AECOM Jobs

Company Description

At AECOM, we’re delivering a better world.

We believe infrastructure creates opportunity for everyone. Whether it’s improving your commute, keeping the lights on, providing access to clean water or transforming skylines, our work helps people and communities thrive.

Our clients trust us to bring together the best people, ideas, technical expertise and digital solutions to our work in transportation, buildings, water, the environment and new energy. We’re one global team – 47,000 strong – driven by a common purpose to deliver a better world.

Here, you will have freedom to grow in a world of opportunity.

We will give you the flexibility you need to do your best work with hybrid work options. Whether you’re working from an AECOM office, remote location or at a client site, you will be working in a dynamic environment where your integrity, entrepreneurial spirit and pioneering mindset are championed.

You will help us foster a culture of equity, diversity and inclusion – a safe and respectful workplace, where we invite everyone to bring their whole selves to work using their unique talents, backgrounds and expertise to create transformational outcomes for our clients.

We will encourage you to grow and develop your career with us through our technical and professional development programs and diverse career opportunities. We believe in leadership at all levels. No matter where you sit in the organization you can make a lasting impact on the projects you work on, the teams and committees you join and our business.

We offer competitive pay and benefits, well-being programs to support you and your family, and the development resources you need to advance your career.

When you join us, you will connect and collaborate with a global network of experts – planners, designers, engineers, scientists, consultants, program and construction managers – leading the change toward a more sustainable and equitable future. Join us and let’s get started.

Job Description

Role and Responsibilities

• Evaluate requests for third party engagements

• Triage/complete requests from AECOM clients regarding AECOM’s control environment

• Collaborate with business requestors, procurement, legal, and other teams to ensure questionnaires are

• completed timely

• Collaborate with security/IT team members to ensure a full understanding of security controls, technology, and

• architecture

• Conduct initial and periodic third party risk assessments

• Review responses to security questionnaires, SOC 1 and SOC 2 assessment reports received from third parties to

• identify potential risk to AECOM

• Identify gaps/issues based on third party and/or client standards relative to security postures

• Devise remediation plans and monitor to ensure adherence by third parties and AECOM security/IT

• Build and maintain an inventory of third parties

• Establish and maintain a central repository of security questions/answers

• Review third party and client contracts to validate appropriate security requirements and commitments

• Manager AECOM’s response to existing and potential business partners/clients/third parties security due diligence (questionnaires, site visits, etc.)

Qualifications

• 2-3 years of career experience related to information security, IT, audit, third party, and/or risk

• Manage, enhance and implement the framework, policies, procedures and program governance to ensure alignment of TPRM with industry best practices and regulatory requirements (NIST, FFIEC, OCC, etc.)

• Develop tactical and strategic plans to evolve the third-party risk management program to ensure compliance with new regulations and alignment with industry best practices

• Experience in completing and reviewing security and/or privacy questionnaires

• Strong knowledge of security best practices (ISO, NIST Cybersecurity Framework, etc.)

• Strong prioritization and organizational skills

• Ability to develop, document, and maintain procedures

• Strong verbal communication with the ability to advise management regarding third party and client risk

• management

• Knowledge of RSA’s Archer GRC platform desirable

Additional Information

Additional information

With infrastructure investment accelerating worldwide, our services are in great demand, and there’s never been a better time to be at AECOM! Join us, and you’ll get all the benefits of being a part of a global, publicly traded firm – access to industry-leading technology and thinking and transformational work with big impact and work flexibility.

AECOM provides a wide array of compensation and benefits programs to meet the diverse needs of our employees and their families. We also provide a robust global well-being program. We’re the world’s trusted global infrastructure firm, and we’re in this together – your growth and success are ours too.

As an Equal Opportunity Employer, we believe in each person’s potential, and we’ll help you reach yours.

Join us and let’s get started.

All your information will be kept confidential according to EEO guidelines.

With infrastructure investment accelerating worldwide, our services are in great demand, and there’s never been a better time to be at AECOM! Join us, and you’ll get all the benefits of being a part of a global, publicly traded firm – access to industry-leading technology and thinking and transformational work with big impact and work flexibility.

AECOM provides a wide array of compensation and benefits programs to meet the diverse needs of our employees and their families. We also provide a robust global well-being program. We’re the world’s trusted global infrastructure firm, and we’re in this together – your growth and success are ours too.

As an Equal Opportunity Employer, we believe in each person’s potential, and we’ll help you reach yours.

Join us and let’s get started.

ReqID: REF20578Z

Business Line: Geography OH

Business Group: DCS

Strategic Business Unit: GBS

Career Area: Program & Project Management

Work Location Model: Hybrid