AECOM Senior Cyber Defense Analyst in Suffolk, Virginia

Requisition/Vacancy No. 149214BR

Position Title Senior Cyber Defense Analyst

Job Category Information Technology

Business Line Government

Country United States of America

State/Province/Region USA - Virginia

City Suffolk

Why Choose AECOM? AECOM is a premier, fully integrated professional and technical services firm positioned to design, build, finance and operate infrastructure assets around the world for public- and private-sector clients. With nearly 100,000 employees — including architects, engineers, designers, planners, scientists and management and construction services professionals — serving clients in over 150 countries around the world, AECOM is ranked as the #1 engineering design firm by revenue in Engineering News-Record magazine’s annual industry rankings, and has been recognized by Fortune magazine as a World’s Most Admired Company. The firm is a leader in all of the key markets that it serves, including transportation, facilities, environmental, energy, oil and gas, water, high-rise buildings and government. AECOM provides a blend of global reach, local knowledge, innovation and technical excellence in delivering customized and creative solutions that meet the needs of clients’ projects. A Fortune 500 firm, AECOM companies, including URS Corporation and Hunt Construction Group, have annual revenue of approximately $19 billion. More information on AECOM and its services can be found at

About the Business Line


AECOM works with national and local governments around the world to manage and support critical programs in the areas of defense, security and intelligence; energy and climate change; environmental cleanup and waste management; infrastructure development, protection and resilience; and international development. Our global operations and connected expertise enable us to provide cutting-edge, relevant and cost-effective solutions that help our clients safeguard and enrich society and the world we live in.

Job Summary

AECOM is actively seeking a Senior Cyber Defense Analyst to provide cybersecurity technical support to the Joint Staff J7. The position will be located at the Joint Staff facility in Suffolk, VA. The Analyst will provide Tier III Cybersecurity analysis in support of unclassified and classified Authorization and Accreditation (A&A) requirements. The ideal candidate will have general knowledge across cyber-related functional areas including Event Cybersecurity, Tools & PKI, Analysis and Reporting, A&A, System/SW cybersecurity engineering and Cybersecurity CM.

Essential Responsibilities:

  1. Provide Subject Matter Expertise to aid Program Managers in the development of A&A documentation.

  2. Perform a technical review of A&A documentation for compliance with applicable DoD and Joint Staff cybersecurity policies.

  3. Perform system Information Assurance Vulnerability Management (IAVM)

  4. Perform Security Technical Implementation Guidance (STIG) compliance audits.

  5. Perform risk analysis and recommend and mitigate controls.

  6. Assess security compliance, support program security reviews, and coordinate and compile security-related documentation.

  7. Assist with the preparation and revision of J7 cybersecurity policy and guidance documents for specific cybersecurity related technologies.

  8. Provide critical written and oral analysis of security architecture documentation and vulnerability and risk assessments.

  9. Assist in the development of plan of actions and milestones (POA&M) and tracking of milestones within POA&Ms directly related to cybersecurity requirements.

  10. Perform validation of cyber security controls in support of Assessment and Authorization (A&A) efforts.

  11. Coordinate with system owners to ensure the appropriate A&A artifacts are developed to support system authorization.

  12. Develop IT sustainment documents and actions and renewal documentation.

  13. Provide security incident reports as required outlining the specific security issue, critical concerns, and remediation actions required to resolve or mitigate the vulnerabilities.

  14. Serve as security advisor to the Government in all aspects of Cybersecurity and Risk Management Framework (RMF). to ensure the JS J7 meets all requirements.

  15. Coordinate a team to identify attempted and successful penetrations and information attacks and develop COAs.

  16. Perform other relevant duties as required.

Minimum Requirements

  • Bachelor's degree in technical field and at least 7 years of job-related experience; Vocational/Technical school; or Associate's degree and at least 10 years of job related experience; or equivalent experience in a military and/or department of defense environment.

  • Excellent communications and analytical skills; working knowledge of computer systems and integrated software application programs.

  • Must be DOD 8570 Information Assurance Manager (IAM) III Compliant.

  • Requires an active security clearance at the secret level with ability to upgrade to Top Secret.

Preferred Qualifications

  • Incident response experience

  • Experience with Computer Network Defense (CND) tools ACAS and HBSS

  • Knowledge of the quarantine process

What We Offer

AECOM is a place where you can put your innovative thinking and business skills into high gear and work alongside other highly intelligent and motivated people. It's a place where you can apply your skills to some of the world's most challenging, interesting, and meaningful projects worldwide. It's a place that values the diversity of our areas of practice and our people. It's what makes AECOM a great place to work and grow.

AECOM is an equal opportunity employer and Minorities, Females, Veterans, and Disabled persons are encouraged to apply. For further information, please click here at to view the EEO Is The Law poster.