Recruitment fraud warning: Click here for more information.

AECOM Careers. Work with us. Change the world. We believe infrastructure has the power to uplift communities and improve people's lives.

Job Information

AECOM Manager, Threat and Vulnerability Management in Los Angeles, California

Job Summary

AECOM is seeking a Manager, Threat and Vulnerability Management to join our Corporate IT/IS team. This position will be remote/virtual and can be based from a variety of locations in North America.

Vulnerability management is a critical focus for AECOM; The Manager of Threat and Vulnerability Management will support and expand AECOM’s Threat and Vulnerability Management capabilities globally. The Manager will work as part of an integrated security team with Security Operations, Security Engineering, and peer stakeholders throughout IT. The Manager will engage directly, ensuring vulnerabilities are detected, prioritized and remediation/mitigation actions are executed. Additionally, the Manager will play a key role in operational reporting & metrics, ultimately ensuring that the vulnerability management program is operating efficiently and reducing risk as intended.


  • Exposure to a broad range of department and/or system analysis

  • Ability to manage individuals and teams while managing the daily operations of the department

  • Maintains knowledge to ensure compliance with Network Operations standards, policies, and procedures.

  • Expert-level understanding of vulnerability management, compliance, SDLC, application assessment, static code analysis, risk assessment, and penetration testing knowledge.

  • Ability to perform duties in a very fast-paced environment and ability to learn new technology quickly

  • Ability to read, write and speak the English language to communicate with employees, customers, suppliers, in person, on the phone, and by written communications in a clear, straightforward, and professional manner

  • Skilled at working in a team environment as well as in cross functional team situations

At AECOM, we’re delivering a better world.

We believe infrastructure creates opportunity for everyone. Whether it’s improving your commute, keeping the lights on, providing access to clean water or transforming skylines, our work helps people and communities thrive.

Our clients trust us to bring together the best people, ideas, technical expertise and digital solutions to our work in transportation, buildings, water, the environment and new energy. We’re one global team – over 50,000 strong – driven by a common purpose to deliver a better world.

Minimum Requirements

  • BA/BS plus at least 8 years of relevant experience in security operations, vulnerability management, or cyber security risk management, or demonstrated equivalency of experience and/or education

  • 5 or more years of VM experience to include planning, coordinating, developing, performing, and analyzing vulnerability scans, reports, and dashboards using industry standard vulnerability scanning tools.

  • Strong understanding of vulnerability scanning tools to ensure those tools are configured to avoid causing a denial or interruption of service. Strongly prefer recent Qualys experience.

  • Proven analytical skills to assess and troubleshoot vulnerability management issues, identify/remove false positives from assessment results, identify/document threat/vulnerability trends, and recommend/implement compensating controls and or corrective actions.

  • Broad and lengthy technical background with strong understanding of network architectures and, operating systems (e.g. Microsoft-All, Linux-RedHat and AWS Linux), network equipment, web platforms, and databases.

  • Familiar with Patch and Application Management in an ITIL environment.

  • Extensive knowledge with NIST (e.g. SP 800-40v.3, 800-53v.5 and related publications) for Vulnerability Management requirements and guidelines.

  • Experience with CIS Benchmarks and implementation of the same.

Preferred Qualifications

  • Experience integrating cyber threat intelligence, particularly emerging threats and advance persistent threats, with vulnerability management operational processes is highly desirable.

  • Knowledge of or experience with industry-standard secure coding best practices, such as the OWASP Top 10 would be a plus.

  • Familiarity with Risk Sense and Qualys would be a plus.

Additional Information:

  • Sponsorship for US or Canada work authorization is not available for this position

  • Due to the remote nature of this position, relocation assistance is not available.

Offered rate of compensation (Colorado locations only) will be based on individual education, qualifications, experience, and work location. The salary range for this position is $103,000 - $190,000.

AECOM is proud to offer a comprehensive benefits program to meet the diverse needs of our employees. Depending on your employment status, AECOM benefits may include medical, dental, vision, life, AD&D and disability benefits, paid time off, leaves of absence, voluntary benefits, perks, wellness and global well-being, and global EAP, Business Travel and Service Awards programs.

What We Offer

We will give you the flexibility you need to do your best work with hybrid work options. Whether you’re working from an AECOM office, remote location or at a client site, you will be working in a dynamic environment where your integrity, entrepreneurial spirit and pioneering mindset are championed. You will help us foster a culture of equity, diversity and inclusion – a safe and respectful workplace, where we invite everyone to bring their whole selves to work using their unique talents, backgrounds and expertise to create transformational outcomes for our clients. We will encourage you to grow and develop your career with us through our technical and professional development programs and diverse career opportunities. We believe in leadership at all levels. No matter where you sit in the organization you can make a lasting impact on the projects you work on, the teams and committees you join and our business. We offer competitive pay and benefits, well-being programs to support you and your family, and the development resources you need to advance your career. When you join us, you will connect and collaborate with a global network of experts – planners, designers, engineers, scientists, consultants, program and construction managers – leading the change toward a more sustainable and equitable future. Join us and let’s get started. As an Equal Opportunity Employer, we believe in each person’s potential, and we’ll help you reach yours.

Job Category Information Technology

Business Line Corporate

Business Group Corporate

Country United States of America

Position Status Full Time

Requisition/Vacancy No. 271163BR

Additional Locations CA - Edmonton, AB - 18817 Stony Plain Rd NW, CA - Toronto, ON - 1200 Markham Road, US - Atlanta, GA - 1360 Peachtree St NE, US - Boston, MA - One Federal St, US - Chicago, IL - 303 E Wacker Drive, US - Dallas, TX - 13355 Noel Road, US - Denver, CO - 7595 East Technology Way, US - Los Angeles, CA - 300 S Grand Ave, US - Raleigh, NC - 5438 Wade Park Boulevard, Suite 200, US - Seattle, WA - 1111 3rd Avenue, US - Tampa, FL - 7650 W Courtney Campbell Causeway

Virtual: Yes

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.