Cybersecurity Engineer IV, Vulnerability Management

Amentum is a global leader in advanced engineering and innovative technology solutions, trusted by the United States and its allies to address their most significant and complex challenges in science, security and sustainability. Headquartered in Northern Virginia, we have more than 53,000 employees in approximately 80 countries across all 7 continents.

Amentum is seeking a Cybersecurity Engineer IV with a focus on Vulnerability Management. This is a fully remote and hands-on role, responsible for ensuring Amentum assets are protected from cyber threats. This role provides technical expertise in multiple areas of cybersecurity to include Cloud Security, Endpoint Security and Incident Response. Must be a US Citizen to apply. You may work remote-telework from anywhere within the USA.

Responsibilities:

• Review, design, implement and support all aspects of Vulnerability Management, including tooling, processes, reporting and policies for all assets of the company (endpoints, servers, networks, cloud, …), in close collaboration with IT and Projects.
• Participate in the design and execution of quarterly Penetration Tests.
• Stay up to date on current and emerging threats, work proactively with affected product owners.
• Analyze and prioritize existing vulnerabilities and baseline violations.
• Closely track remediation and adherence to the related service-level agreement (SLA).
• Work with IT do define potential compensating controls.
• Manage vulnerability scanning of web-based applications.
• Ensure proper management of End-of-Life assets.
• Participate in 2nd-level Security Operations Center (SOC) activities, e.g. respond to critical security incidents escalated by a MSSP.
• Design and improve security controls protecting our users, information systems, enterprise applications and data.
• Analyze, troubleshoot and investigate security-related IT system anomalies based on platform reporting, network traffic, log files and automated security alerts.
• Optimize processes/tooling and automate recurring tasks.
• Provide security oversight and coordination for changes to the IT landscape.
• Provide off-hours support on an infrequent, but as needed basis.
• Maintain and update relevant system and process documentation.

Knowledge, Skills, and Abilities: 

• Familiarity with Attack Surface Reduction strategy for areas of exposure and entry points.
• Good understanding of Penetration Tests.
• Solid understanding of system and network security technologies and related concepts, e.g. boundary protection, network segmentation, firewalls, endpoint security, threat hunting, data protection.
• Effective time management and communication skills.
• Self-starter with desire for professional excellence; able to work with minimal supervision.
• Excellent communication skills, able to prioritize and adapt to dynamic changes in the environment.

Minimum requirements:

• Must be a U.S. Citizen
• Must live in the USA
• Bachelor’s degree in Computer Science, Information Systems or related field plus 8 years of relevant experience; 5 years with a Master’s Degree
• Current CISSP or similar industry certification
• Solid experience in Vulnerability Management
• Experience with zero-day vulnerability management lifecycle and reporting
• Solid Microsoft Azure experience, including M365
• Ability to travel up to 10%

Desired qualifications and experience:

• Experience with Tenable/Nessus
• Good understanding in related policies and regulations, e.g. NIST, ISO 27001
• Azure GCC-H exposure

Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, religion, color, sex, gender, national origin, age, United States military veteran’s status, ancestry, sexual orientation, gender identity, marital status, family structure, medical condition including genetic characteristics or information, veteran status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. Learn more about your rights under Federal EEO laws and supplemental language at EEO including Disability/Protected Veterans and Labor Laws Posters.