Amentum is hiring a Senior Cybersecurity Engineer

Amentum is seeking a Senior Cybersecurity Engineer with a focus on Incident Management. This is a remote-telework, hands-on role responsible for ensuring Amentum's assets are protected from cyber threats. You will provide technical expertise across multiple areas of cybersecurity, including Cloud Security and Endpoint Security.

What You'll Do

• Work closely with our MSSP to monitor and improve Incident Response services.
• Design, develop, and implement security controls to protect information systems, enterprise applications, and data.
• Participate in 2nd-level Security Operations Center (SOC) activities, such as responding to critical security incidents escalated by a MSSP.
• Analyze, troubleshoot, and investigate security-related IT system anomalies based on platform reporting, network traffic, log files, and automated security alerts.
• Optimize processes and tooling and automate recurring tasks.
• Provide security oversight and coordination for changes to the IT landscape.
• Provide off-hours support on an infrequent, but as-needed basis.
• Maintain and update relevant system and process documentation.
• Cover other assignments as needed.

What We're Looking For

• Must be a U.S. Citizen.
• Bachelor’s degree in Computer Science, Information Systems, or a related field.
• Typically, five (5) years of relevant experience; three (3) years with a Master’s degree.
• Experience in Incident Management and Breach Investigations.
• Experience creating playbooks and detection automations.
• Experience in Threat Intelligence/Hunting using KQL.
• Experience in SIEM Management.
• Current Security+ or similar industry certification.
• Solid Microsoft Azure experience, including M365.
• Solid understanding of system and network security technologies and related concepts (e.g., boundary protection, network segmentation, firewalls, endpoint security, threat hunting, and data protection).

Nice to Have

• Exposure to Microsoft Sentinel is desired.
• Experience with NIST-based controls or similar standards is desired.
• Experience in incident response forensics is desired.
• Azure GCC-H exposure is desired.

Technical Stack

• Microsoft Azure
• M365
• KQL
• SIEM
• Microsoft Sentinel

Work Mode

This is a remote-telework position.

Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, sex, sexual orientation, pregnancy (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, ancestry, United States military or veteran status, color, religion, creed, marital or domestic partner status, medical condition, genetic information, national origin, citizenship status, low-income status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law.