Cyber Security Specialist I - Military veterans preferred

2019-12-15
AECOM (www.aecom.com)
Other

/yr

  full-time   employee


Germantown
Maryland
United States

United States of America - Maryland, Germantown

Job Summary

The Information Assurance/Cyber Security Assistant will have a working knowledge of system functions, security policies, technical security safeguards and operational security measures and develop procedures for responding to security incidents, and for investigating and reporting security violations and incidents to the Information Assurance Manager (IAM) and (Program Security Officer) PSO.

As a Cyber Security Specialist for Management Services, you will protect government data and systems using sophisticated tools, instrumentation, and knowledge of Department of Defense, Intelligence Community, and Department of Energy Information Technology (IT) and tradecraft to monitor, evaluate, and manage IT risk. You will identify current threats, mitigate vulnerabilities, and anticipate future cybersecurity challenges. Utilizing new technologies, you will increase the security of our existing and emerging IT systems. You will ensure the development, deployment, operations, implementation and support of component information systems that are consistent with cyber security policies and procedures associated with our clients IT requirements. You will also have leadership opportunities to supervise and manage employees, develop and manage a budget according to established strategic priorities, and represent your program area to Management Services leadership.

Essential Responsibilities:

1) Ensure systems are operated, maintained, and disposed of in accordance with internal security policies and practices outlined in the security plan.

2) Ensure all users have the requisite security clearances, authorization, and need-to-know, and are aware of their security responsibilities before granting access to the IS.

3) Initiate with the approval of the IAM (Information Assurance Manager) and Security Officer, protective or corrective measures when a security incident or vulnerability is discovered.

4) Develop and maintain all SSP (System Security Plan)s/(System Security Authorization Agreement) SSAAs.

5) Ensure configuration ware, hardware, and management (CM) for security-relevant IS software, hardware, and firmware is maintained and documented.

6) Ensure that system recovery processes are monitored to ensure that security features and procedures are properly restored.

7) Ensure all IS security-related documentation is current and accessible to properly authorized individuals.

8) Formally notify the IAM/PSO when a system no longer processes information.

9) Formally notify the IAM/PSO when changes occur that might affect accreditation.

10) Ensure that system security requirements are addressed during all phases of the system life cycle.

11) Follow procedures developed by the ISSM (Information System Security Manager)/(Program Security Officer)PSO, authorizing software, hardware, and firmware use before implementation on systems.

12) Position may require travel.

As a Cyber Security Specialist you will do the following work to support customers within the organization[RPJ1] :

Analyze existing and future systems across Management Services, review security architectures, and develop engineering solutions that integrate information security requirements to proactively protect our client’s information.

Perform audit and security compliance checks, including network penetration testing, vulnerability scans, and other configuration analysis.

Implement and support network defense, identification/authentication/access control, data protection mechanisms, and data transfer mechanisms

Manage and monitor Stand-alone and networked IT systems within a Sensitive Compartmented Information Facility (SCIF)

Review and validate security documentation, including the system security requirements definition and System Security Plans

Implement security designs in hardware, software, data and procedures

Provide guidance to Management Services on government information security policies and regulations to address impact on Management Services operations.Perform all other position related duties as assigned or requested.

Minimum Position Knowledge, Skills, and Abilities Required:

Knowledgeable of DoD 8510.01 Department of Defense Instruction Number 8510.01 Dated March 12. 2014. Subject: Risk Management Framework (RMF) of DoD Information Technology (IT) and DISAI 630-230-19 Information Assurance. Knowledge and application of 700 Series of the Intelligence Community Directives (ICD)[RPJ2] . AA or BS Degree in Information Assurance, Cyber Security, Incident Response, Security Management, or discipline directly related to Cyber Security; or five (5) years specialized experience. Requires an active Top Secret Security Clearance from Day One. U.S. Citizenship Required.

Qualification

US citizenship required. All positions require relocation to the Washington, DC metro area.

Minimum Requirements

MINIMUM QUALIFICATIONS:

Bachelor's degree in one of the following fields or related studies:

Information Assurance

Cyber Security

Computer Science

Computer Engineering

Other related engineering fields

Or, relevant verifiable work experience

GPA of at least 3.0 on a 4-point scale is preferred, but exceptions may be made for extenuating circumstances

Excellent verbal and written communication skills

Strong commitment to continuous learning

Ability to work both independently and in a team environment

DESIRED QUALIFICATIONS:

Track record of progressively responsible cyber experience in one or more of the following information security areas:

Networks, operating system, application-layer, and cloud security expertise

System evaluations

System Security Plans and Policy development

Security operations/network monitoring

Security information management/security event management

Network mapping

Vulnerability scanners, firewalls, routers and other security tools

Risk Management Framework

Professional certifications

ALL APPLICANTS MUST BE ELIGIBLE TO COMPLETE:

A thorough medical and psychological exam

A polygraph interview

A comprehensive background investigationApplicants must generally not have used illegal drugs within the last 12 months. The issue of illegal drug use prior to 12 months ago is carefully evaluated during the medical and security processing

Preferred Qualifications

MINIMUM QUALIFICATIONS:

Bachelor's degree in one of the following fields or related studies:

Information Assurance

Cyber Security

Computer Science

Computer Engineering

Other related engineering fields

Or, relevant verifiable work experience

GPA of at least 3.0 on a 4-point scale is preferred, but exceptions may be made for extenuating circumstances

Excellent verbal and written communication skills

Strong commitment to continuous learning

Ability to work both independently and in a team environment

DESIRED QUALIFICATIONS:

Track record of progressively responsible cyber experience in one or more of the following information security areas:

Networks, operating system, application-layer, and cloud security expertise

System evaluations

System Security Plans and Policy development

Security operations/network monitoring

Security information management/security event management

Network mapping

Vulnerability scanners, firewalls, routers and other security tools

Risk Management Framework

Professional certifications

ALL APPLICANTS MUST BE ELIGIBLE TO COMPLETE

A thorough medical and psychological exam

A polygraph interview

A comprehensive background investigationApplicants must generally not have used illegal drugs within the last 12 months. The issue of illegal drug use prior to 12 months ago is carefully evaluated during the medical and security processing

What We Offer

When you join AECOM, you become part of a company that is

pioneering the future . Our teams around the world are involved in some of the most cutting-edge and innovative projects and programs of our time, addressing the big challenges of today and shaping the built environment for generations to come. We ensure a workplace that encourages growth, flexibility and creativity, as well as a company culture that champions

inclusion, diversity and overall

employee well-being through programs supported by company leadership. Our

core values define who we are, how we act and what we aspire to, which comes down to not only

delivering a better world , but working to “make amazing happen” in each neighborhood, community and city we touch. As an Equal Opportunity Employer, we believe in each person’s potential, and we’ll help you reach yours.

Job Category Security / Force Protection

Business Line Management Services

Business Group Management Services Group (MS)

Country United States of America

Position Status Full-Time

Requisition/Vacancy No. 229374BR

Clearance Required Yes

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.