Senior Cybersecurity Engineer

Amentum seeks a Senior Cybersecurity Engineer (Incident Response).

Amentum is a global leader in advanced engineering and innovative technology solutions, trusted by the United States and its allies to address their most significant and complex challenges in science, security and sustainability. Headquartered in Virginia, we have more than 53,000 employees in approximately 80 countries across all 7 continents.

Amentum is seeking a Senior Cybersecurity Engineer with focus on Incident Management. This is a remote-telework hands-on role, responsible for ensuring Amentum assets are protected from cyber threats. This role provides technical expertise in multiple areas of cybersecurity to include Cloud Security and Endpoint Security. US Citizenship is required.

Responsibilities:

• Work closely with our MSSP to monitor and improve Incident Response services.

• Design, develop and implement security controls to protect information systems, enterprise applications and data.

• Participate in 2nd-level Security Operations Center (SOC) activities, e.g. respond to critical security incidents escalated by a MSSP.

• Analyze, troubleshoot and investigate security-related IT system anomalies based on platform reporting, network traffic, log files and automated security alerts.

• Optimize processes/tooling and automate recurring tasks.

• Provide security oversight and coordination for changes to the IT landscape.

• Provide off-hours support on an infrequent, but as needed basis.

• Maintain and update relevant system and process documentation.

• Cover other assignments as needed.

Knowledge, Skills and Abilities:

• Effective time management and communication skills.

• Self-starter with desire for professional excellence, able to work with minimal supervision.

• Excellent communication skills, able to prioritize and adapt to dynamic changes in the environment.

• Ability to travel up to 10%.

Basic Qualifications:

• Must be a U.S. Citizen.

• 100% Remote-telework role.

• Bachelor’s degree in Computer Science, Information Systems or related field.

• Typically, five (5) years of relevant experience; three (3) years with a Master’s degree.

• Experience in Incident Management and Breach Investigations.

• Experience creating playbooks and detection automations.

• Experience in Threat Intelligence/Hunting using KQL.

• Experience in SIEM Management.

• Current Security+ or similar industry certification.

• Solid Microsoft Azure experience, including M365.

• Solid understanding of system and network security technologies and related concepts, e.g. boundary protection, network segmentation, firewalls, endpoint security, threat hunting and data protection.

Additional desired qualifications and experience:

• Exposure to Microsoft Sentinel is desired.

• Experience with NIST based controls or similar standards is desired.

• Experience in incident response forensics is desired.

• Azure GCC-H exposure is desired.

Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, sex, sexual orientation, pregnancy (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, ancestry, United States military or veteran status, color, religion, creed,  marital or domestic partner status, medical condition, genetic information, national origin, citizenship status, low-income status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. Learn more about your rights under Federal laws and supplemental language at Labor Laws Posters.