Cyber SME- ISSM

Amentum is seeking a Cyber Security SME- Information System Security Manager (ISSM) in Eielson AFB, AK in support of a Department of Defense (DoD) customer. In this role, you will be responsible for ensuring the required operational security posture is maintained for various DoD information systems. You will lead the evaluation and implementation of advanced security technologies, including zero trust architectures and cloud security controls. You will play an active role in monitoring systems and their environment of operation to include developing and maintaining Authorization and Authentication (A&A) Packages. 

The duties and responsibilities described below are typical though not necessarily all inclusive.

Duties and Responsibilities:

• Work closely with Information Technology department to establish and administer appropriate security systems, policies, standards, and procedures in compliance with applicable government and corporate directives, guidelines, and contractual obligations.
• Ensure network security and compliance on business operational network in accordance with corporate polices and industry best practices.
• Review compliance with DoD 8570, NIST 800-53/FISMA, C&A, DIACAPS, POAMS and other audit and security requirements, when applicable, for customer supported infrastructure.
• Ensures security policies, standards, and procedures are enforced
• Configure and maintain firewalls and other security and intrusion detection devices.
• Optimize IT infrastructure auditing and monitoring capability to analyze incident and event notifications
• Manage and verify COOP/DR capabilities for the business operational network theater-wide.
• Coordinate information security inspections, tests, and reviews of corporate systems
• Update and maintains procedures for operation of secure IT assets
• Conduct audits and analysis of software and hardware used on corporate network
• Conduct investigations of actual or suspected security violations, coordinates forensics as required, and reports results of such incidents and investigations to appropriate personnel
• Establishes and conduct effective security awareness and education programs for corporate employees
• Maintain awareness of changes to DoD cybersecurity and other applicable policies and update local policies as needed.
• Review system security audit logs on standalone and networked systems.
• Utilize Tenable Nessus scanning tools to identify system vulnerabilities and STIG compliancy. Work with IT to remediate all identified vulnerabilities and deficiencies. 
• Provide required system security training. 
• Perform annual RMF self-inspections for all supported systems.
• Develop and update (as needed) A&A packages and associated artifacts.
• Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM/AO/DAO.
• Ensure systems are operated, maintained, and disposed of in accordance with DoD and local security policies and procedures.
• Support Information System Incident Response in accordance with the DoD and local Incident Response Plan.
• Perform duties as Media Custodian.
• Interface and advise system stakeholders on all system security related matters.

Minimum Qualifications:

• Six (6) years of experience in cybersecurity, with a proven track record in risk management, threat mitigation, and security strategy development.
• At least 2 years previous experience as an ISSO/ISSM or another organizational equivalent.
• Possess certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or other DoD 8570 IAM III - compliant approved baseline certification. Or ability to obtain within six (6) months.
• MCSE/MCSA and/or CCNA desired.
• Proven oral and written communications skills including presentation development and delivery for clients
• Must have and be current in at least one of the following certifications to meet DoD 8570.
• Experience in processing Risk Management Framework (RMF) packages within XACTA.
• Familiarization with installing, configuring, maintaining, and troubleshooting operating system platforms such as Windows 10/11 and Windows Server 2019 to include security configuration knowledge of group and local policies. (Preferred).
• Technical and professional writing expertise; experience with MS Office products.
• Experience in information security that includes configuration of workstations and servers for proper security settings.
• Ability to obtain and maintain an active Top Secret with SCI eligibility US Government clearance. Note: US Citizenship is required to maintain a Top Secret Clearance.

Preferred Qualifications:

• Bachelor’s degree in a Cybersecurity or IT-related field.
• Extensive knowledge of cybersecurity frameworks (e.g., NIST, ISO 27001), compliance regulations, and industry best practices.
• Exceptional communication skills with the ability to convey complex security topics to executive leadership and non-technical stakeholders.
• Experience in leading cybersecurity teams and advising C-level executives on security investments and risk management priorities.
• Advanced knowledge of emerging security technologies, cloud security, and threat intelligence.

Other Requirements:

• This is a non-remote, fulltime on-site position
• Must be able to lift up to 50 pounds on an occasional basis.
• Minimal travel is required (0-10%).

Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, religion, color, sex, gender, national origin, age, United States military veteran’s status, ancestry, sexual orientation, gender identity, marital status, family structure, medical condition including genetic characteristics or information, veteran status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. Learn more about your rights under Federal EEO laws and supplemental language at EEO including Disability/Protected Veterans and Labor Laws Posters.