Data Security Analyst

• Data Classification & Governance: Support organization-wide data classification programs tailored for international and government contexts. Coordinate and maintain classification schemas (e.g., Public, Internal, Confidential, Restricted/Sensitive, Classified) and ensure consistent tagging and handling of data in warehouses and pipelines.
• Data Warehouse Security: Implement and maintain classification-driven security controls in data warehouses (Snowflake, Redshift, BigQuery, Databricks, Azure Synapse, Microsoft Fabric or on-prem solutions), including RBAC, column/row-level security, dynamic data masking, encryption at rest, and audit logging.
• International Compliance & Cross-Border Data Flows: Manage data sovereignty, localization requirements, and cross-border transfer mechanisms (Standard Contractual Clauses, Binding Corporate Rules, adequacy decisions). Ensure compliance with GDPR, LGPD, PIPL, CCPA/CPRA, and other regional regulations.
• Government & Regulatory Compliance: Support FedRAMP, FISMA, NIST 800-53, CMMC, ITAR, or equivalent government frameworks. Prepare for audits, maintain Authorization to Operate (ATO) evidence, and implement required security controls for government contracts or public sector data.
• ETL/Pipeline & Interface Security: Secure data ingestion, transformation, and movement processes with classification-aware controls. Protect interfaces (APIs, SFTP, EDI, messaging queues) using TLS, mutual authentication, encryption, and DLP policies suitable for international and government data exchanges.
• Access Management & Least Privilege: Enforce strict access controls based on data classification, user clearance levels (where applicable), and need-to-know principles. Manage privileged access and conduct regular access reviews and recertifications.
• Risk Assessment, Auditing & Monitoring: Support risk assessments, vulnerability scans, and penetration testing focused on international data flows and government environments. Monitor logs and support Cyber Security use of SIEM tools to detect threats or compliance violations.
• Incident Response & Forensics: Support security incident investigations involving data warehouses, ensuring proper handling per government and international breach notification requirements.
• Collaboration: Partner with data engineering, compliance, legal, and government stakeholders to embed security and classification into data architecture and pipelines. Advise on secure data sharing with international partners or government agencies.
• Perform other responsibilities as assigned.

• Deep knowledge of data classification frameworks and tools in regulated settings.
• Strong understanding of:
• International privacy and data protection laws (GDPR, Schrems II, etc.)
• U.S. Government standards (FedRAMP, NIST, FISMA, DoD SRG)
• Cloud security and compliance (AWS, Azure, GCP Government Cloud)
• Skill in supporting security risk assessments and forensic investigations compliant with global breach notification laws.
• Ability to translate complex international privacy and government regulations into actionable, automated technical controls.
• Skill in maintaining clear, audit-ready evidence for internal/external auditing and corporate compliance records.
• Strong analytical, critical thinking, and problem-solving skills with a strategic mindset. Capacity to navigate ambiguity and make data-driven decisions.
• Ability to work effectively in a fast-paced and dynamic environment. Ability to work both independently and collaboratively in a team environment.
• Ability to present complex technical information to a non-technical audience.
• Strong collaboration and interpersonal skills.
• Strong communication skills.
• Industry-specific knowledge and experience related to the organization's projects are preferred (Cyber, Infrastructure, Application Development, etc.)., * Bachelor's degree in Computer Science, Information Security, Cybersecurity, or related field.
• Typically, five (5) years of experience in data security, with specific experience in international (multi-jurisdictional) and/or government / public sector environments.
• Hands-on experience with major cloud and on-premise data platforms in secure environments.
• Experience implementing encryption, key management, DLP, and secure data exchange protocols.
• US Citizenship is required.

Preferred Skills & Certifications:

• Security certifications: CISSP, CISM, CCSP, CRISC, CDPSE, or government-specific (e.g., Security+, CAP).
• Cloud certifications: AWS Certified Security, Azure Security Engineer, Google Cloud Professional Security Engineer (Government Cloud experience highly valued).
• Familiarity with data governance platforms (Microsoft Purview, Collibra, Alation) and automated classification tools.
• Experience with hybrid/multi-cloud architectures and secure government cloud environments (AWS GovCloud, Azure Government, etc.).
• Scripting skills (Python, SQL, PowerShell) for automation of classification, monitoring, and compliance reporting.
• Strong ability to translate complex regulatory requirements into practical technical controls.

Our health and welfare benefits are designed to support you and your priorities. Offerings include:

• Health, dental, and vision insurance
• Paid time off and holidays
• Retirement benefits (including 401(k) matching)
• Educational reimbursement
• Parental leave
• Employee stock purchase plan
• Tax-saving options
• Disability and life insurance
• Pet insurance

Note: Benefits may vary based on employment type, location, and applicable agreements. Positions governed by a Collective Bargaining Agreement (CBA), the McNamara-O'Hara Service Contract Act (SCA), or other employment contracts may include different provisions/benefits.

Amentum is a global leader in advanced engineering and innovative technology solutions, trusted by the United States and its allies to address their most significant and complex challenges in science, security and sustainability. Our people apply undaunted curiosity, relentless ambition and boundless imagination to challenge convention and drive progress. Our commitments are underpinned by the belief that safety, collaboration and well-being are integral to success. Headquartered in Chantilly, Virginia, we have approximately 50,000 employees in more than 70 countries across all 7 continents.