Senior Compliance Engineer

Compliance Engineer

Amentum seeks a Compliance Engineer. Amentum is a global leader in advanced engineering and innovative technology solutions, trusted by the United States and its allies to address their most significant and complex challenges in science, security, and sustainability. Headquartered in Virginia, we have more than 53,000 employees in approximately 80 countries across all 7 continents. The Compliance Engineer is a remote-telework position that supports our ISO 27001 adherence and other cybersecurity related frameworks, in governance, risk, and information assurance. This role supports Amentum’s data protection requirements through the assessment of controls and working with teams through the mitigation process. Qualified candidates will need a versatile skill set that emphasizes ISO 27001 comprehension, technology, effective collaboration, critical thinking, analytical prowess, ability to crosswalk multiple frameworks, and strong communication skills. US Citizenship is required to apply. This is a US remote-telework role (you must live within the US to work remote).

Essential Responsibilities

• ISO 27001 Adherence & Certification
• Control Implementation, Monitoring & Continuous Improvement
• Audits, Risk Assessments & Adherence Support
• Documentation, Reporting & Metrics
• Collaboration & Advisory
• Training & Awareness
• Vendor & Third-Party Risk Management
• Travel may be required, up to 30%.

Knowledge, Skills and Abilities

Ability to work independently, manage multiple projects, and influence stakeholders at all levels of the organization. Excellent problem-solving, documentation, and communication skills, with the ability to educate and collaborate with cross-functional teams.

Minimum Qualifications

Bachelor’s degree in IT, Cybersecurity or a related field. Two years of related experience can be substituted for each of the four years of college. Minimum of 5 years of hands-on experience in compliance frameworks such as ISO 27001, NIST SP 800-53, NIST SP 800-171, Cyber Security Framework, Secure Controls Framework, Cybersecurity, and IT risk management to include some international or UK experience. Prefer defense or government contracting industry experience. Strong understanding of ISO 27001 requirements and specific regulations governing the DIB sector, including FAR, DFARS, NIST SP 800-53, NIST SP 800-171, CMMC, TAA, and ITAR, with the ability to transfer and reuse controls across multiple frameworks. Experience implementing and maintaining an Information Security Management System (ISMS) in compliance with ISO 27001. Strong knowledge of information security controls, risk management, and internal audit processes. Relevant certifications such as ISO 27001 Lead Implementer, ISO 27001 Lead Auditor, CISA, or CISSP are highly preferred. US Citizenship is required. Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, sex, sexual orientation, pregnancy (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, ancestry, United States military or veteran status, color, religion, creed, marital or domestic partner status, medical condition, genetic information, national origin, citizenship status, low-income status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law.