2019-08-07
AECOM (www.aecom.com)
Other
/yr
full-time
employee
Aiken
South Carolina
United States
United States of America - South Carolina, Aiken
Job Summary
Savannah River Remediation, an LLC of AECOM, is seeking a Senior Cyber Security Specialist to be based in our Aiken, SC location on the Savannah River Site.
The Senior Cyber Security Specialist conducts network or software vulnerability assessments and penetration testing for the organization, as established by the Department of Energy (DOE) orders and policies on Cyber Security. Isolates, blocks or removes threat access. Evaluates system security configurations. Performs data analysis on network and log monitoring information. Designs and administers
cyber user awareness programs. Performs risk assessment on new or modified systems and networks. Provides appropriate documentation to adhere to relevant regulations and achieve organization objectives.
Under minimal direction, performs assessments of systems and networks within the networking environment or enclave and identifies systems and networks that deviate from acceptable configurations, enclave policy, or local policy.
Evaluates incident response procedures and capabilities.
With concurrence from lead or manager, exploits system and network vulnerabilities and misconfigurations for purposes of gathering data from target or adversary automated information systems or networks and to enable operations and intelligence collection capabilities.
Supports the Cyber Security user awareness program.
Under appropriate direction, leverages computer networks to disrupt, deny, degrade, or destroy information resident in computers and computer networks, or the computers and networks.
Performs analysis of data obtained through network security monitoring and log monitoring of systems, evaluates against provided data sources and threat intelligence feeds, and identifies potential issues for further investigation.
With limited guidance, develops and maintains Certification and Accreditation package in a DOE cyber security environment including development of System Security Plan, System Test and Evaluation Document, Security Controls Deviations, and Disaster Recovery Plan.
Without assistance, performs and documents risk assessments on new equipment, hardware, current environment.
Utilizing knowledge of a federally regulated environment and support from lead, develops and evaluates procedures necessary to implement cyber requirements.
Other duties as assigned.
Minimum Requirements
Bachelor's degree in computer science, information technology or equivalent field and 5+ years of experience working in an information technology field with an emphasis in security
Individuals not possessing a four-year degree may qualify with an additional 4 years of related education and/or experience.
Due to the nature of the work, the candidate must be a US Citizen
Preferred Qualifications
Experience working in a DOE or federally regulated environment
Experience using Nessus and other tools for scanning and monitoring systems and networks
Contributed to the development and maintenance of an Accreditation Package in a DOE environment
Knowledgeable on FIPS 199, NIST 800-53, NIST 800-53a, NIST 800-70, NIST 800-37 (and other NIST guidance documentation)
Experience using the following types of software: security scanning, penetration testing, patch management, and configuration management.
International Information System Security Certification Consortium certification (ISC)2, Certified Information Security System Professional (CISSP)
What We Offer
When you join AECOM, you become part of a company that is
pioneering the future . Our teams around the world are involved in some of the most cutting-edge and innovative projects and programs of our time, addressing the big challenges of today and shaping the built environment for generations to come. We ensure a workplace that encourages growth, flexibility and creativity, as well as a company culture that champions
inclusion, diversity and overall
employee well-being through programs supported by company leadership. Our
core values define who we are, how we act and what we aspire to, which comes down to not only
delivering a better world , but working to “make amazing happen” in each neighborhood, community and city we touch. As an Equal Opportunity Employer, we believe in each person’s potential, and we’ll help you reach yours.
Job Category Information Technology
Business Line Management Services
Business Group Management Services Group (MS)
Country United States of America
Position Status Full-Time
Requisition/Vacancy No. 219492BR
Clearance Required No
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.