Cyber Security Specialist Job at AECOM, Glen Allen, VA

  • Glen Allen, VA

Job Description

**Company Description**

**Work with Us. Change the World.**

At AECOM, we're delivering a better world. Whether improving your commute, keeping the lights on, providing access to clean water, or transforming skylines, our work helps people and communities thrive. We are the world's trusted infrastructure consulting firm, partnering with clients to solve the worlds most complex challenges and build legacies for future generations.

There has never been a better time to be at AECOM. With accelerating infrastructure investment worldwide, our services are in great demand. We invite you to bring your bold ideas and big dreams and become part of a global team of over 50,000 planners, designers, engineers, scientists, digital innovators, program and construction managers and other professionals delivering projects that create a positive and tangible impact around the world.

We're one global team driven by our common purpose to deliver a better world. Join us.

**Job Description**

**AECOM** is seeking a Cyber Security Specialist based out of our Glen Allen, VA office to support current Energy Utility cybersecurity implementation program and our growing Security & Communications Technology Group within the US East region.

The ideal candidate will work onsite at a variety of client locations in Virginia and potentially other areas, as well as our office in Glen Allen, VA. As we align to the global strategy, overall regional growth strategy and focus on key clients in the region, this role will improve the contributions of the security and communications technology services team for the region (i.e., revenue, margin, net promotor score).

The Cyber Security Specialist will have the opportunity to support multiple projects across multiple business lines and will be afforded exposure to high profile projects sites throughout the AECOM Digital Technology client base. The Cyber Security Specialist in this role will report to the Cyber Security Project Manager.

The job responsibilities for this position will include, but are not limited to:

+ Work on-site and in office with system engineers and other domain experts in variety of cybersecurity roles including assessment, engineering/design, implementation, verification, compliance oversight, and research.

+ Work with internal and external engineering teams to build cybersecurity awareness and understanding.

+ Engage in ongoing learning and information sharing efforts with other cybersecurity personnel at AECOM to grow the teams knowledge base and capabilities.

+ Support technical project work in other areas of digital technology as needed.

+ Current project needs require the ability to perform all the following tasks with minimal guidance:

+ Analyze Windows-based systems, networks, and interfaces for compliance with generalized standards and re-configure as required to meet cybersecurity requirements

+ Validate external logical and physical connections

+ Map on-site topology and validate that engineering drawings match actual implementation of hardware and software

+ Create hardware and software inventories

+ Identify non-essential and vulnerable software

+ Verify that logging capabilities are active and working; activate capabilities as required

+ Identify remote access tools and configurations

+ Review software and equipment for lifecycle management parameters; develop temporary mitigation and upgrade plans as required

+ Verify malware prevention presence and configuration

+ Apply patches and upgrades as required (to OS, software, firmware) in ICS environments and coordinate with engineering staff and supervisors to ensure processes are not disturbed or disturbances are planned/minimized

+ Credential management analysis (e.g. checking for password strength across systems and change frequency policies/records). Document findings and activities performed thoroughly per specific client and facility needs.

+ Works under broad supervision.

+ May take on several components of a project.

+ Provides direction for team members.

+ Plans and manages implementation and integration of new technologies.

+ Troubleshoots problems of medium complexity and recommends appropriate action.

+ Project size could range from low to medium complexity.

+ Acts as a mentor to less senior IT staff.



+ BA/BS in Information Technology, Security, or related field + 4 years of related experience or demonstrated equivalency of experience and/or education

+ Valid U.S Drivers License and as a condition of employment, must pass AECOMs Motor Vehicle Records Review

+ Due to the nature of work, U.S. Citizenship is required for this position.

+ This role requires travel on a weekly basis within Virginia combined with office work processing data collected in the field.

+ Ability to travel on a weekly basis within Virginiaand the continental US up to 75%

+ As a condition of employment, candidates must pass a drug screening.


+ Master's Degree in Information Technology, Security, or related field from ABET accredited college or university

+ 5+ years of relevant experience in networks and cybersecurity related configuration elements & hardware

+ Experience in industrial settings with industrial control systems, is very beneficial in this role.

+ Intermediate degree of technical skill in both Windows and Linux operating environments, with a strong ability to research and identify ways to accomplish required tasks

+ Strong understanding of networks and cybersecurity related configuration elements / hardware. Ability to understand, modify and apply basic scripts Strong desire to continue learning and practicing/developing technical, hands-on skills

+ Familiarity with industry cybersecurity standards and best practices (e.g., NIST 800 series). Adapts to changes, proposals, and feedback. Works in a fast-paced environment and supports multiple concurrent projects

+ Strong sense of confidentiality regarding the data and understands business limiters to ensure high value return

+ Cybersecurity community involvement (e.g. a portfolio of programming/scripting projects, cybersecurity related write-ups, blog posts / articles, public presentation videos or guides, etc.)

+ Understanding of Operating Systems: MS Windows, MacOS, Kali Linux, Ubuntu, Programming Languages: Python, C, HTML, CSS, Software: Oracle VirtualBox, VMWare

+ Hands-On Professional Penetration Testing Certifications (eCPPT, PNPT, or OSCP), Industrial Control System Cybersecurity Certifications (CSSA, GICSP, GCIP, or GRID)

+ Direct experience with, or working knowledge of: Security Information and Event Management (SIEM), Open-Source Intelligence (OSINT), NMap network scan, Network packet analysis, Reverse Engineering (Ghidra), Web vulnerability scanning, Utility and power generation, Operational Technology (OT)

+ Both IT and OT networking equipment, with Industrial Control Systems (ICS), Distributive Control Systems (DCS), Programmable Logic Controllers (PLCs), Instrumentation and Control Engineering (ICE), Supervisory Control and Data Acquisition (SCADA), North American Electric Reliability Corporation - Critical Infrastructure Protection (NERC-CIP)

**Additional Information**

+ Sponsorship for US employment authorization is not available now or in the future for this position.

+ Relocation is not available for this position.

+ At management discretion will drive company vehicle on behalf of AECOM


Offered compensation will be based on location and individual qualifications. The expected range is $75,000.00 - $100,000.00.

**About AECOM**

AECOM is proud to offer a comprehensive benefits program to meet the diverse needs of our employees. Depending on your employment status, AECOM benefits may include medical, dental, vision, life, AD&D, disability benefits, paid time off, leaves of absence, voluntary benefits, perks, U.S. and global well-being programs, employee assistance program, business travel insurance, service recognition awards, retirement savings plan, and employee stock purchase plan.

AECOM is the worlds trusted infrastructure consulting firm, delivering professional services throughout the project lifecycle from advisory, planning, design and engineering to program and construction management. On projects spanning transportation, buildings, water, new energy and the environment, our public- and private-sector clients trust us to solve their most complex challenges. Our teams are driven by a common purpose to deliver a better world through our unrivaled technical and digital expertise, a culture of equity, diversity and inclusion, and a commitment to environmental, social and governance priorities. AECOM is a Fortune 500 firm and its Professional Services business had revenue of $14.4 billion in fiscal year 2023. See how we are delivering sustainable legacies for generations to come at and @AECOM.

**Freedom to Grow in a World of Opportunity**

You will have the flexibility you need to do your best work with hybrid work options. Whether youre working from an AECOM office, remote location or at a client site, you will be working in a dynamic environment where your integrity, entrepreneurial spirit and pioneering mindset are championed.

You will help us foster a culture of equity, diversity and inclusion a safe and respectful workplace, where we invite everyone to bring their whole selves to work using their unique talents, backgrounds and expertise to create transformational outcomes for our clients.

AECOM provides a wide array of compensation and benefits programs to meet the diverse needs of our employees and their families. We also provide a robust global well-being program. Were the worlds trusted global infrastructure firm, and were in this together your growth and success are ours too.

Join us, and youll get all the benefits of being a part of a global, publicly traded firm access to industry-leading technology and thinking and transformational work with big impact and work flexibility. As an Equal Opportunity Employer, we believe in each persons potential, and well help you reach yours.

All your information will be kept confidential according to EEO guidelines.

**ReqID:** J10110371

**Business Line:** Environment

**Business Group:** DCS

**Strategic Business Unit:** East

**Career Area:** Information Technology

**Work Location Model:** Hybrid

Job Tags

Temporary work, Remote job, Worldwide, Relocation,

Similar Jobs


Restaurant Manager Job at SushiFork

 ...As a Restaurant Manager , you will provide leadership at restaurant level and manage the day-to-day operations of the kitchen operations in the restaurant.The Heart of House team will rely on you for direction and development and come to see you as an example of our... 

Velvet Taco

Restaurant Manager Job at Velvet Taco get a Velvet Taco tattoo, our CEO will pay for it! As a Manager at Velvet Taco , you work within a management team where...  ...everyone assists in overseeing the daily operations of your assigned restaurant. The Managers duties include ensuring effective operations,... 

Arizona Department of Administration

Chief Compliance Officer Job at Arizona Department of Administration

 ...Chief Compliance Officer Job No: 526416 Work Type: Full-time Location: REMOTE OPTIONS, PHOENIX Categories: Executive...  ...qualifications)RideShare and Public Transit Subsidy A variety of learning and career development opportunities By providing the... 

Gray Television

SPORTS PRODUCER - WXIX Job at Gray Television

 ...Job Summary/Description: WXIX-TV, Cincinnati, has an opening for a Sports Producer. The sports producer will produce live sport shows, live sporting events, and digital content as well as research, develop, and produce original sports content. Duties/Responsibilities... 

Duval County Public Schools

Teacher - ESE - Autism Job at Duval County Public Schools

TEACHER STARTING SALARY IS $48,700. Additional Referendum money is available for the next four years starting at $5400 for the 23-24 school year ; teachers hired during the school year will receive a prorated supplement amount based on the date of hire. Job Summary...