AECOM Security Spec - JY in Fort Hood, Texas

United States of America - Texas, Fort Hood

Job Summary

Monitors information system activity and conducts assessments of systems and networks within the assigned networking environment. Identify where systems/networks deviate from acceptable configurations, enclave policy, or local policy.

Essential Responsibilities:

  1. Monitor information system activity, collect, review, and retain audit logs to include system logs and records and determine actions to be taken when discrepancies are detected.

  2. Collect and review audit data of network activity to support technical analysis relating to misuse, penetration reconstruction, or other security investigations. Investigate and report actual or suspected information systems security incidents, events, or violations and report to the manager.

  3. Performs analyses to validate established security processes and recommend additional security steps to ensure compliance with applicable DOD IA requirements and baseline IA controls.

  4. Conduct network security vulnerability assessments using DoD provided scanning tools and liaison with network administrators to correct identified problems.

  5. Review Information Assurance Vulnerability Alerts (IAVA) for applicability and impact the range networks. Ensure that all systems are patched and report compliance or problems in achieving compliance.

  6. Evaluate information systems for compliance with Defense Information Security Agency (DISA) Security Technical Implementation Guideline (STIG) and review measures needed to bring systems into compliance.

  7. Conduct vulnerability scanning for new information system deployment or systems to support training events or testing. Ensure new information systems are configured in accordance with current DISA STIG’s and DoD/DoN Directives.

  8. Verify all Virus Signatures are kept up to date, and Automated and Manual Virus Scans are documented, scheduled and are being completed. React to and report actual or suspected events to the Cybersecurity Manager.

  9. Assist in evaluation of Information Systems for compliance with Government statutes, DoD 8500.2 IA Controls, DoD FISMA directives, policies and regulations.

  10. Assist the manager with the development of the IA related Procedures, and Work Instructions.

Perform all other position related duties as assigned or requested.

Work Environment, Physical Demands, and Mental Demands:

While performing the duties of this job, the employee is regularly required to stand; use hands to finger, handle, or fee; and talk or hear. The employee frequently is required to walk; reach with hands and arms; and stoop, kneel, crouch, or crawl. The employee is occasionally required to sit, climb or balance, and taste or smell. The employee must frequently lift and/or move up to 10 pounds and occasionally lift and/or move up to 50 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, and ability to adjust focus. While performing the duties of this job, the employee is frequently exposed to moving mechanical parts and extreme heat. The employee is regularly exposed to wet and/or humid conditions; high, precarious places; fumes or airborne particles; outside weather conditions; extreme cold; and risk of electrical shock. The noise level in the work environment is usually loud, or may include unsafe conditions, questioning nonstandard operations or environmental factors that may involve unmitigated hazards, and providing feedback to supervisors and managers on all safety issues. Position may require the ability to pass and maintain a Security Clearance. Position may require travel.

Safety - AECOM enforces a safety culture whereby all employees have the responsibility for continuously developing and maintaining a safe work environment. As appropriate, each employee is responsible for completing all training requirements and fulfilling all self-aid/buddy aid responsibilities, participating in emergency response tasks and serving on safety committees and teams.

Quality - Quality is the foundation for the management of our business and the keystone to our goal of customer satisfaction. It is our policy to consistently provide services that meet customer expectations. Accordingly, each employee must conform to the AECOM Quality Policy and carry out job activities in compliance with applicable AECOM Quality System documents and customer contracts. Each employee must read and understand his/her Quality Management and Customer Satisfaction responsibilities.

Procedure Compliance - Each employee must read, understand and implement the general and specific operational, safety, quality and environmental requirements of all plans, procedures and policies pertaining to his/her job.

Minimum Requirements

Bachelor’s Degree in Information Technology, Computer Science or related field, or equivalent combination of formal/technical/military training and experience. Possess two years? experience in IT/IA working environment. Possess progressive work experience in the areas of Information System Security, System/Network Administration and IT System Implementation and Maintenance.

Additional requirements include:

  • Must maintain DoD 8570.1 certification requirements for IAT-II.

  • Requires documented training in the following areas, network infrastructure (Cisco), Microsoft Windows.

  • VMware training desirable.

  • Host Based Security System (HBSS) Training Certification of Completion.

  • Position requires ability and commitment to provide coverage outside normal working hours or shifts in daily hours.

  • Possess a current Security Clearance and a valid state issued driver’s license.

Hands on experience in the following areas:

  • Maintaining Network Auditing systems to detect, track, and report malicious computer-related activities and incidents.

  • Working knowledge in securing Networks and Operating Systems to Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) -standards including Windows and Linux Servers and Workstations.

  • Conducting Network Vulnerability Scanning and Vulnerability Assessment.

  • Information systems patch management and Information Assurance Vulnerability Alerts (IAVA) compliance.

  • Installation and monitoring of network and host-based IDS and firewalls such as Cisco PIXfirewalls, HBSS, Snort or other similar technologies.

Additional requirements:

Must be a U.S. Citizenship.

Must be able to obtain and maintain a government Common Access Card (CAC).

Must pass a pre-employment drug-screen and a government background check.

Candidates must be able to read, write, speak and understand English.

Preferred Qualifications

N/A

What We Offer

When you join AECOM, you become part of a company that is pioneering the future . Our teams around the world are involved in some of the most cutting-edge and innovative projects and programs of our time, addressing the big challenges of today and shaping the built environment for generations to come. We ensure a workplace that encourages growth, flexibility and creativity, as well as a company culture that champions inclusion, diversity and overall employee well-being through programs supported by company leadership. Our core values define who we are, how we act and what we aspire to, which comes down to not only delivering a better world , but working to “make amazing happen” in each neighborhood, community and city we touch. As an Equal Opportunity Employer, we believe in each person’s potential, and we’ll help you reach yours.

Job Category Maintenance

Business Line Management Services

Business Group Management Services Group (MS)

Country United States of America

Position Status Full-Time

Requisition/Vacancy No. 204232BR

Clearance Required No

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.