Job Information
Amentum Cybersecurity Risk Analyst in Des Moines, Iowa
Amentum seeks a Cybersecurity Risk Analyst.
Amentum is a global leader in advanced engineering and innovative technology solutions, trusted by the United States and its allies to address their most significant and complex challenges in science, security and sustainability. Headquartered in Virginia, we have more than 53,000 employees in approximately 80 countries across all 7 continents.
The Cybersecurity Risk Analyst role is a remote-telework position that supports our governance, risk, information assurance. and compliance (R&C) arm of the cybersecurity team. This role supports Amentum’s data protection requirements through the assessment of controls and working with teams through the mitigation process. Qualified candidates will need a versatile skill set that emphasizes regulatory comprehension, technology, effective collaboration, critical thinking, analytical prowess, risk management, and strong communications skills. US Citizenship is required to apply. This is a remote-telework role.
Essential Responsibilities:
Develop Assessment and Authorization (A&A) packages for various systems.
Oversee cybersecurity change management and end user support for compliance and risk.
Craft, validate, and document necessary cybersecurity information such as System Security Plan (SSP), Privacy Impact Assessment (PIA), Configuration Management Plan (CMP), Plan of Action and Milestones (POA&M), and Standard Operating Procedures (SOP) as necessary.
Perform cyber assessments and audits as directed.
Lead discussions with various teams, both internal and external, around data compliance and risk efforts.
Provide expertise to system administrators, engineers, and Information System Security Manager (ISSM) to create or update system/site policies, procedures, and process guides.
Consult with and brief executive management on compliance and risk matters.
Create, maintain, and provide metrics and status reports to cybersecurity leadership.
Travel up to 25%.
Perform all other position related duties as assigned or requested.
Knowledge, Skills, and Abilities:
Demonstrated experience in technology assessments, handling multiple assignments and finding mutually acceptable solutions to security problems, preferably within the defense or government contracting industry
Demonstrated experience recommending and devising cybersecurity controls to mitigate risk
Demonstrated experience in policy research and applying it to developing policies and procedures related to cybersecurity technology
Knowledge of DFARS and NIST publications and their relevancy to compliance and risk.
Demonstrable strong written and verbal communications.
Minimum Qualifications:
Must be a U.S. Citizen
Bachelor’s degree in IT, Cybersecurity, or a related field. Two years in related field can be substituted for each year of the four years of college.
Minimum of five (5) years of experience in performing cybersecurity assessments to include three years of hands-on experience in IT risk management or three years of cybersecurity in Federal Government environments
Certification of one of the following:
CompTIA Network+, Security+ certified or equivalent
CISSP
Microsoft Azure Security Engineer Associate certified or equivalent
Experience with common cybersecurity tools and platforms such as Nessus, Microsoft GCCH / O365, Microsoft Azure Gov, Microsoft Defender, Fireeye products, email protection platforms, and Palo Alto products.
Ability to read, understand, and document network infrastructure in logical diagrams, data flow diagrams, security boundaries.
Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, religion, color, sex, gender, national origin, age, United States military veteran’s status, ancestry, sexual orientation, gender identity, marital status, family structure, medical condition including genetic characteristics or information, veteran status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. Learn more about your rights under Federal EEO laws and supplemental language at EEO including Disability/Protected Veterans (https://www.dol.gov/agencies/ofccp/posters) and Labor Laws Posters (https://protect-us.mimecast.com/s/MI5TC2kqOqsOBPMVfnZ32U) .