AECOM Cybersecurity Analyst in Fallon, Nevada
United States of America - Nevada, Fallon
Purpose and Scope:
Provide cyber network operations support an analysis of Navy’s Combined Tactical Training Network.
Monitor information system activity, collect, review, and retain audit logs to include system logs and records and determine actions to be taken when discrepancies are detected.
Collect and review audit data of network activity to support technical analysis relating to misuse, penetration reconstruction, or other security investigations. Investigate and report actual or suspected information systems security incidents, events, or violations and report to the Cybersecurity Manager.
Performs analyses to validate established security processes and recommend additional security steps to ensure compliance with applicable DOD IA requirements and baseline IA controls.
Conduct network security vulnerability assessments using DoD provided scanning tools and liaison with network administrators to correct identified problems.
Review Information Assurance Vulnerability Alerts (IAVA) for applicability and impact to the range networks. Ensure that all systems are patched and report compliance or problems in achieving compliance to the Cybersecurity Manager.
Evaluate information systems for compliance with Defense Information Security Agency (DISA) Security Technical Implementation Guideline (STIG) and review measures needed to bring systems into compliance.
Conduct vulnerability scanning for new information system deployment or systems temporary connected to CTTR enclaves to support training events or testing. Ensure new information systems are configured in accordance with current DISA STIG’s and DoD/DoN Directives.
Verify all Virus Signatures are kept up to date, and Automated and Manual Virus Scans are documented, scheduled and are being completed. React to and report actual or suspected events to the Cybersecurity Manager.
Assist in evaluation of Information Systems for compliance with Government statutes, DoD 8500.2 IA Controls, DoD FISMA directives, policies and regulations.
Assist the Cybersecurity Manager with the development of the IA related Procedures, and Work Instructions.
Attend IA security training as required to maintain and gain knowledge and skills of current IA issues.
Supports the Computer Systems Analyst to determine limitations of existing systems and performs duties as alternate Systems Administrator.
Position requires ability and commitment to provide coverage outside normal working hours or shifts in daily hours, as warranted, not to interfere with Range Operations.
Documents maintenance actions in IEMS.
Reports to: Network Cybersecurity Manager
Work Environment, Physical Demands, and Mental Demands:
Typical office environment with no unusual hazards, occasional lifting to 20 pounds, constant sitting while using the computer terminal, constant use of sight abilities while reviewing documents, constant use of speech/hearing abilities for communication, constant mental alertness, must possess planning/organizing skills, and must be able to work under deadlines. Routine travel to remote site facilities may be involved.
Minimum Position Knowledge, Skills, and Abilities Required:
Prefers Bachelor’s Degree in an Information Technology related discipline (engineering, computer science, information systems, etc) and 2 years of IT/IA experience or at least 6 years of experience in lieu of degree in a combination of IA Training, IT Certification and progressive work experience in the areas of
Information System Security
IT System Implementation and Maintenance
Minimum Experience Requirements:
Hands on experience in the following areas:
Maintaining Network Auditing systems to detect, track, and report malicious computer-related activities and incidents.
Installation, maintenance and administration of information systems to include Windows and Linux desktops and servers.
Working knowledge in securing Networks and Operating Systems to Defense Information Systems Agency (DISA) Security
Technical Implementation Guide (STIG) standards including Windows and Linux Servers and Workstations.
Conducting Network Vulnerability Scanning and Vulnerability Assessment,
Information system security monitoring and security event correlation.
Information systems patch management and Information Assurance Vulnerability Alerts (IAVA) compliance.
Installation and monitoring of network and host-based IDS and firewalls such as Cisco PIX\ASA firewalls, HBSS, Snort or other similar technologies.
Minimum Position Specific Training Required:
Must maintain DoD 8570.1 certification requirements for IAT-II
Requires documented training in one of the following areas, network infrastructure (Cisco), Microsoft Windows, Linux OS
VMware training desirable.
Host Based Security System (HBSS) Training Certification of Completion.
Citizenship and Security Clearance Requirements
Must possess and maintain an active DoD Security clearance with SSBI
This position has been designated as a Cyber IT/Cybersecurity Workforce position in specialty area 61 and as a condition of employment incumbents of the position are required to comply with the DON Cyber IT/CSWF Program requirements of SECNAV M-5239.2, which include:
Earn and maintain appropriate credentials from the Cyber IT/CSWF Qualification Matrix (described in SECNAV M-5239.2) associated with the specialty area and level commensurate with the scope of major assigned duties for the position to which you are assigned, and;
Participate in a continuous learning program as described in SECNAVINST 1543.2. A minimum of 40 hours of Cyber IT/CSWF related continuous learning annually documented in a current individual development plan signed by both the employee and supervisor.
Experience with creation and/or management of RMF Packages
Experience with Accreditation package management in eMASS
Possession of excellent customer service and organization skills
Possession of excellent oral and written communication skills
What We Offer
When you join AECOM, you become part of a company that is
pioneering the future . Our teams around the world are involved in some of the most cutting-edge and innovative projects and programs of our time, addressing the big challenges of today and shaping the built environment for generations to come. We ensure a workplace that encourages growth, flexibility and creativity, as well as a company culture that champions
inclusion, diversity and overall
employee well-being through programs supported by company leadership. Our
core values define who we are, how we act and what we aspire to, which comes down to not only
delivering a better world , but working to “make amazing happen” in each neighborhood, community and city we touch. As an Equal Opportunity Employer, we believe in each person’s potential, and we’ll help you reach yours.
Job Category Information Technology
Business Line Management Services
Business Group Management Services Group (MS)
Country United States of America
Position Status Full-Time
Requisition/Vacancy No. 223185BR
Clearance Required Yes
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.