We are seeking a Designated Authorizing Official (DAO) 3 for a prime contract that is based out of our Columbia, MD office. As a DAO3., you will serve on a team that is responsible for the Authorization and Assessment process under the Risk Management Framework (RMF) for new and existing information systems and will be expected to maintain Authority to Operate compliance for all assigned systems. **Responsibilities:** + Responsible for assisting in identifying the overall security requirements for the protection of data, to ensure the implementation of appropriate information security controls, and perform and analyze the security risk assessment, risk analysis, risk management process, security control assessments, and awareness activities for systems and networking operations. + Provide assistance to ensure Cybersecurity functions are included in the configuration management process. + Interact with customers, Information Technology (IT) staff, and high-level corporate officers in defining and achieving required Cybersecurity objectives for the organization. + Contribute to building security architecture. + Assist with the integration of legacy systems. Contribute to the acquisition/RDT&E environment and building Cybersecurity into systems deployed in operational environments. + Prepare security authorization documentation. \#javelin **Here’s What You’ll Need:** + Eight (8) years of related work experience as an IT Risk Assessor, System Security Engineer, Information Systems Security Manager or DAO. + A Bachelor’s degree in Computer Science, Information Technology Engineering, or related field. + In lieu of a Bachelor's degree, an additional four (4) years of experience for a total of twelve (12) years. + DoD 8570.1 compliant IAM Level III certification, such as the GSLC, CISM, CISSP (or associate) certification. + US Citizen with an active TS/SCI and a current full scope polygraph. + Working knowledge of the following is required: system security design process, defense-in depth/breadth, engineering life cycle, information domains, cross-domain solutions, controlled interfaces, identification, authentication and authorization, system integration, ICD 503 (formerly NISCAP), risk management, intrusion detection, contingency planning, incident handling, configuration control, change management, auditing, security authorization process, principles of Cybersecurity (confidentiality, integrity, non-repudiation, availability, access control), and security testing **Must be able to:** + Analyze Cybersecurity built into systems to be deployed to operational environments + Prepare risk assessment, plan of actions, authorization recommendations, and related security authorization documentation + Identify and support overall security requirements for the protection of data to ensure the implementation of information security policies, activities, and controls + Ensure Cybersecurity functions are included in the development and risk management process, particularly those focusing on infrastructure protection and defensive IT strategy + Facilitate interaction with customers, IT staff, and high-level corporate officers to assist in defining and achieving required risk management objectives for the organization + Support integration of legacy systems within respective IT environment. **Pay Transparency** Amentum’s health and welfare benefits are designed to invest in you and in the things you care about. Your health. Your well-being. Your security. Your future. Eligible employees and their dependents may elect medical, dental, vision, and basic life insurance. Employees are able to enroll in our company’s 401k plan, and, if eligible, a deferred compensation plan and Executive Deferral Plan. Employees will also receive 17 days of vacation per year, seven paid holidays, plus floating holidays and caregiver leave. Hired applicants will be able to purchase company stock and have the opportunity to receive a performance discretionary bonus. The base salary range for this position is $177K to $220K. This range reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.