Information System Security Engineer - Senior

In support of a challenging, critical, and rewarding program that provides integrated voice, video, and data services throughout the Information Technology lifecycle, Amentum is seeking Senior Information System Security Engineer (ISSE) to serve as a subject matter expert in the design, implementation, and optimization of enterprise security toolsets. The successful candidate will lead the engineering efforts for the Trellix (ePO) ecosystem and the ACAS (Nessus) suite, ensuring mission-critical assets remain secure, compliant, and resilient. This role requires a blend of high-level security architecture, hands-on troubleshooting, and the ability to drive secure-by-design principles across the System Development Life Cycle (SDLC). You must be a critical thinker, have a strong work ethic, and be able to work independently or as a member of a team in a dynamic environment. We value candidates who are detail-oriented while also being able to think and react quickly to emerging and unique problem sets. To be successful, you must be able to rapidly adapt and learn how to operate the front and back end of new products and processes. Work Schedule: 5 Days (Mon – Fri); 8 hrs/Day; 40 hrs/wkly Essential Responsibilities: The duties and responsibilities of the Senior Information Systems Security Engineer include, but are not limited to the following: Endpoint Security Engineering (Trellix/ePO): Ecosystem Management: Expertly design, configure, and maintain Trellix components (ePO, Trellix Agent, DLP, HIPS, Policy Auditor, ABM, and VSE) across Windows and Linux environments. Policy Development: Author and deploy endpoint security policies for ENS modules (Threat Prevention, Firewall, Web Control) based on DISA STIGs and organizational needs. Threat Mitigation: Develop custom signatures, rules, and exceptions to address zero-day threats and specific operational requirements. Operational Continuity: Validate custom exceptions to ensure uninterrupted operation of mission-critical processes without compromising compliance. Vulnerability Management (ACAS/Nessus): Architecture & Strategy: Design enterprise-wide vulnerability scanning strategies and manage the deployment of Security Centers and Nessus scanners. Advanced Troubleshooting: Serve as the final escalation point for complex scan issues, credentialing problems, and system communication failures. Risk Reporting: Configure automated reporting of compliance data to continuous monitoring systems and risk-scoring repositories. Security Integration & Engineering: Tool Orchestration: Integrate Trellix and ACAS with tools such as Splunk, XSOAR, and ServiceNow to automate workflows and enhance incident response. RMF Support: Provide authoritative recommendations and ACAS-generated artifacts to support the Assessment and Authorization (A&A) process and RMF packages for Authority to Operate (ATO). Strategic Oversight: Lead the maintenance and scalability of test, development, and operational environments, collaborating with Network and DevSecOps teams to enhance resilience. Multi-Tier Support: Deliver Tier 1–3 maintenance and incident response for the full cybersecurity portfolio (ACAS, Trellix, Splunk, XSOAR). Compliance Mastery: Deep understanding of DISA STIGs, NIST 800-53, and the Risk Management Framework (RMF). Other Responsibilities: Safety - Amentum enforces a safety culture whereby all employees have the responsibility for continuously developing and maintaining a safe work environment. As appropriate, each employee is responsible for completing all training requirements and fulfilling all self-aid/buddy aid responsibilities, participating in emergency response tasks and serving on safety committees and teams. Quality - Quality is the foundation for the management of our business and the keystone to our goal of customer satisfaction. It is our policy to consistently provide services that meet customer expectations. Accordingly, each employee must conform to the Amentum Quality Policy and carry out job activities in compliance with applicable Amentum Quality System documents and customer contracts. Each employee must read and understand his/her Quality Management and Customer Satisfaction responsibilities. Procedure Compliance - Each employee must read, understand and implement the general and specific operational, safety, quality and environmental requirements of all plans, procedures and policies pertaining to his/her job. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. As part of our commitment to maintaining a safe and compliant work environment, Amentum is a drug-free workplace and requires all personnel to comply with company drug and alcohol policies as a condition of employment. Employment is contingent upon successful completion of the drug screening process. Please note that this may include pre-hire screening for marijuana, as well as other federally controlled substances due to Amentum’s role as a federal contractor and trusted partner to the US Government.