Cyber Information Security Specialist (ISSM) Level 3

Job Title

Provides deployed security services across ZENITH program components for the full range of security disciplines, including personnel security, information security, operational security, program protection, compartment security, and physical security.

Job Description

Purpose and Impact: Provides deployed security services across ZENITH program components for the full range of security disciplines, including personnel security, information security, operational security, program protection, compartment security, and physical security. Program has six program teams working across four customer locations. Work Schedule: 8 hours per day x 5 days weekly. Essential Responsibilities: Cyber and Information Security Specialist (ISSM) Level 3 demonstrates substantive functional knowledge of all disciplines and requires almost no guidance.

• Cyber and Information Security Specialist (ISSM) Level 3 independently and consistently demonstrates comprehensive knowledge of all disciplines.
• INFOSEC Specialists/ISSM serve as a directorate level resource. INFOSEC Specialist/ISSM shall provide comprehensive Information Security (INFOSEC) assistance and oversight to customers throughout the mission space in their role supporting Sponsor Information Systems Security Managers (ISSMs). The INFOSEC Specialists coordinate with the ISSOs, who are collocated with Sponsor's Office Departments, or Programs, to ensure that INFOSEC policy and ISSM guidance is appropriately followed and documented, and deliver outcomes as follows:
• Review and analyze systems architecture diagrams and networks.
• Assess security system needs and provide corrective actions into a coherent security strategy.
• Support Assessment and Authorization (A&A) requirements and process and apply ICD 503, NISPOM, and other federal guidelines in support of systems used at contractor facilities.
• Help in the creations of new processes to support Sponsor and partners to advance security and lower risk:
• Cyber Reset - binning and profile system initiative. This is a major initiative to completely change the way assessments are conducted, and risks are presented in Sponsor system.
• Pilot and enhance Sponsor Front Office initiatives based on direct requests.
• Create custom documentations and step-by-step processes to streamline cyber risk reduction, security relevant changes, and help maintain the current understanding of Sponsor systems.
• Assist Sponsor systems owners and/or service providers throughout the risk management framework (RMF), including the assessment and authorization (A&A) processes, as follows:
• Provide advice to Sponsor system owners and/or service providers on the creation of required system documentation or body of evidence; review and provide recommendation for approval or disapproval, as appropriate.
• Assess security and privacy controls and data protection in sponsor information systems and environments of operation as part of the initial security assessment and during operational changes affecting information systems' security posture.
• Assist the security control accessors (SCA), as appropriate, in performing security systems assessments and reviewing risk elements in the executive Risk System (ERS) report.
• Create plans of action & milestones (POA&Ms) and/or request risk acceptance through a security assessor (SA), who will certify the ERS report to the appropriate authorizing official (AO) or designated AO.
• Provide oversight and guidance to ensure compliance with Sponsor information security regulations and policies on processes and request, such as Data Transfer Request; Access Request; Service/Change Request; Purchase Request; Accountable Property Management; Waivers, including medical devices and introduction (use) of equipment /devices into SCIF; and Equipment Transport.
• Build relationships, to include Interagency, with system owners and stakeholders.
• Review and approve requests to include but not limited to Sponsor system access system, crypto, hardware orders, and Sponsor portal waivers (SCIF 705, IT, DTO, medical devices, and Sponsor Certs.
• Facilitate development, maintenance and security review of AIS security plans for computers, networks, and information systems deployed and used at contractor facilities, ensuring that sponsor and program approving signatures are acquired and documented.
• Conduct technical exchange meetings to facilitate AIS security solutions for both industrial contractors and government systems; and produce comprehensive solutions to technically complex systems and challenges.
• Advise and answer questions regarding Sponsor's AIS policies, including providing recommendations on waivers and mitigations as appropriate to meet mission requirements.
• Ensure documentation is complete and accurate in accordance with Sponsor AIS policies and requirements.
• As necessary, support the investigation of virus/malware alerts/incidents to determine root cause, entry point of code, damage risk, and report this information.
• Write reports based on technical analysis of sponsor or industrial partners systems, and as applicable provide recommendations for mitigating issues in the future.
• Participate in project review meetings and provide technical cyber security advice/expertise to Sponsor personnel.
• Review complex sponsor and industrial partners system designs for security risk and compliance with sponsor policy and regulations; propose resolution and preventive strategies.
• Communicate complex technical concepts, project information, and security policy clearly and concisely to both technical and non-technical audiences.

Work Environment, Physical Demands, and Mental Demands: Daily work in an office environment, with occasional local or CONUS travel. Minimum Requirements (Knowledge, Skills, and Abilities): At least 7 years of experience working as ISSM or ISSO in the Intelligence Community Security Clearance Required: TS/SCI w/ Polygraph required at time of application Minimum Education: Bachelor's Degree in Information or Cyber Security, or equivalent work experience.Minimum Years of Experience: 7 Required Certifications: N/A Preferred Qualifications: CISSP, CISA, and CCSP certifications This position is not designated as a safety sensitive position. As part of our commitment to maintaining a safe and compliant work environment, Amentum is a drug-free workplace and requires all personnel to comply with company drug and alcohol policies as a condition of employment. Employment is contingent upon successful completion of the drug screening process. Please note that this may include pre-hire screening for marijuana, as well as other federally controlled substances due to Amentum's role as a federal contractor and trusted partner to the US Government. Other Responsibilities: Safety - Amentum enforces a safety culture whereby all employees have the responsibility for continuously developing and maintaining a safe work environment. As appropriate, each employee is responsible for completing all training requirements and fulfilling all self-aid/buddy aid responsibilities, participating in emergency response tasks and serving on safety committees and teams.Quality - Quality is the foundation for the management of our business and the keystone to our goal of customer satisfaction. It is our policy to consistently provide services that meet customer expectations. Accordingly, each employee must conform to the Amentum Quality Policy and carry out job activities in compliance with applicable Amentum Quality System documents and customer contracts. Each employee must read and understand his/her Quality Management and Customer Satisfaction responsibilities.Procedure Compliance - Each employee must read, understand and implement the general and specific operational, safety, quality and environmental requirements of all plans, procedures and policies pertaining to his/her job.

Compensation Details

The compensation range or hourly rate listed for this position is provided as a good-faith estimate of what the company intends to offer for this role at the time this posting was issued. Actual compensation may vary based on factors such as job responsibilities, education, experience, skills, internal equity, market data, applicable collective bargaining agreements, and relevant laws.

Benefits Overview

Our health and welfare benefits are designed to support you and your priorities. Offerings include:

• Health, dental, and vision insurance
• Paid time off and holidays
• Retirement benefits (including 401(k) matching)
• Educational reimbursement
• Parental leave
• Employee stock purchase plan
• Tax-saving options
• Disability and life insurance
• Pet insurance

Note: Benefits may vary based on employment type, location, and applicable agreements. Positions governed by a Collective Bargaining Agreement (CBA), the McNamara-O'Hara Service Contract Act (SCA), or other employment contracts may include different provisions/benefits.