System Security Engineer

Amentum is seeking a highly skilled System Security Engineer to support the design, implementation, and ongoing operations of enterprise security tools-including ACAS (NessTenable.sc), Trellix ePO (formerly McAfee ePolicy Orchestrator), and Microsoft Endpoint Configuration Manager (MECM/SCCM)-in a Department of Defense (DoD) environment. The successful candidate will play a critical role in enhancing cybersecurity posture, ensuring system compliance, and supporting vulnerability management and endpoint protection initiatives across a large-scale enterprise network as part of a team prototyping a next-generation collaboration capability for the Department of Defense

We value candidates who are detail-oriented while also being able to think and react quickly to emerging and unique problem sets. You'll be expected to work onsite, have a strong work ethic, and possess the ability to work as a critical member of our team.

Responsibilities:

• Design and Architect Security Tool Deployments:
  
  • Develop and maintain secure, scalable architecture for ACAS, Trellix, and MECM solutions in classified and unclassified DoD environments.
  • Ensure tool integration with existing enterprise systems and SIEMs (e.g., Splunk, ArcSight).
• Implementation and Configuration:
  
  • Configure and deploy ACAS (Tenable.sc and Nessus) for automated vulnerability scans and compliance assessments.
  • Install, configure, and optimize Trellix ePO and associated modules (DLP, ENS, HIPS).
  • Set up and manage MECM infrastructure for patch management, endpoint deployment, and compliance monitoring.
• Operations and Monitoring:
  
  • Perform regular vulnerability scans, analyze findings, and generate risk-based remediation reports.
  • Monitor endpoint security posture, respond to alerts, and maintain up-to-date AV/AM/EDR policies.
  • Support patching cycles, software deployments, and inventory tracking via MECM.
• Security Compliance and Documentation:
  
  • Ensure systems are compliant with DoD STIGs, RMF/NIST 800-53 requirements, and DISA mandates.
  • Maintain documentation for configurations, processes, POA&Ms, and system security plans (SSPs).
  • Assist with audit preparation, system hardening, and control implementation.
• Cross-Team Collaboration:
  
  • Work closely with cybersecurity, systems, and network teams to identify threats and improve security posture.
• Use JIRA and Confluence tools to track assigned tasks and update progress and completion status
• Implement and maintain Government standards for system security
• Liaise with vendors and other IT personnel for problem resolution

Requirements:

• IAT Level II or higher certification (e.g., Security+ CE, CySA+, CASP+, CISSP, or equivalent)
• 7-10+ years of experience supporting security tools in DoD or Federal IT environments
• Proven hands-on experience with:
  
  • ACAS (Tenable.sc, Nessus)
  • Trellix ePO (formerly McAfee) and its endpoint protection modules
  • MECM/SCCM for patching, imaging, and software deployment
• Familiarity with DoD cybersecurity policies, STIGs, and RMF processes
• Experience with Microsoft Office applications such as Excel, Word, Outlook, and SharePoint
• Exceptional attention to detail; excellent verbal and written communication skills; strong organizational skills; critical thinking and problem-solving skills
• Ability to work both independently and as part of a team in a dynamic environment.
• Ability to travel up to 25%

Clearance Required:

• Active TS clearance with SCI eligibility

Minimum Education:

• HS Diploma

Minimum Years of Experience:

• 7-10+ years of related experience

Required Certifications:

• Must meet DoD 8570.01-M IAT-II or IAM-I baseline certification requirements such as Security + or equivalent
• Certified in accordance with Cyber Workforce Management Program DoDD 8140.1 and DoD 8570.01-M

Preferred:

• MCSE Certification
• BS in Computer Science or related technical degree
• Experience supporting cross-domain solutions or classified networks
• Experience supporting Cisco UCS Computing Servers, Hyperflex environment
• Experience support VMware ESXi and Nutanix Hypervisor Environment
• Experience with HBSS migration or Trellix-to-CrowdStrike transitions
• Understanding of EDR/XDR and Zero Trust principles
• Knowledge of SIEM tools and log integration with ACAS/Trellix
• Familiarity with Agile Scrum methodologies and JIRA/Confluence tools
• Experience developing IT checklists, SOPs, guides, etc

#javelin

Pay Transparency Verbiage
Amentum's health and welfare benefits are designed to invest in you and in the things you care about. Your health. Your well-being. Your security. Your future. Eligible employees and their dependents may elect medical, dental, vision, and basic life insurance. Employees are able to enroll in our company's 401k plan, and, if eligible, a deferred compensation plan and Executive Deferral Plan. Employees will also receive 17 days of vacation per year, seven paid holidays, plus floating holidays and caregiver leave. Hired applicants will be able to purchase company stock and have the opportunity to receive a performance discretionary bonus.

The base salary range for this position is $165,000 to $180,000. This range reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.