Cyber Security Analyst (mid)

    • Amentum
  • Newport News, VA
  • Posted 48 days ago | Updated 7 hours ago


On Site
Full Time


Risk management framework
Certification and accreditation
Standard operating procedure
Cyber security
IT infrastructure
Network security
Risk management
Information systems
Access control
Status reports
Information assurance
System security
Computer hardware
Regulatory Compliance
Preventive maintenance
Enterprise resource planning
Security clearance

Job Details

This position is not currently funded and is contingent upon the award of a new contract to Amentum. At this time, Amentum is seeking candidates to fulfill contingent roles. The expected award timeframe is Fall/Winter 2024.

The Cyber Security Analyst will protect hardware, software, and networks from cybercriminals. The analyst's primary role is to understand The U.S. Army's IT infrastructure in detail, to always monitor it, and to evaluate threats that could potentially breach the network. The Cyber Security Analyst continuously looks for ways to enhance company network security and protect its sensitive information.

The Cyber Security Analyst is also responsible for:
  • Performs duties related to Authorization and Accreditation (A&A) and the Risk Management Framework ('RMF) lifecycle
  • Supports the development, review and management of certification and accreditation documentation to ensure it is compliant with RMF standards
  • Develops guidance and assists associates through the RMF phases
  • Performs Risk Management and testing of Federal Information System Controls Audit Manual (FISCAM) and RMF controls in order to maintain the information system's security posture
  • Maintains system accreditation status, develops reports, and alerts system proponents when accreditation documentation must be updated
  • Supports the organization's program that implements information systems security technology and procedures, to include access control and authentication of users and transmitted information
  • Prepares, distributes, and maintains plans, instructions, guidance, and standard operating procedures (SOPs) on the security of information systems
  • Conducts system vulnerability (i.e. ACAS) and STIG compliance scanning, as well as, reviews, and analyzes vulnerability status reports
  • Reviews threats and vulnerabilities to assess risks, and determines effective measures to minimize such risks
  • Identifies resources to be protected
  • Recommends security mitigation actions to improve the security posture of PM systems
  • Reviews Army and DoD policy and develops local policy and procedures that implement the Army and DoD's Information Assurance subprograms and initiatives
  • Reviews and evaluates system and network changes for cybersecurity impact and effect on confidentiality, integrity, availability and overall system security posture

Minimum requirements:
  • Bachelor's degree and 8-10 years of experience in Information Assurance and Cyber operations, or equivalent
  • Required certifications: CISM, CISSP (or Associate), GSLC DoD 8570.01-Manual IAM Level III baseline certification required
  • Experience with eMASS. Experience with ERP programs, HBSS, Fortify, and ACAS/Retina/Nessus
  • Meets DoDD 8570 Certification requirements
  • 5+ years of verifiable DOD experience with RMF, cybersecurity, segregation of duties and IT controls in support of DOD ERP auditability
  • Additionally, Splunk and Arcsight proficiency required for some personnel
  • Must have an active secret US government clearance. Note: ship is required to maintain a secret clearance.a

Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, religion, color, sex, gender, national origin, age, United States military veteran's status, ancestry, sexual orientation, marital status, family structure, medical condition including genetic characteristics or information, veteran status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law.