AECOM Cybersecurity Analyst II in Virginia Beach, Virginia
Business Line Government
Position Title Cybersecurity Analyst II
United States of America - Virginia
Monitor information system activity, collect, review, and retain audit logs to include system logs and records and determine actions to be taken when discrepancies are detected.
Collect and review audit data of network activity to support technical analysis relating to misuse, penetration reconstruction, or other security investigations. Investigate and report actual or suspected information systems security incidents, events, or violations and report to the Cybersecurity Manager.
Performs analyses to validate established security processes and recommend additional security steps to ensure compliance with applicable DOD IA requirements and baseline IA controls.
Conduct network security vulnerability assessments using DoD provided scanning tools and liaison with network administrators to correct identified problems.
Review Information Assurance Vulnerability Alerts (IAVA) for applicability and impact to the range networks. Ensure that all systems are patched and report compliance or problems in achieving compliance to the Cybersecurity Manager.
Evaluate information systems for compliance with Defense Information Security Agency (DISA) Security Technical Implementation Guideline (STIG) and review measures needed to bring systems into compliance.
Conduct vulnerability scanning for new information system deployment or systems temporary connected to CTTR enclaves to support training events or testing. Ensure new information systems are configured in accordance with current DISA STIG’s and DoD/DoN Directives.
Verify all Virus Signatures are kept up to date, and Automated and Manual Virus Scans are documented, scheduled and are being completed. React to and report actual or suspected events to the Cybersecurity Manager.
Assist in evaluation of Information Systems for compliance with Government statutes, DoD 8500.2 IA Controls, DoD FISMA directives, policies and regulations.
Assist the Cybersecurity Manager with development of the IA related Procedures, and Work Instructions.
Attend IA security training as required to maintain and gain knowledge and skills of current IA issues.
Support Computer System Analyst to determine limitations of existing systems and perform duties as alternate System Administrator.
Position requires ability and commitment to provide coverage outside normal working hours or shifts in daily hours, as warranted, not to interfere with Range Operations.
Documents maintenance actions in IEMS.
Work Environment, Physical Demands, and Mental Demands:
Perform duties at a variety of contract related facilities or locations including offices, mission control rooms, labs, and remote field sites. Duties involve no unusual hazards, occasional lifting to 20 pounds, constant sitting and use of a computer terminal, constant use of sight abilities while writing, reviewing, and editing documents, constant use of speech/hearing abilities for communication, and constant mental alertness.
Requires Bachelors Degree in an Information Technology related discipline (engineering, computer science, information systems, etc) and 2 years of IT/CS experience or at least 6 years of experience in lieu of degree in a combination of IA Training, IT Certification and progressive work experience in the areas of
Information System Security
IT System Implementation and Maintenance
Minimum Experience Requirements
Hands on experience in the following areas:
Maintaining Network Auditing systems to detect, track, and report malicious computer-related activities and incidents.
Installation, maintenance and administration of information systems to include Windows and Linux desktops and servers.
Working knowledge in securing Networks and Operating Systems to Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) standards including Windows and Linux Servers and Workstations.
Conducting Network Vulnerability Scanning, Assessment and reports.
Information system security monitoring and security event correlation.
Review and report on Information Systems patch management and Information Assurance Vulnerability Alerts (IAVA) compliance.
Installation and monitoring of network and host-based IDS and firewalls such as Cisco PIX\ASA firewalls, HBSS, Snort or other similar technologies.
Minimum Position Specific Training Required
Must maintain DoD 8570.1 certification requirements for IAT-II.
Requires documented training in one of the following areas, network infrastructure (Cisco), Microsoft Windows.
VMware training desirable.
Host Based Security System (HBSS) Training Certification of Completion.
DISA Assured Compliance Assessment Solution (ACAS) certification
Must maintain DoD 8570.1 certification requirements for IAT-II
Must possess a valid state Driver’s License.
Must possess and maintain an Active DoD Secret Clearance.
What We Offer
AECOM is a place where you can put your innovative thinking and business skills into high gear and work alongside other highly intelligent and motivated people. It's a place where you can apply your skills to some of the world's most challenging, interesting, and meaningful projects worldwide. It's a place that values the diversity of our areas of practice and our people. It's what makes AECOM a great place to work and grow.
AECOM is an equal opportunity employer and Minorities, Females, Veterans, and Disabled persons are encouraged to apply. For further information, please click here to view the EEO Is The Law poster.
Job Category Information Technology
Country United States of America
Position Status Full-Time
Requisition/Vacancy No. 180943BR
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.