AECOM East Coast Cybersecurity Manager in Virginia Beach, Virginia

Requisition/Vacancy No. 151418BR

Position Title East Coast Cybersecurity Manager

Job Category Information Technology

Business Line Government

Country United States of America

State/Province/Region USA - Virginia

City Virginia Beach

Why Choose AECOM? AECOM is a premier, fully integrated professional and technical services firm positioned to design, build, finance and operate infrastructure assets around the world for public- and private-sector clients. With nearly 100,000 employees — including architects, engineers, designers, planners, scientists and management and construction services professionals — serving clients in over 150 countries around the world, AECOM is ranked as the #1 engineering design firm by revenue in Engineering News-Record magazine’s annual industry rankings, and has been recognized by Fortune magazine as a World’s Most Admired Company. The firm is a leader in all of the key markets that it serves, including transportation, facilities, environmental, energy, oil and gas, water, high-rise buildings and government. AECOM provides a blend of global reach, local knowledge, innovation and technical excellence in delivering customized and creative solutions that meet the needs of clients’ projects. A Fortune 500 firm, AECOM companies, including URS Corporation and Hunt Construction Group, have annual revenue of approximately $19 billion. More information on AECOM and its services can be found at

About the Business Line


AECOM works with national and local governments around the world to manage and support critical programs in the areas of defense, security and intelligence; energy and climate change; environmental cleanup and waste management; infrastructure development, protection and resilience; and international development. Our global operations and connected expertise enable us to provide cutting-edge, relevant and cost-effective solutions that help our clients safeguard and enrich society and the world we live in.

Job Summary

Leads range network Cybersecurity operations and assists in the direction of work of all local and coast range Cybersecurity team members in accordance with contract requirements including:

  • Certification & Accreditation efforts

  • Network boundary protection

  • HBSS Administration

  • ACAS Administration

  • Monitoring of information system activity

  • Execute and review system audits to include system logs and records

Provides Cybersecurity leadership as needed for technical staff to deploy new capabilities on schedule and operate them securely.

Oversee network Information Assurance Vulnerability Alerts (IAVA) compliance.

Review networks/systems for compliance with Government statutes, DoD 8500.2 IA Controls, DoD FISMA directives, DoD and DoN policies and regulations in accordance with contract requirements.

Coordinate, write, edit, review, and assess DIACAP/RMF packages. Supports annual review of all Certification and Accreditation Documents, Local IA Procedures and Work Instructions to ensure enforceability and accountability of the current network environment.

Develop and maintain a Plan of Action and Milestone (POA&M) in order to track the resolution of vulnerabilities identified on systems.

Document, evaluate, and report all security risks and violations to Range and Program Office Management.

Assist with Commands Security Violation and Incident Reporting procedures.

Ensure IA requirements are identified and included in the design, acquisition, installation, operation, upgrade, or replacement of all Information Technology (IT) dependent systems.

Assist in the development of and implementation of configuration management procedures as a member of the Configuration Management Board

Assist the ISSM with the development of the IA Department and related Policies, Procedures, and Work Instructions.

Minimum Requirements

Minimum Education Level

Requires BS/BA technical degree (engineering, computer science, information systems, etc) plus 6 years progressively relevant work experience in the areas of:

  • DoD Certification and Accreditation

  • Information Systems Security

  • Vulnerability Assessment and Mitigation

  • Network Administration

  • Risk Analysis

  • Network Security Auditing

Minimum Experience Requirements:

  • Lifecycle support of the DoD Certification and Accreditation (C&A) Process (DIACAP or RMF)

  • Managing C&A using Enterprise Mission Assurance Support Service (eMASS)

  • Conducting Network Vulnerability Scanning, Assessment, and Mitigation

  • Security Event Correlation and Security Monitoring

  • Security Test and Evaluation (ST&E) procedures

-Securing Networks and Operating Systems (Cisco, Windows, and Linux) to Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) standards.

  • Host Based Security System (HBSS) Administration

  • Assured Compliance Assessment Solution (ACAS) Administration

  • Installation and monitoring of network IDS and firewalls such as Cisco ASA or other similar technologies.

Minimum Position Requirements:

  • Secret Clearance with (SSBI) investigation

  • Must maintain DoD 8570.1 certification requirements for IAT-III

  • Security education which provides familiarity with all aspects of DoD and DON Cybersecurity

  • Enterprise Mission Assurance Support Services (eMASS) training

  • Assured Compliance Assessment Solutions (ACAS) training

  • Host Based Security System (HBSS) training

Preferred Qualifications VM Ware experience

What We Offer

AECOM is a place where you can put your innovative thinking and business skills into high gear and work alongside other highly intelligent and motivated people. It's a place where you can apply your skills to some of the world's most challenging, interesting, and meaningful projects worldwide. It's a place that values the diversity of our areas of practice and our people. It's what makes AECOM a great place to work and grow.

AECOM is an equal opportunity employer and Minorities, Females, Veterans, and Disabled persons are encouraged to apply. For further information, please click here at to view the EEO Is The Law poster.


Please note that AECOM does not accept unsolicited resumes from recruiters or employment agencies. In the absence of a signed Recruitment Fee Agreement, AECOM will not consider or agree to payment of any referral compensation or recruiter fee. In the event a recruiter or agency submits a resume or candidate without a previously signed agreement, AECOM explicitly reserves the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of AECOM.