United States of America - Virginia, Norfolk
Position is advertised for Norfolk, but could be at any of the below locations: Norfolk, Virginia Beach (VA), Fallon (NV), Yuma (AZ), Havelock (NC), Jacksonville (FL):
Purpose and Scope:
Reporting to the CTTR Cybersecurity Assessment/Authorization Lead, performs in the Assessment & Authorization (A&A) Liaison/Analyst role to ensure assigned Department of Navy/DoD systems/Enclaves/Networks have the proper Authorization to Operate (ATO) and Authorization to Connect (ATC) certifications. This position is a member of a team developing recommended courses of action needed to transition current policies and procedures to the Risk Management Framework (RMF) approved processes.
Advise and assist associated organization POCs in their efforts to prepare and submit ATO and ATC packages to their respective approval authorities.
Identify network devices and equipment that have not been properly updated to minimize the potential for unauthorized intrusions and malicious software.
Conduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs.
Provide enterprise wide A&A support to the site ISSO's, ISSM, & CS Managers for the continual accreditation for all organizational, networks and applications.
Establish comprehensive process for assessment and evaluation of information system policies, technical / non-technical security components, documentation, supplemental safeguards, policies, and vulnerabilities as it pertains to accreditation.
Supports the Information Security Continuous Monitoring (ISCM), (NIST SP 800-137) which maintains the ongoing awareness of information security, vulnerabilities, and threats to an information system as it pertains to system accreditation.
Perform all other position related duties as assigned or requested.
Minimum Position Knowledge, Skills, and Abilities Required:
BA/BS in Information Systems Management, Computer Science or related discipline plus 2 years of experience. In lieu of formal education, at least 5 years of related experience.
Three (3) years' experience in the A&A functional area defining or evaluating computer security requirements for applications or networks. Experience developing policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data. Must have CompTIA Security+. Possess and maintain an active DoD Secret security clearance. Possess a valid state issued driver's license.
Familiarity with Qualified Navy Validator functions
OS Certification/Approved Training completed within 180 days of hire
Experience with creation and/or management of RMF Packages
Experience with Accreditation package management in eMASS (or similar i.e. XACTA)
Possession of excellent customer service and organization skills
Possession of excellent oral and written communication skills
Possession of excellent time-management skills
Detail-oriented, team player, self-starter/ability to complete tasks with minimal supervision
What We Offer
AECOM is a place where you can put your innovative thinking and business skills into high gear and work alongside other highly intelligent and motivated people. It's a place where you can apply your skills to some of the world's most challenging, interesting, and meaningful projects worldwide.
It's a place that values the diversity of our areas of practice and our people. It's what makes AECOM a great place to work and grow. AECOM is an Equal Opportunity Employer.
At AECOM, employee's safety and security are our top Safeguarding core value. All employees are expected to set the highest level of safety expectation in their work, display the highest level of safe behavior, and actively participate in AECOM's Safety For Life Program. SH&E is a part of our company culture and participation is required for all employees.
NOTICE TO THIRD PARTY AGENCIES: Please note that AECOM does not accept unsolicited resumes from recruiters or employment agencies.
In the absence of a signed Recruitment Fee Agreement, AECOM will not consider or agree to payment of any referral compensation or recruiter fee. In the event a recruiter or agency submits a resume or candidate without a previously signed agreement, AECOM explicitly reserves the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of AECOM.
Job Category Information Technology
Business Line Government
Business Group Management Services Group (MS)
Country United States of America
Position Status Full-Time
Requisition/Vacancy No. 197147BR
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.
Aecom Technology Corporation