AECOM Canada Jobs

Careers
company that is <a href="https://www.aecom.com/without-limits/" target="_blank">pioneering the future </a>. Our teams around t
and administers <a>cyber </a> user awareness prog
leadership. Our <a href="https://www.aecom.com/about-aecom/core-values/" target="_blank">core values </a> define who we are,
down to not only <a href="https://www.aecom.com/about-aecom/corporate-responsibility/" target="_blank">delivering a better world </a>, but working to “ma
e that champions <a href="https://www.aecom.com/careers/diversity-inclusion/" target="_blank">inclusion, diversity </a> and overall <a href="https://wellbeingataecom.com/" target="_blank">employee well-being </a> through programs su

Job Information

AECOM Senior Cyber Security Specialist in Aiken, South Carolina

United States of America - South Carolina, Aiken

Job Summary

Savannah River Remediation, an LLC of AECOM, is seeking a Senior Cyber Security Specialist to be based in our Aiken, SC location on the Savannah River Site.

The Senior Cyber Security Specialist conducts network or software vulnerability assessments and penetration testing for the organization, as established by the Department of Energy (DOE) orders and policies on Cyber Security. Isolates, blocks or removes threat access. Evaluates system security configurations. Performs data analysis on network and log monitoring information. Designs and administers

cyber user awareness programs. Performs risk assessment on new or modified systems and networks. Provides appropriate documentation to adhere to relevant regulations and achieve organization objectives.

  • Under minimal direction, performs assessments of systems and networks within the networking environment or enclave and identifies systems and networks that deviate from acceptable configurations, enclave policy, or local policy.

  • Evaluates incident response procedures and capabilities.

  • With concurrence from lead or manager, exploits system and network vulnerabilities and misconfigurations for purposes of gathering data from target or adversary automated information systems or networks and to enable operations and intelligence collection capabilities.

  • Supports the Cyber Security user awareness program.

  • Under appropriate direction, leverages computer networks to disrupt, deny, degrade, or destroy information resident in computers and computer networks, or the computers and networks.

  • Performs analysis of data obtained through network security monitoring and log monitoring of systems, evaluates against provided data sources and threat intelligence feeds, and identifies potential issues for further investigation.

  • With limited guidance, develops and maintains Certification and Accreditation package in a DOE cyber security environment including development of System Security Plan, System Test and Evaluation Document, Security Controls Deviations, and Disaster Recovery Plan.

  • Without assistance, performs and documents risk assessments on new equipment, hardware, current environment.

  • Utilizing knowledge of a federally regulated environment and support from lead, develops and evaluates procedures necessary to implement cyber requirements.

  • Other duties as assigned.

Minimum Requirements

  • Bachelor's degree in computer science, information technology or equivalent field and 5+ years of experience working in an information technology field with an emphasis in security

  • Individuals not possessing a four-year degree may qualify with an additional 4 years of related education and/or experience.

  • Due to the nature of the work, the candidate must be a US Citizen

Preferred Qualifications

  • Experience working in a DOE or federally regulated environment

  • Experience using Nessus and other tools for scanning and monitoring systems and networks

  • Contributed to the development and maintenance of an Accreditation Package in a DOE environment

  • Knowledgeable on FIPS 199, NIST 800-53, NIST 800-53a, NIST 800-70, NIST 800-37 (and other NIST guidance documentation)

  • Experience using the following types of software: security scanning, penetration testing, patch management, and configuration management.

  • International Information System Security Certification Consortium certification (ISC)2, Certified Information Security System Professional (CISSP)

What We Offer

When you join AECOM, you become part of a company that is

pioneering the future . Our teams around the world are involved in some of the most cutting-edge and innovative projects and programs of our time, addressing the big challenges of today and shaping the built environment for generations to come. We ensure a workplace that encourages growth, flexibility and creativity, as well as a company culture that champions

inclusion, diversity and overall

employee well-being through programs supported by company leadership. Our

core values define who we are, how we act and what we aspire to, which comes down to not only

delivering a better world , but working to “make amazing happen” in each neighborhood, community and city we touch. As an Equal Opportunity Employer, we believe in each person’s potential, and we’ll help you reach yours.

Job Category Information Technology

Business Line Management Services

Business Group Management Services Group (MS)

Country United States of America

Position Status Full-Time

Requisition/Vacancy No. 219492BR

Clearance Required No

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.

EOE including Disability/Protected Veterans
Accessibility/Reasonable Accommodations

DirectEmployers