AECOM Sr. Analyst, Cyber Security Operations Center (CSOC) in Los Angeles, California
United States of America - Washington, Seattle
AECOM is seeking a Sr. Security Operations Analyst to become a member of our Global Cyber Security Operations Centre (CSOC). This candidate will be an integral part of a high performing team providing triage and response services as part of a “follow the sun” model. He/she will be responsible for partnering with members of IT across the globe for incident analysis, containment and remediation. A qualified candidate should have a broad level of experience in multiple IT and Cyber Security domains, including awareness of current security risks, threats and targeted attack methods and TTPs. The candidate should have experience with technical investigations using contemporary SIEM and EDR technology.
This will be a remote/telecommute position that can be based from anywhere in the United States.
MAJOR TASKS AND RESPONSIBILITIES MAY INCLUDE:
Developed tactics, techniques, and procedures to improve the characterization of malware
Collaborate with members of the intel community to characterize adversarial nation-state behavior
Improve processes for identifying domestic threats in cyberspace
Engineer methods for tracking the development status of new capabilities
Develop and maintain SIEM content and reporting
Take part in projects as a subject matter expert and service owner
Provide investigative support to the CSOC
Manage and maintain playbooks and runbooks; make recommendations for improvements
Analyze phishing emails submitted for review
Monitor and analyze alerts from various sources in the incident queue
Identify false positives and create appropriate exceptions
Identify and analyze systems exhibiting suspicious or malicious behavior
Collect and analyze volatile forensic data to confirm or rule out malicious or attacker activity
Document and research malicious emails from phishing review and provide data for cleanup and email purge to the appropriate email teams.
Create and edit granular email filter rules to catch current phishing/malware campaigns
Document Indicators of Compromise (IOCs) in threat intelligence database
Perform threat & malware analysis and research
Perform containment during incident response
Follow up and determine root cause of incidents
Produce written reports to management after large scale incidents
Provide recommendations post-incident to mitigate failed security controls
Contribute to procedural methods and documentation
Mentoring and knowledge sharing with local and global CSOC team members
Level specific responsibilities:
Works under minimal supervision.
Has system-wide responsibility on complex projects and components.
Provides direction for projects.
Solves medium to highly technical, complex problems on multiple projects, and provides consultative support to internal staff.
Assists with the transfer of knowledge of technical skills.
Project size could range from medium to high complexity Viewed as a subject matter expert within the organization.
Acts as a mentor to less senior IT staff.
KNOWLEDGE, SKILLS, ABILITIES, AND COMPETENCIES
Excellent oral/written communication skills (in English).
Strong analytical and problem-solving skills.
Strong interpersonal and customer service skills
Able to work well on a virtual team without close supervision
Solid understanding of malware, static and dynamic analysis and removal (detecting, persistence mechanism, network communication, etc.)
Basic understanding of email headers
Familiar with general IT security best practices and controls
Familiar with various infrastructure components, and how they interact
At AECOM, we believe infrastructure creates opportunity for everyone. Whether it’s improving your commute, keeping the lights on, providing access to clean water or transforming skylines, our work helps people and communities thrive.
We take on the most complex challenges and pioneer innovative, iconic solutions that push the limits of what’s possible – the world’s longest cable-stayed bridge, record-breaking sports events, the largest greenfield port development mega project, life-sustainingand disaster recovery programs, and the tallest tower in the Western Hemisphere.
On projects spanning transportation, buildings, water, governments, energy and the environment, we deliver professional services throughout the project lifecycle.
We are proud to be recognized for excellence:
Fortune ’s World’s Most Admired Companies – 2014-2020
#1 in Transportation and General Building in Engineering-News Record 's 2019 “Top 500 Design Firms” and #1 2019 “Top 200 Environmental Firms”
VIQTORY 2020 Military Friendly® Gold Employer
Perfect score on the Human Rights Campaign Foundation's Corporate Equality Index for 2017-2019
Bachelor’s Degree in Cyber Security, Computer Science or similar field plus 6 years of relevant information security / cyber security experience, or demonstrated equivalency of experience and/or education.
Must be fluent in the English language
Experience working with a global company and team
Current security industry certifications preferred (GCFA, GCFE, GREM, GIAC, ISC2, EC-Council, etc)
Solid understanding of the Windows operating system, registry, security configurations, services, processes and WMI
Experience with built-in OS shell commands and 3rd party command line tools
Familiarity with Linux/Unix systems
Experience with cloud computing
Strong understanding of security and network event logs
Experience with tools used for IP/host/binary research
Strong scripting or application development skills preferred
Experience with host-based forensics is preferred
Experience on a SOC highly preferred
What We Offer
When you join AECOM, you become part of a company that is pioneering the future. Our teams around the world are involved in some of the most cutting-edge and innovative projects and programs of our time, addressing the big challenges of today and shaping the built environment for generations to come. We ensure a workplace that encourages growth, flexibility and creativity, as well as a company culture that champions inclusion, diversity and overall employee well-being through programs supported by company leadership. Our core values define who we are, how we act and what we aspire to, which comes down to not only delivering a better world, but working to “make amazing happen” in each neighborhood, community and city we touch. As an Equal Opportunity Employer, we believe in each person’s potential, and we’ll help you reach yours.
Job Category Information Technology
Business Line Corporate
Business Group Corporate
Country United States of America
Position Status Full-Time
Requisition/Vacancy No. 246382BR
Additional Locations US - Atlanta, GA - 1360 Peachtree St NE, US - Boston, MA - One Federal St, US - Chicago, IL - 303 E Wacker Drive, US - Denver, CO - 7595 East Technology Way, US - Glen Allen, VA - 4840 Cox Road, US - Houston, TX - 19219 Katy Freeway, US - Los Angeles, CA - 300 S Grand Ave, US - New York, NY - 125 Broad Street
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.