Cybersecurity Risk Manager Job at Amentum in Honolulu

Join to apply for the Cybersecurity Risk Manager role at Amentum

Amentum is seeking a dynamic and innovative Cybersecurity Risk Manager to provide research, planning, analysis and integration support to the U.S. Indo-Pacific Command (USINDOPACOM) operations, activities, and investments (OAIs) at Ford Island, Hawaii. The Cybersecurity Risk Manager will be part of the USINDOPACOM J7 (Training and Exercises Directorate) information security team. The role involves detecting, evaluating, and prioritizing risks to organizational data and cyber assets, maturing risk management programs, conducting risk assessments, control testing and monitoring, and documenting procedures. The position also includes providing cybersecurity advice to mission partners to effectively manage risk to operations and validating that security and technology controls support operational and security requirements. Strong task management and effective communication skills are required.

Essential Responsibilities

• Develop and implement cybersecurity policies.
• Partner with Business Units to identify, analyze and mitigate security risk, internal and third party, associated with activities executed throughout the enterprise.
• Conduct ongoing risk evaluations for compliance and cybersecurity operations.
• Identify risk outside acceptable thresholds and escalate appropriately.
• Develop risk mitigation methods and capabilities.
• Ensure vulnerabilities are identified, understood, remediated, and communicated.
• Monitor security controls to ensure continued effectiveness.
• Develop contingency plans and recovery processes.
• Translate technical details into non-technical language when discussing risk with leadership.
• Create documentation for organizational and compliance purposes.
• Provide security consultation for new and ongoing enterprise initiatives.
• Educate and build awareness of security requirements across the organization.
• Publish executive-level security reporting across governance, risk, and compliance activities.

Knowledge, Skills, and Abilities

• Vulnerability management experience
• Customer-focused with the ability to identify issues, analyze, interpret data, and develop solutions to moderately complex technical problems
• Experience documenting requirements, security controls, and POA&M creation

Required Qualifications

• BS/BA in Computer Science, Information Systems, or a technical field preferred and 8 years of experience in information technology or cybersecurity; or an equivalent combination of experience and education
• Security+ Certification
• Experience with DoD Risk Management Framework (certification and accreditation)
• Experience with Microsoft cloud environments
• Experience with risk management in SaaS, PaaS, IaaS, and other cloud environments
• Experience with the NIST frameworks and publications
• Vulnerability management experience
• Active Top Secret/SCI US Government Clearance. US Citizenship is required to obtain a Top-Secret Clearance.

Preferred Qualifications

• Certified Information Systems Security Professional (CISSP)
• Certified in Risk and Information Systems Control (CRISC)

Compensation & Benefits

HIRING SALARY RANGE: $150K - $165K. Salary to be determined by education, experience, knowledge, skills, and abilities of the applicant, internal equity, and market data.

This position includes a competitive benefits package. For more detailed information on Benefits and what it is like to work for Amentum, visit www.amentumcareers.com.

Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, sex, sexual orientation, pregnancy (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, ancestry, United States military or veteran status, color, religion, creed, marital or domestic partner status, medical condition, genetic information, national origin, citizenship status, low-income status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. Learn more about your rights under Federal laws and supplemental language at Labor Laws Posters.

Additional

Note: This job description reflects the responsibilities and requirements for the Cybersecurity Risk Manager role as described; it is not a guarantee of employment or a contract for specific tasks.