Senior Cybersecurity Engineer (Incident Response)

Amentum is a global leader in advanced engineering and innovative technology solutions, trusted by the United States and its allies to address their most significant and complex challenges in science, security and sustainability. Headquartered in Virginia, we have more than 53,000 employees in approximately 80 countries across all 7 continents.

Amentum is seeking a Senior Cybersecurity Engineer with focus on Incident Response. This is a fully remote and hands-on role, responsible for ensuring Amentum assets are protected from cyber threats.This role provides technical expertise in multiple areas of cybersecurity to include Cloud Security and Endpoint Security. US Citizenship is required to apply. You may work remote-telework from anywhere within the United States.

Responsibilities:

• Work closely with our MSSP to monitor and improve Incident Response services.
• Design, develop and implement security controls to protect information systems, enterprise applications and data.
• Participate in 2nd-level Security Operations Center (SOC) activities, e.g. respond to critical security incidents escalated by a MSSP.
• Analyze, troubleshoot and investigate security-related IT system anomalies based on platform reporting, network traffic, log files and automated security alerts.
• Optimize processes/tooling and automate recurring tasks.
• Provide security oversight and coordination for changes to the IT landscape.
• Provide off-hours support on an infrequent, but as needed basis.
• Maintain and update relevant system and process documentation.
• Perform other duties as assigned.

Knowledge, Skills and Abilities:

• Self-starter with desire for professional excellence, able to work with minimal supervision.
• Excellent communication skills, able to prioritize and adapt to dynamic changes in the environment.
• Ability to travel up to 10%.

Minimum Requirements:

• Must be a U.S. Citizen
• Bachelor’s degree in Computer Science, Information Systems or related field plus five (5) years of relevant experience; three (3) years with a Master’s degree
• Current Security+ or similar industry certification
• Solid Microsoft Azure experience, including M365
• Solid understanding of system and network security technologies and related concepts, e.g. boundary protection, network segmentation, firewalls, endpoint security, threat hunting, data protection
• Effective time management and communication skills
• Experience in Incident Management and Breach Investigations
• Experience creating playbooks and detection automations
• Experience in Threat Intelligence/Hunting using KQL
• Experience in SIEM Management

Additional desired qualifications and experience:

• Exposure to Microsoft Sentinel
• Experience with NIST based controls or similar standard
• Experience in forensics
• Azure GCC-H exposure

Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, religion, color, sex, gender, national origin, age, United States military veteran’s status, ancestry, sexual orientation, gender identity, marital status, family structure, medical condition including genetic characteristics or information, veteran status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. Learn more about your rights under Federal EEO laws and supplemental language at EEO including Disability/Protected Veterans and Labor Laws Posters.