technical implementation, driving the Risk Management Framework (RMF) and Assessment & Authorization (A&A) lifecycle across multiple applications. Your primary purpose is to ensure that system designs inherently meet rigorous security objectives by evaluating IT architectures, guiding development teams, and enforcing compliance with NIST SP 800-53 and enterprise standards from concept to deployment. In this role, your work directly safeguards mission-critical systems and reduces organizational risk. By proactively identifying, tracking, and mitigating vulnerabilities through continuous monitoring, STIG enforcement, and POA&M management, you ensure the resilience of enterprise capabilities. Your leadership in disaster recovery planning and IAVA compliance empowers engineers and developers to securely deliver operations, ultimately protecting the integrity and availability of our technological infrastructure. **Work Schedule:** Work hours are 9am – 5pm, Monday thru Friday. **Essential Responsibilities:** * Bridge the gap between high-level security policies/requirements and technical/operational implementation of those requirements. * Apply Risk Management Framework (RMF) security controls in accordance with regulatory policies into formal system test plans. * Serve as the security subject matter expert (SME) and will manage the execution of systems security activities for multiple applications. * Provide guidance to teams on the A&A Process to include: related security documentation such as systems concept of operations (ConOps), system security design, implementation plans, operational procedures, and maintenance training materials. * Provide support to development teams for mitigation and management of Plan of action and Milestones (POA&Ms) * Conducts assessments of existing IT architecture for compliance with security
Applying for this Expert Security Engineer role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about Amentum?
Real rants from real employees. Read before you apply.