IT Security Analyst
Position Title IT Security Analyst
Job Category Information Technology
Business Line Government
Country United States of America
State/Province/Region USA - Washington, D.C.
Why Choose AECOM? AECOM is a premier, fully integrated professional and technical services firm positioned to design, build, finance and operate infrastructure assets around the world for public- and private-sector clients. With nearly 100,000 employees — including architects, engineers, designers, planners, scientists and management and construction services professionals — serving clients in over 150 countries around the world, AECOM is ranked as the #1 engineering design firm by revenue in Engineering News-Record magazine’s annual industry rankings, and has been recognized by Fortune magazine as a World’s Most Admired Company. The firm is a leader in all of the key markets that it serves, including transportation, facilities, environmental, energy, oil and gas, water, high-rise buildings and government. AECOM provides a blend of global reach, local knowledge, innovation and technical excellence in delivering customized and creative solutions that meet the needs of clients’ projects. A Fortune 500 firm, AECOM companies, including URS Corporation and Hunt Construction Group, have annual revenue of approximately $19 billion. More information on AECOM and its services can be found at www.aecom.com.
About the Business Line
AECOM works with national and local governments around the world to manage and support critical programs in the areas of defense, security and intelligence; energy and climate change; environmental cleanup and waste management; infrastructure development, protection and resilience; and international development. Our global operations and connected expertise enable us to provide cutting-edge, relevant and cost-effective solutions that help our clients safeguard and enrich society and the world we live in.
AECOM is actively seeking a motivated, career and customer oriented information security analyst to join our team in Washington, DC to begin an exciting and challenging career with AECOM . The position will be located in Washington DC, across from the L'Enfant Plaza Metro.
Essential Responsibilities: Please list what the candidate will be doing in this position
The selected candidate will provide Information System Security Officer (ISSO) support for multiple major Federal IT application and Information systems. They will be responsible for conducting structured security certification and accreditation (C&A) activities utilizing the Risk Management Framework and in compliance with the Federal Information Security Management Act (FISMA) requirements. As a member of the Security Team, the candidate will lead the review of technical, management and operational Security Controls in accordance with DHS to ensure the completeness and effectiveness of the IT system's information technology and security solutions.
- Experience guiding a system through full ATO (Authority to Operate) lifecycle
- Experience writing security plans and contingency plans and all ATO artifacts
- Experience analyzing security scan reports
- Experience creating, managing, and completing Plans of Action & Milestones (POA&Ms)
- Experience analyzing system audit logs
- Ensure configuration management is appropriate for all Information Systems (IS) software and hardware, including that change control requirements are documented and tracked
- Ensure security logs and audit trails are reviewed in accordance with established schedules
- Conduct periodic reviews of Privileged user accounts (Developer, Admin, etc.)
The candidate will be responsible for ensuring that Certification and Accreditations (C&A) / Assessment and Authorization (A&A) documents, Plan of Action and Milestones (POA&M) and artifacts are maintained and updated in accordance with DHS policy. The candidate will participate in the DHS change, configuration, and release management process to ensure an appropriate security level is in the systems lifecycles. As a technical expert in the security field, the candidate will be relied upon to ensure that senior management is kept apprised of all pertinent security systems issues. They will also be responsible for the operation of a security monitoring and auditing solutions.
Skills, product knowledge:
- Must have experience with analyzing security scan reports
- Must demonstrate a complete understanding of Information Security Administration principles, concepts, practices, and standards as well as a complete understanding of network devices, TCP/IP and related Internet protocols.
Should possess leadership skills including organizing, scheduling, conducting, and coordinating work assignments to meet project milestones or established completion dates.
- Requires Minimum Active Top Secret Clearance with SCI eligible.....DHS EOD strongly preferred
- Bachelor's degree and 10 years of related subject matter experience or combination of education, certifications and specialized industry experience (subject to the Government Contracting Officer granting a waiver). Experience should include systems certification and accreditation (C&A). A minimum of one year C&A experience in a classified environment as well as a minimum of one year experience with FISMA compliance is also required.
- Requires excellent oral and written communications skills; a self-motivated problem solver with the ability to learn quickly; ability to establish and maintain a strong customer focused working relationship.
- Must be able to obtain/maintain DHS-EOD clearance.
Travel: 10%, Remote Work Authorized: 20% - 40%.
Certifications: (minimum (1) active required)
- ISC2 Certified Information Systems Security Professional (CISSP) or CISSP-ISSMP, ISSAP or ISSEP
- Certification and Accreditation Professional (CAP)
- Certified Ethical Hacker (CEH)
- C&A experience with classified networks is highly desired
AECOM is a place where you can put your innovative thinking and business skills into high gear and work alongside other highly intelligent and motivated people. It's a place where you can apply your skills to some of the world's most challenging, interesting, and meaningful projects worldwide. It's a place that values the diversity of our areas of practice and our people. It's what makes AECOM a great place to work and grow.
AECOM is an equal opportunity employer and Minorities, Females, Veterans, and Disabled persons are encouraged to apply. For further information, please click here at http://www.aecom.com/content/wp-content/uploads/2016/01/EEO-is-the-Law-poster-supplement.pdf to view the EEO Is The Law poster.
NOTICE TO THIRD PARTY AGENCIES:
Please note that AECOM does not accept unsolicited resumes from recruiters or employment agencies. In the absence of a signed Recruitment Fee Agreement, AECOM will not consider or agree to payment of any referral compensation or recruiter fee. In the event a recruiter or agency submits a resume or candidate without a previously signed agreement, AECOM explicitly reserves the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of AECOM.
Company Type: Public Company
Company Size: 10,001+