AECOM Cybersecurity Analyst II in Yuma, Arizona

Business Line Government

Position Title Cybersecurity Analyst II

United States of America - Arizona

Yuma

Job Summary

Purpose and Scope:

Provide cyber network operations support an analysis of Navy’s Combined Tactical Training Network, focusing on the South West region

Essential Responsibilities:

  • Monitor information system activity, collect, review, and retain audit logs to include system logs and records and determine actions to be taken when discrepancies are detected.

  • Collect and review audit data of network activity to support technical analysis relating to misuse, penetration reconstruction, or other security investigations. Investigate and report actual or suspected information systems security incidents, events, or violations and report to the Cybersecurity Manager.

  • Performs analyses to validate established security processes and recommend additional security steps to ensure compliance with applicable DOD IA requirements and baseline IA controls.

  • Conduct network security vulnerability assessments using DoD provided scanning tools and liaison with network administrators to correct identified problems.

  • Review Information Assurance Vulnerability Alerts (IAVA) for applicability and impact to the range networks. Ensure that all systems are patched and report compliance or problems in achieving compliance to the Cybersecurity Manager.

  • Evaluate information systems for compliance with Defense Information Security Agency (DISA) Security Technical Implementation Guideline (STIG) and review measures needed to bring systems into compliance.

  • Conduct vulnerability scanning for new information system deployment or systems temporary connected to CTTR enclaves to support training events or testing. Ensure new information systems are configured in accordance with current DISA STIG’s and DoD/DoN Directives.

  • Verify all Virus Signatures are kept up to date, and Automated and Manual Virus Scans are documented, scheduled and are being completed. React to and report actual or suspected events to the Cybersecurity Manager.

  • Assist in evaluation of Information Systems for compliance with Government statutes, DoD 8500.2 IA Controls, DoD FISMA directives, policies and regulations.

  • Assist the Cybersecurity Manager with the development of the IA related Procedures, and Work Instructions.

  • Attend IA security training as required to maintain and gain knowledge and skills of current IA issues.

  • Supports the Computer Systems Analyst to determine limitations of existing systems and performs duties as alternate Systems Administrator.

  • Position requires ability and commitment to provide coverage outside normal working hours or shifts in daily hours, as warranted, not to interfere with Range Operations.

  • Documents maintenance actions in IEMS.

Minimum Requirements

Minimum Position Knowledge, Skills, and Abilities Required:

Requires Bachelor’s Degree in an Information Technology related discipline (engineering, computer science, information systems, etc) and 2 years of IT/IA experience or at least 6 years of experience in lieu of degree in a combination of IA Training, IT Certification and progressive work experience in the areas of

Information System Security

System/Network Administration

IT System Implementation and Maintenance

Minimum Experience Requirements:

Hands on experience in the following areas:

Maintaining Network Auditing systems to detect, track, and report malicious computer-related activities and incidents.

Installation, maintenance and administration of information systems to include Windows and Linux desktops and servers.

Working knowledge in securing Networks and Operating Systems to Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) standards including Windows and Linux Servers and Workstations.

Conducting Network Vulnerability Scanning and Vulnerability Assessment,

Information system security monitoring and security event correlation.

Information systems patch management and Information Assurance Vulnerability Alerts (IAVA) compliance.

Installation and monitoring of network and host-based IDS and firewalls such as Cisco PIX\ASA firewalls, HBSS, Snort or other similar technologies.

Minimum Position Specific Training Required:

Must maintain DoD 8570.1 certification requirements for IAT-II

Requires documented training in one of the following areas, network infrastructure (Cisco), Microsoft Windows, Linux OS

VMware training desirable.

Host Based Security System (HBSS) Training Certification of Completion.

Must possess and maintain an active DoD security clearance with SSB

Must possess a valid state Driver's License

Preferred Qualifications

  • Experience with creation and/or management of RMF Packages

  • Experience with Accreditation package management in eMASS

  • Possession of excellent customer service and organization skills

  • Possession of excellent oral and written communication skills

What We Offer

AECOM is a place where you can put your innovative thinking and business skills into high gear and work alongside other highly intelligent and motivated people. It's a place where you can apply your skills to some of the world's most challenging, interesting, and meaningful projects worldwide. It's a place that values the diversity of our areas of practice and our people. It's what makes AECOM a great place to work and grow. AECOM is an Equal Opportunity Employer.

At AECOM, employee's safety and security are our top Safeguarding core value. All employees are expected to set the highest level of safety expectation in their work, display the highest level of safe behavior, and actively participate in AECOM's Safety For Life Program. SH&E is a part of our company culture and participation is required for all employees.

NOTICE TO THIRD PARTY AGENCIES: Please note that AECOM does not accept unsolicited resumes from recruiters or employment agencies. In the absence of a signed Recruitment Fee Agreement, AECOM will not consider or agree to payment of any referral compensation or recruiter fee. In the event a recruiter or agency submits a resume or candidate without a previously signed agreement, AECOM explicitly reserves the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of AECOM.

Job Category Information Technology

Business Group Management Services Group (MS)

Country United States of America

Position Status Full-Time

Requisition/Vacancy No. 193442BR

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.