AECOM Cybersecurity Analyst II in Fallon, Nevada

Requisition/Vacancy No. 146763BR

Position Title Cybersecurity Analyst II

Job Category Information Technology

Business Line Government

Country United States of America

State/Province/Region USA - Nevada

City Fallon

Why Choose AECOM? AECOM is a premier, fully integrated professional and technical services firm positioned to design, build, finance and operate infrastructure assets around the world for public- and private-sector clients. With nearly 100,000 employees — including architects, engineers, designers, planners, scientists and management and construction services professionals — serving clients in over 150 countries around the world, AECOM is ranked as the #1 engineering design firm by revenue in Engineering News-Record magazine’s annual industry rankings, and has been recognized by Fortune magazine as a World’s Most Admired Company. The firm is a leader in all of the key markets that it serves, including transportation, facilities, environmental, energy, oil and gas, water, high-rise buildings and government. AECOM provides a blend of global reach, local knowledge, innovation and technical excellence in delivering customized and creative solutions that meet the needs of clients’ projects. A Fortune 500 firm, AECOM companies, including URS Corporation and Hunt Construction Group, have annual revenue of approximately $19 billion. More information on AECOM and its services can be found at www.aecom.com.

About the Business Line

Government

AECOM works with national and local governments around the world to manage and support critical programs in the areas of defense, security and intelligence; energy and climate change; environmental cleanup and waste management; infrastructure development, protection and resilience; and international development. Our global operations and connected expertise enable us to provide cutting-edge, relevant and cost-effective solutions that help our clients safeguard and enrich society and the world we live in.

Job Summary

Member of a geographically dispersed Cybersecurity team responsible for the security of systems supporting an unclassified and classified Wide Area Network infrastructure.

Responsible for:

  • Maintaining Network Auditing systems to detect, track, and report malicious computer-related activities and incidents.

  • Securing Networks and Operating Systems (Cisco, Windows, Linux) to Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) standards

  • Conducting Network Vulnerability Scanning and Vulnerability Assessment

  • Information Systems Patch Management and Information Assurance Vulnerability Alerts (IAVA) compliance.

Essential Responsibilities:

  • Monitor information system activity, collect, review, and retain audit logs to include system logs and records and determine actions to be taken when discrepancies are detected.

  • Performs analysis to validate established security processes and recommend additional security steps to ensure compliance with applicable DOD IA requirements and baseline IA controls.

  • Conduct network security vulnerability assessments using DoD provided scanning tools and liaison with network administrators to correct identified problems.

  • Review Information Assurance Vulnerability Alerts (IAVA) for applicability and impact to the range networks. Ensure that all systems are patched and report compliance.

  • Evaluate information systems for compliance with Defense Information Security Agency (DISA) Security Technical Implementation Guideline (STIG) and review measures needed to bring systems into compliance.

  • Conduct vulnerability scanning for new information system deployment or systems temporary connected to support training events or testing.

  • Verify all Virus Signatures are kept up to date, and Automated and Manual Virus Scans are documented, scheduled and are being completed.

  • Assist in evaluation of Information Systems for compliance with Government statutes, DoD 8500.2 IA Controls, DoD FISMA directives, policies and regulations.

  • Assist the Cybersecurity Manager with the development of the IA related Procedures, and Work Instructions.

Minimum Requirements

Requires Bachelor’s Degree in an Information Technology related discipline (computer science, information system management, etc) and 2 years of IT/IA experience. In lieu of degree at least 6 years equivalent combination of training and experience in the areas of:

  • Information System Security

  • Risk Analysis

  • Network Security Auditing

  • Host Based Security System (HBSS) Administration

  • Assured Compliance Assessment Solution (ACAS) Administration

  • VMware Administration

  • DoD Certification and Accreditation

  • Risk Management Framework

Minimum Position Requirements(Must meet certification and training within six months of date of hire):

  • Must maintain DoD 8570.1 certification requirements for IAT-II

  • Requires documented training in Microsoft Windows Server or Cisco Administration

  • Position requires ability to provide coverage outside normal working hours or shifts in daily hours

  • Requires a current Secret Security Clearance and ability to pass an SSBI investigation

  • Requires a valid state issued driver's license.

Preferred Qualifications Local candidates preferred.

What We Offer

AECOM is a place where you can put your innovative thinking and business skills into high gear and work alongside other highly intelligent and motivated people. It's a place where you can apply your skills to some of the world's most challenging, interesting, and meaningful projects worldwide. It's a place that values the diversity of our areas of practice and our people. It's what makes AECOM a great place to work and grow.

AECOM is an equal opportunity employer and Minorities, Females, Veterans, and Disabled persons are encouraged to apply. For further information, please click here at http://www.aecom.com/content/wp-content/uploads/2016/01/EEO-is-the-Law-poster-supplement.pdf to view the EEO Is The Law poster.