Job Description

United States of America - Washington, Seattle

Job Summary

AECOM is seeking a Sr. Security Operations Analyst to become a member of our Global Cyber Security Operations Centre (CSOC). This candidate will be an integral part of a high performing team providing triage and response services as part of a follow the sun model. He/she will be responsible for partnering with members of IT across the globe for incident analysis, containment and remediation. A qualified candidate should have a broad level of experience in multiple IT and Cyber Security domains, including awareness of current security risks, threats and targeted attack methods and TTPs. The candidate should have experience with technical investigations using contemporary SIEM and EDR technology.

This will be a remote/telecommute position that can be based from anywhere in the United States.

MAJOR TASKS AND RESPONSIBILITIES MAY INCLUDE:

* Developed tactics, techniques, and procedures to improve the characterization of malware

* Collaborate with members of the intel community to characterize adversarial nation-state behavior

* Improve processes for identifying domestic threats in cyberspace

* Engineer methods for tracking the development status of new capabilities

* Develop and maintain SIEM content and reporting

* Take part in projects as a subject matter expert and service owner

* Provide investigative support to the CSOC

* Manage and maintain playbooks and runbooks; make recommendations for improvements

* Analyze phishing emails submitted for review

* Monitor and analyze alerts from various sources in the incident queue

* Identify false positives and create appropriate exceptions

* Identify and analyze systems exhibiting suspicious or malicious behavior

* Collect and analyze volatile forensic data to confirm or rule out malicious or attacker activity

* Document and research malicious emails from phishing review and provide data for cleanup and email purge to the appropriate email teams.

* Create and edit granular email filter rules to catch current phishing/malware campaigns

* Document Indicators of Compromise (IOCs) in threat intelligence database

* Perform threat & malware analysis and research

* Perform containment during incident response

* Follow up and determine root cause of incidents

* Produce written reports to management after large scale incidents

* Provide recommendations post-incident to mitigate failed security controls

* Contribute to procedural methods and documentation

* Mentoring and knowledge sharing with local and global CSOC team members

Level specific responsibilities:

* Works under minimal supervision.

* Has system-wide responsibility on complex projects and components.

* Provides direction for projects.

* Solves medium to highly technical, complex problems on multiple projects, and provides consultative support to internal staff.

* Assists with the transfer of knowledge of technical skills.

* Project size could range from medium to high complexity Viewed as a subject matter expert within the organization.

* Acts as a mentor to less senior IT staff.

KNOWLEDGE, SKILLS, ABILITIES, AND COMPETENCIES

* Excellent oral/written communication skills (in English).

* Strong analytical and problem-solving skills.

* Strong interpersonal and customer service skills

* Able to work well on a virtual team without close supervision

* Solid understanding of malware, static and dynamic analysis and removal (detecting, persistence mechanism, network communication, etc.)

* Basic understanding of email headers

* Familiar with general IT security best practices and controls

* Familiar with various infrastructure components, and how they interact

About AECOM

At AECOM, we believe infrastructure creates opportunity for everyone. Whether its improving your commute, keeping the lights on, providing access to clean water or transforming skylines, our work helps people and communities thrive.

We take on the most complex challenges and pioneer innovative, iconic solutions that push the limits of whats possible the worlds longest cable-stayed bridge, record-breaking sports events, the largest greenfield port development mega project, life-sustainingand disaster recovery programs, and the tallest tower in the Western Hemisphere.

On projects spanning transportation, buildings, water, governments, energy and the environment, we deliver professional services throughout the project lifecycle.

We are proud to be recognized for excellence:

* Fortune s Worlds Most Admired Companies 2014-2020

* 1 in Transportation and General Building in Engineering-News Record 's 2019 Top 500 Design Firms and 1 2019 Top 200 Environmental Firms

* VIQTORY 2020 Military Friendly Gold Employer

* Perfect score on the Human Rights Campaign Foundation's Corporate Equality Index for 2017-2019

Minimum Requirements

* Bachelors Degree in Cyber Security, Computer Science or similar field plus 6 years of relevant information security / cyber security experience, or demonstrated equivalency of experience and/or education.

* Must be fluent in the English language

Preferred Qualifications

* Experience working with a global company and team

* Current security industry certifications preferred (GCFA, GCFE, GREM, GIAC, ISC2, EC-Council, etc)

* Solid understanding of the Windows operating system, registry, security configurations, services, processes and WMI

* Experience with built-in OS shell commands and 3rd party command line tools

* Familiarity with Linux/Unix systems

* Experience with cloud computing

* Strong understanding of security and network event logs

* Experience with tools used for IP/host/binary research

* Strong scripting or application development skills preferred

* Experience with host-based forensics is preferred

* Experience on a SOC highly preferred

What We Offer

When you join AECOM, you become part of a company that is pioneering the future. Our teams around the world are involved in some of the most cutting-edge and innovative projects and programs of our time, addressing the big challenges of today and shaping the built environment for generations to come. We ensure a workplace that encourages growth, flexibility and creativity, as well as a company culture that champions inclusion, diversity and overall employee well-being through programs supported by company leadership. Our core values define who we are, how we act and what we aspire to, which comes down to not only delivering a better world, but working to make amazing happen in each neighborhood, community and city we touch. As an Equal Opportunity Employer, we believe in each persons potential, and well help you reach yours.

Job Category Information Technology

Business Line Corporate

Business Group Corporate

Country United States of America

Position Status Full-Time

Requisition/Vacancy No. 246382BR

Additional Locations US - Atlanta, GA - 1360 Peachtree St NE, US - Boston, MA - One Federal St, US - Chicago, IL - 303 E Wacker Drive, US - Denver, CO - 7595 East Technology Way, US - Glen Allen, VA - 4840 Cox Road, US - Houston, TX - 19219 Katy Freeway, US - Los Angeles, CA - 300 S Grand Ave, US - New York, NY - 125 Broad Street

Virtual: Yes

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.