AECOM Cybersecurity Analyst in Fallon, Nevada
Business Line Government
Position Title Cybersecurity Analyst
United States of America - Nevada
Member of a geographically dispersed Cybersecurity team responsible for the security of systems supporting an unclassified and classified Wide Area Network infrastructure.
Maintaining Network Auditing systems to detect, track, and report malicious computer-related activities and incidents.
Securing Networks and Operating Systems (Cisco, Windows, Linux) to Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) standards
Conducting Network Vulnerability Scanning and Vulnerability Assessment
Information Systems Patch Management and Information Assurance Vulnerability Alerts (IAVA) compliance.
Monitor information system activity, collect, review, and retain audit logs to include system logs and records and determine actions to be taken when discrepancies are detected.
Performs analysis to validate established security processes and recommend additional security steps to ensure compliance with applicable DOD IA requirements and baseline IA controls.
Conduct network security vulnerability assessments using DoD provided scanning tools and liaison with network administrators to correct identified problems.
Review Information Assurance Vulnerability Alerts (IAVA) for applicability and impact to the range networks. Ensure that all systems are patched and report compliance.
Evaluate information systems for compliance with Defense Information Security Agency (DISA) Security Technical Implementation Guideline (STIG) and review measures needed to bring systems into compliance.
Conduct vulnerability scanning for new information system deployment or systems temporary connected to support training events or testing.
Verify all Virus Signatures are kept up to date, and Automated and Manual Virus Scans are documented, scheduled and are being completed.
Assist in evaluation of Information Systems for compliance with Government statutes, DoD 8500.2 IA Controls, DoD FISMA directives, policies and regulations.
Assist the Cybersecurity Manager with the development of the IA related Procedures, and Work Instructions.
Requires Bachelor’s Degree in an Information Technology related discipline (computer science, information system management, etc) and 2 years of IT/IA experience. In lieu of degree at least 6 years equivalent combination of training and experience in the areas of:
Information System Security
Evaluating information security principles, DISA STIGs and C&A process
Network Security Auditing
Event log tracking and review
Host Based Security System (HBSS) Administration
Assured Compliance Assessment Solution (ACAS) Administration
DoD Certification and Accreditation
Risk Management Framework
Minimum Position Requirements (Must meet certification and training within six months of date of hire):
Must maintain DoD 8570.1 certification requirements for IAT-II
Requires documented training in Microsoft Windows Server or Cisco Administration
Position requires ability to provide coverage outside normal working hours or shifts in daily hours
Requires an active Secret Security Clearance and ability to pass an SSBI investigation
Requires a valid state issued driver's license.
Cisco networking or Windows OS background experience a bonus.
Change Management Experience
Experience creating, testing and implementing documentation plans
Experience with eMASS certification and accreditation tool
What We Offer
AECOM is a place where you can put your innovative thinking and business skills into high gear and work alongside other highly intelligent and motivated people. It's a place where you can apply your skills to some of the world's most challenging, interesting, and meaningful projects worldwide. It's a place that values the diversity of our areas of practice and our people. It's what makes AECOM a great place to work and grow. AECOM is an Equal Opportunity Employer.
At AECOM, employee's safety and security are our top Safeguarding core value. All employees are expected to set the highest level of safety expectation in their work, display the highest level of safe behavior, and actively participate in AECOM's Safety For Life Program. SH&E is a part of our company culture and participation is required for all employees.
NOTICE TO THIRD PARTY AGENCIES: Please note that AECOM does not accept unsolicited resumes from recruiters or employment agencies. In the absence of a signed Recruitment Fee Agreement, AECOM will not consider or agree to payment of any referral compensation or recruiter fee. In the event a recruiter or agency submits a resume or candidate without a previously signed agreement, AECOM explicitly reserves the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of AECOM.
Job Category Information Technology
Business Group Management Services Group (MS)
Country United States of America
Position Status Full-Time
Requisition/Vacancy No. 171814BR
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.