Data Security Analyst

Amentum is a global leader in advanced engineering and innovative technology solutions, trusted by the United States and its allies to address their most significant and complex challenges in science, security and sustainability. Our people apply undaunted curiosity, relentless ambition and boundless imagination to challenge convention and drive progress. Our commitments are underpinned by the belief that safety, collaboration and well-being are integral to success. Headquartered in Chantilly, Virginia, we have approximately 50,000 employees in more than 70 countries across all 7 continents.

The Data Security Analyst specializes in securing enterprise data warehouses; ETL/ELT pipelines; data interfaces; and analytics platforms in international and government environments. This role focuses on robust data classification, protection of sensitive data across jurisdictions, and compliance with stringent international privacy laws and government security standards (e.g., FedRAMP, FISMA, NIST, GDPR, and others). You will ensure the confidentiality, integrity, and availability of data at rest, in transit, and during processing while supporting secure cross-border data flows and government regulatory requirements. This position is

Key Responsibilities:

• Data Classification & Governance: Support organization-wide data classification programs tailored for international and government contexts. Coordinate and maintain classification schemas (e.g., Public, Internal, Confidential, Restricted/Sensitive, Classified) and ensure consistent tagging and handling of data in warehouses and pipelines.

• Data Warehouse Security: Implement and maintain classification-driven security controls in data warehouses (Snowflake, Redshift, BigQuery, Databricks, Azure Synapse, Microsoft Fabric or on-prem solutions), including RBAC, column/row-level security, dynamic data masking, encryption at rest, and audit logging.

• International Compliance & Cross-Border Data Flows: Manage data sovereignty, localization requirements, and cross-border transfer mechanisms (Standard Contractual Clauses, Binding Corporate Rules, adequacy decisions). Ensure compliance with GDPR, LGPD, PIPL, CCPA/CPRA, and other regional regulations.

• Government & Regulatory Compliance: Support FedRAMP, FISMA, NIST 800-53, CMMC, ITAR, or equivalent government frameworks. Prepare for audits, maintain Authorization to Operate (ATO) evidence, and implement required security controls for government contracts or public sector data.

• ETL/Pipeline & Interface Security: Secure data ingestion, transformation, and movement processes with classification-aware controls. Protect interfaces (APIs, SFTP, EDI, messaging queues) using TLS, mutual authentication, encryption, and DLP policies suitable for international and government data exchanges.

• Access Management & Least Privilege: Enforce strict access controls based on data classification, user clearance levels (where applicable), and need-to-know principles. Manage privileged access and conduct regular access reviews and recertifications.

• Risk Assessment, Auditing & Monitoring: Support risk assessments, vulnerability scans, and penetration testing focused on international data flows and government environments. Monitor logs and support Cyber Security use of SIEM tools to detect threats or compliance violations.

• Incident Response & Forensics: Support security incident investigations involving data warehouses, ensuring proper handling per government and international breach notification requirements.

• Collaboration: Partner with data engineering, compliance, legal, and government stakeholders to embed security and classification into data architecture and pipelines. Advise on secure data sharing with international partners or government agencies.

• Perform other responsibilities as assigned.

Knowledge, Skills & Abilities:

• Deep knowledge of data classification frameworks and tools in regulated settings.

• Strong understanding of:

• International privacy and data protection laws (GDPR, Schrems II, etc.)

• U.S. Government standards (FedRAMP, NIST, FISMA, DoD SRG)

• Cloud security and compliance (AWS, Azure, GCP Government Cloud)

• Skill in supporting security risk assessments and forensic investigations compliant with global breach notification laws.

• Ability to translate complex international privacy and government regulations into actionable, automated technical controls.

• Skill in maintaining clear, audit-ready evidence for internal/external auditing and corporate compliance records.

• Strong analytical, critical thinking, and problem-solving skills with a strategic mindset. Capacity to navigate ambiguity and make data-driven decisions.

• Ability to work effectively in a fast-paced and dynamic environment. Ability to work both independently and collaboratively in a team environment.

• Ability to present complex technical information to a non-technical audience.

• Strong collaboration and interpersonal skills.

• Strong communication skills.

• Industry-specific knowledge and experience related to the organization's projects are preferred (Cyber, Infrastructure, Application Development, etc.).

Minimum Qualifications:

• Bachelor's degree in Computer Science, Information Security, Cybersecurity, or related field.

• Typically, five (5) years of experience in data security, with specific experience in international (multi-jurisdictional) and/or government / public sector environments.

• Hands-on experience with major cloud and on-premise data platforms in secure environments.

• Experience implementing encryption, key management, DLP, and secure data exchange protocols.

• US Citizenship is required.

Preferred Skills & Certifications:

• Security certifications: CISSP, CISM, CCSP, CRISC, CDPSE, or government-specific (e.g., Security+, CAP).

• Cloud certifications: AWS Certified Security, Azure Security Engineer, Google Cloud Professional Security Engineer (Government Cloud experience highly valued).

• Familiarity with data governance platforms (Microsoft Purview, Collibra, Alation) and automated classification tools.

• Experience with hybrid/multi-cloud architectures and secure government cloud environments (AWS GovCloud, Azure Government, etc.).

• Scripting skills (Python, SQL, PowerShell) for automation of classification, monitoring, and compliance reporting.

• Strong ability to translate complex regulatory requirements into practical technical controls.

Compensation Details:

$100k - $121k

The compensation range or hourly rate listed for this position is provided as a good-faith estimate of what the company intends to offer for this role at the time this posting was issued. Actual compensation may vary based on factors such as job responsibilities, education, experience, skills, internal equity, market data, applicable collective bargaining agreements, and relevant laws.

Benefits Overview:

Our health and welfare benefits are designed to support you and your priorities. Offerings include:

• Health, dental, and vision insurance

• Paid time off and holidays

• Retirement benefits (including 401(k) matching)

• Educational reimbursement

• Parental leave

• Employee stock purchase plan

• Tax-saving options

• Disability and life insurance

• Pet insurance

Note: Benefits may vary based on employment type, location, and applicable agreements. Positions governed by a Collective Bargaining Agreement (CBA), the McNamara-O'Hara Service Contract Act (SCA), or other employment contracts may include different provisions/benefits.

Original Posting:

06/23/2026 - Until Filled

Amentum anticipates this job requisition will remain open for at least three days, with a closing date no earlier than three days after the original posting. This timeline may change based on business needs.

Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, sex, sexual orientation, pregnancy (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, ancestry, United States military or veteran status, color, religion, creed, marital or domestic partner status, medical condition, genetic information, national origin, citizenship status, low-income status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. Learn more about your rights under Federal laws and supplemental language at Labor Laws Posters ( .