Cybersecurity Auditor

The Cybersecurity Auditor is a remote-telework position that supports our governance, risk, information assurance and compliance (GRIA&C) arm of the cybersecurity team. This role supports Amentum's data protection requirements through the comprehensive auditing of Amentum's information technology environment and collaborating with teams through the mitigation process. Qualified candidates will need a versatile skill set that emphasizes regulatory comprehension, effective collaboration, critical thinking, analytical prowess, and risk management. US Citizenship is required to apply.

Essential Responsibilities:

Provide internal assessments and audits of security controls implemented on Amentum information technology assets. Independently test the effectiveness of controls being assessed. Properly document necessary cybersecurity documentation such as the System Security Plan (SSP), Privacy Impact Assessment (PIA), Configuration Management Plan (CMP), Plan of Action and Milestones (POA&M), and Standard Operating Procedures (SOP) as necessary. Perform cyber assessments and audits as directed. Make recommendations and provide guidance/consultation regarding process improvements necessary for remediating internal control gaps. Facilitate discussions with various teams, both internal and external, around data compliance efforts. Work with system administrators, engineers, and Information System Security Manager (ISSM) to create or update system/site policies, procedures, and process guides. Brief executive leadership on compliance matters. Create network and data flow topology diagrams and process flow charts as required. Write stakeholder reports using accessible language to explain the assessment and audit results and recommendations. Create and provide metrics to cybersecurity leadership. Travel up to 25%.

Minimum Position Knowledge, Skills, and Abilities Required:

• Must be a U.S. Citizen

• Minimum of 5 years of experience in performing cyber assessments.

• Bachelor's degree in computer science, similar degree path, or 4 years of hands-on experience.

• CompTIA Security + certified

• Knowledge of NIST publications and their relevancy to compliance.

• Strong written and verbal communications.

• Experience with compliance efforts in hybrid environments that encompass both cloud and on-premises services.

Preferred Skills and Qualifications:

• Experience assessing or auditing government or DoD IT environments.

• Certified Internal Auditor (CIA) or Certified Information Systems Auditor (CISA) certifications.

• Experience with common cybersecurity tools and platforms including, but not limited to:

• Nessus

• Microsoft GCCH / O365

• Microsoft Azure

• Microsoft Defender

• Email protection platforms

• Palo Alto products

#LI-CJ1

Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, religion, color, sex, gender, national origin, age, United States military veteran's status, ancestry, sexual orientation, marital status, family structure, medical condition including genetic characteristics or information, veteran status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law.

Labor Law Posters (~~~)

EEO including Disability/Protected Veterans