Senior Cybersecurity Engineer - Vulnerability Management

Amentum seeks a Senior Cybersecurity Engineer (Vulnerability Management).

Amentum is a global leader in advanced engineering and innovative technology solutions, trusted by the United States and its allies to address their most significant and complex challenges in science, security and sustainability. Headquartered in Virginia, we have more than 53,000 employees in approximately 80 countries across all 7 continents.

Amentum is seeking a Senior Cybersecurity Engineer with a focus on Vulnerability Management. This is a remote-telework hands-on role, responsible for ensuring Amentum assets are protected from cyber threats. This role provides technical expertise in multiple areas of cybersecurity to include Cloud Security, Endpoint Security and Incident Response.

Responsibilities:

• Cover all aspects of Vulnerability Management, including tooling, processes, reporting and policies for all assets of the company (endpoints, servers, networks, cloud, …).
• Participate in the design and execution of quarterly Penetration Tests.
• Stay up-to-date on current and emerging threats, work pro-actively with affected product owners.
• Analyze and prioritize existing vulnerabilities and baseline violations.
• Closely track remediation and adherence to the related service-level-agreement (SLA).
• Closely work with product and service owners do define compensating controls.
• Manage vulnerability scanning of web-based applications, including remediation tracking with system owners.
• Ensure proper management of End-of-Life assets.
• Participate in 2nd-level Security Operations Center (SOC) activities, e.g. respond to critical security incidents escalated by a MSSP.
• Design and improve security controls protecting our users, information systems, enterprise applications and data.
• Analyze, troubleshoot and investigate security-related IT system anomalies based on platform reporting, network traffic, log files and automated security alerts.
• Optimize processes/tooling and automate recurring tasks.
• Provide security oversight and coordination for changes to the IT landscape.
• Provide off-hours support on an infrequent, but as needed basis.
• Maintain and update relevant system and process documentation.
• Cover other assignments as needed.

Knowledge, Skills, & Abilities:

• Familiarity with Attack Surface Reduction strategies for common entry points.
• Good understanding of Penetration Tests.
• Solid understanding of system and network security technologies and related concepts, e.g. boundary protection, network segmentation, firewalls, endpoint security, threat hunting, data protection.
• Effective time management and communication skills.
• Self-starter with desire for professional excellence, able to work with minimal supervision.
• Excellent communication skills, able to prioritize and adapt to dynamic changes in the environment.

Minimum Qualifications:

• Must be a U.S. Citizen.
• Bachelor’s degree in Computer Science, Information Systems, Cybersecurity or related field plus 5 years of relevant experience; 3 years with a Master’s degree.
• Solid experience in Vulnerability Management.
• Experience with zero-day vulnerability management lifecycle and reporting.
• Experience in Cybersecurity related incident management.
• Current Security+ or similar industry certification.
• Solid Microsoft Azure experience.
• 100% remote-telework from anywhere within the US.
• Ability to travel up to 10%.

Desired qualifications and experience:

• Experience with Tenable/Nessus/Rapid7 is preferred.
• Good understanding in related policies and regulations, e.g. NIST, ISO 27001 is desired.
• Azure GCC-H exposure is a plus.

Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, sex, sexual orientation, pregnancy (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, ancestry, United States military or veteran status, color, religion, creed,  marital or domestic partner status, medical condition, genetic information, national origin, citizenship status, low-income status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. Learn more about your rights under Federal laws and supplemental language at Labor Laws Posters.