Information System Security Engineer (ISSE)

Your Impact :

Are you interested in using your skills to help shape the Cyber, Security, & Intel space? If so, look no further. Amentum is seeking a Information System Security Engineer (ISSE) to join our team of passionate individuals in Elkridge, MD . In this role you will support challenging, mission-critical projects that make a direct impact on the Nation’s security and intelligence mission.

As a Cyber Systems Engineer / Information System Security Engineer (ISSE) at Amentum, you will play a vital role in safeguarding national security by protecting the integrity, confidentiality, and availability of government-affiliated information systems. Your expertise will directly support critical defense and intelligence missions, ensuring that cybersecurity risks are identified, mitigated, and continuously monitored in alignment with stringent DoD and DIA standards.

By serving as the primary security advisor for assigned systems, your work will not only ensure operational compliance but will also contribute to the resilience and trustworthiness of mission-critical infrastructure relied upon by government agencies. Through close collaboration with engineers, system administrators, government clients, and security assessors, you will help design and maintain secure environments where innovation and mission success are achieved without compromising cybersecurity.

Your contributions will have a lasting impact, enabling rapid threat response, reduced risk exposure, and the sustained protection of sensitive data and digital assets vital to national defense and intelligence operations.

Responsibilities :

• Lead Security Authorization Efforts : Oversee and coordinate the Assessment & Authorization (A&A) processes in alignment with Risk Management Framework (RMF) and Intelligence Community Directives (ICD). This includes interfacing with Group-level Information Systems Security Managers (ISSMs) and Security Controls Assessors (SCAs) to ensure thorough and timely security reviews.
• Develop and Maintain Security Documentation : Prepare and maintain essential security documentation such as System Security Plans (SSPs), Concept of Operations (CONOPS), Contingency Plans (CP), General User Guides (GUG), Privileged User Guides (PUG), and Standard Operating Procedures (SOPs). Ensure documentation accurately reflects the current system architecture and security posture.
• Collect and Analyze Security Artifacts : Coordinate with program managers, system owners, and engineering teams to collect Bodies of Evidence (BoEs) and artifacts necessary for A&A. Analyze and compile documentation that supports security control implementations and Plan of Action & Milestones (POA&Ms) mitigation strategies.
• Coordinate Authorization Milestones : Facilitate and track progress through customer A&A processes to achieve key security milestones such as Authority to Develop (ATD), Interim Authority to Test (IATT), and Authority to Operate (ATO). Maintain up-to-date knowledge of each project's A&A status and communicate updates effectively across technical and leadership levels.
• Support Security Compliance and Audit Activities : Act as a liaison during audits and compliance assessments, supporting continuous monitoring and promoting adherence to RMF, DIA policy, IC guidance, and applicable federal laws. Assist in the annual updates of Information Security Continuous Monitoring (ISCM) and Organizational Assessment (OA) Strategy Plans.
• Evaluate and Respond to Emerging Threats : Review and revise control volatility sections of security plans in response to evolving threats, policy changes, and updated federal or agency guidance. Provide input on High Value Assets (HVAs), and systems classified at TS / SCI or Secret levels, ensuring appropriate protections are in place.
• Deliver Recommendations and Process Improvements : Generate actionable recommendations to enhance the security program. Identify inefficiencies in current processes and propose improvements based on best practices, audit findings, and lessons learned.
• Technical Content Review : Perform detailed technical and editorial reviews of A&A documentation, ensuring clarity, accuracy, and compliance with relevant standards and frameworks.
• Certification Maintenance : Maintain compliance with DoD requirements for the IASAE Level II role, ensuring credentials and training are current

Requirements :

Experience supporting internal and external audits, including liaising with auditors and preparing for compliance assessments.

Familiarity with Information Security Continuous Monitoring (ISCM) strategies and implementation.

Understanding of agency-specific compliance standards including DIA policies, DoD directives, and federal cybersecurity laws.

Ability to support and update Organizational Assessment (OA) Strategy Plans annually or as required.

Demonstrated ability to document findings and present them in a clear, actionable format to stakeholders.

Clearance Required :

Minimum Education :

Minimum Years of Experience :

Required Certifications :

o CISSP-ISSAP

o CISSP-ISSEP

o CASP+ CE (if accepted by employer)

Preferred :

#javelin #externalreferral

Pay Transparency Verbiage

Amentum’s health and welfare benefits are designed to invest in you and in the things you care about. Your health. Your well-being. Your security. Your future. Eligible employees and their dependents may elect medical, dental, vision, and basic life insurance. Employees are able to enroll in our company’s 401k plan, and, if eligible, a deferred compensation plan and Executive Deferral Plan. Employees will also receive 17 days of vacation per year, seven paid holidays, plus floating holidays and caregiver leave. Hired applicants will be able to purchase company stock and have the opportunity to receive a performance discretionary bonus.

The base salary range for this position is . This range reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.