Information System Security Engineer - Senior

In support of a challenging critical and rewarding program that provides integrated voice, video, and data services throughout the Information Technology lifecycle, Amentum is seeking a Senior Information System Security Engineer (ISSE) to serve as a subject matter expert in the design, implementation, and optimization of enterprise security toolsets.

The successful candidate will lead the engineering efforts for the Trellix ePO ecosystem and the ACAS Nessus suite, ensuring mission-critical assets remain secure, compliant, and resilient. This role requires a blend of high-level security architecture, hands-on troubleshooting, and the ability to drive secure-by-design principles across the System Development Life Cycle (SDLC).

You must be a critical thinker with a strong work ethic and be able to work independently or as a member of a team in a dynamic environment. We value candidates who are detail-oriented while also being able to think and react quickly to emerging and unique problem sets. To be successful, you must be able to rapidly adapt and learn how to operate the front and back end of new products and processes.

Work Schedule

• 5 Days: Mon - Fri
• 8 hrs/day
• 40 hrs/wkly

Essential Responsibilities The duties and responsibilities of the Senior Information Systems Security Engineer include but are not limited to the following:

Endpoint Security Engineering

• Trellix ePO Ecosystem Management: Expertly design, configure, and maintain Trellix components (ePO, Trellix Agent, DLP, HIPS, Policy Auditor, ABM, and VSE) across Windows and Linux environments.
• Policy Development: Author and deploy endpoint security policies for ENS modules (Threat Prevention, Firewall, Web Control) based on DISA STIGs and organizational needs.
• Threat Mitigation: Develop custom signatures, rules, and exceptions to address zero-day threats and specific operational requirements.
• Operational Continuity: Validate custom exceptions to ensure uninterrupted operation of mission-critical processes without compromising compliance.

Vulnerability Management

• ACAS/Nessus Architecture & Strategy: Design enterprise-wide vulnerability scanning strategies and manage the deployment of Security Centers and Nessus scanners.
• Advanced Troubleshooting: Serve as the final escalation point for complex scan issues, credentialing problems, and system communication failures.
• Risk Reporting: Configure automated reporting of compliance data to continuous monitoring systems and risk-scoring repositories.

Security Integration & Engineering

• Tool Orchestration: Integrate Trellix and ACAS with tools such as Splunk, XSOAR, and ServiceNow to automate workflows and enhance incident response.
• RMF Support: Provide authoritative recommendations and ACAS-generated artifacts to support the Assessment and Authorization (A&A) process and RMF packages for Authority to Operate (ATO).
• Strategic Oversight: Lead the maintenance and scalability of test, development, and operational environments, collaborating with Network and DevSecOps teams to enhance resilience.
• Multi-Tier Support: Deliver Tier 1-3 maintenance and incident response for the full cybersecurity portfolio (ACAS, Trellix, Splunk, XSOAR).

Compliance Mastery

• Deep understanding of DISA STIGs, NIST 800-53, and the Risk Management Framework (RMF).

Minimum Requirements

• Must have active Top-Secret clearance with SCI or TS with the ability to acquire SCI.
• Knowledge and experience with NESSUS, ACAS, and Trellix administration.
• Experience in Splunk role while working in a Splunk Clustered Environment.
• Must be able to work a 40-hour work week normally Monday through Friday.
• Ability to work overtime during critical peaks and be available to meet last-minute requests for overtime if needed.
• Ability to travel 5-10%, primarily within 75 miles.
• Familiarity with MS Office applications such as Excel, Word, Outlook, SharePoint, Project, and Visio.
• Exceptional attention to detail, excellent verbal and written communication skills, strong critical thinking, organizational, time-management, and problem-solving skills.
• Ability to work both independently and as part of a team in a dynamic environment.

Clearance Required

• Must have active Top-Secret clearance with SCI or TS with the ability to acquire SCI.

Minimum Education

• Bachelors Degree in a related field (Cyber and/or Engineering).

Minimum Years of Experience

• 8 years of relevant experience.

Required Certifications

• Must possess or be able to obtain one of the following 8140 IAT Level II or III baseline certifications before a start date:
• Level II certifications include: CCNA Security, GISCP, GSEC, Security CE, SSCP.
• Level III certifications include: CASP+, CE, CCNP Security, CISA, CISSP, or Associate GCE, GCIH.

Preferred Qualifications

• RHEL Administration: Proficient understanding of Red Hat Enterprise Linux (RHEL) 8 and 9, including the ability to monitor and maintain cybersecurity tools at the OS level.
• SOAR Automation: Experience managing the full lifecycle of XSOAR infrastructure, including building complex playbooks, custom scripts, and integrations to automate cyber workflows.
• Splunk O&M: Proficiency in Splunk Operations & Maintenance, including managing distributed components, index management, version upgrades, and creating custom dashboards via the Monitoring Console.

Javelin Compensation Details

• $185,000
• The compensation range or hourly rate listed for this position is provided as a good-faith estimate of what the company intends to offer for this role at the time this posting was issued. Actual compensation may vary based on factors such as job responsibilities, education, experience, skills, internal equity, market data, applicable collective bargaining agreements, and relevant laws.

Benefits Overview Our health and welfare benefits are designed to support you and your priorities. Offerings include:

• Health, dental, and vision insurance
• Paid time off and holidays
• Retirement benefits including 401k matching
• Educational reimbursement
• Parental leave
• Employee stock purchase plan
• Tax-saving options
• Disability and life insurance
• Pet insurance

Note: Benefits may vary based on employment type, location, and applicable agreements. Positions governed by a Collective Bargaining Agreement (CBA), the McNamara-OHara Service Contract Act (SCA), or other employment contracts may include different provisions/benefits.

Original Posting 03/19/2026 - Until Filled

Amentum anticipates this job requisition will remain open for at least three days with a closing date no earlier than three days after the original posting. This timeline may change based on business needs.

Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, sex, sexual orientation, pregnancy (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, ancestry, United States military or veteran status, color, religion, creed, marital or domestic partner status, medical condition, genetic information, national origin, citizenship status, low-income status, or mental or physical disability, so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law.

Learn more about your rights under Federal laws and supplemental language at Labor Laws Posters.