AECOM Technology Corporation
United Kingdom – London, London – UK
AECOM IT Global Information Security Organization is seeking a security operations analyst who has a background and experience in network security strategy and solutions to become a member of our Global Cyber Security Operations Centre (CSOC). This is a globally remote position that will cover business during UTC+1 offset hours.
This candidate will be an integral part of a high performing team providing triage and response services as part of a “follow the sun” model. He/she will be responsible for partnering with members of IT in multiple global regions for alert analysis, incident containment and remediation.
A qualified candidate is a seasoned professional with a broad level of experience in multiple areas of IT and a strong emphasis on network security strategy and solutions. This includes awareness of current security risks, threats and targeted attack methods, techniques and tactics. The candidate should have experience with technical investigations using contemporary event correlation and endpoint investigation technology.
Periodically the analyst will also be expected to liaise with the organization’s IT and security leadership in support of security OR business project(s) with security implications. At times this may include developing and maintaining vendor relationships. These projects typically target expansion or improvements to CSOC capabilities or new AECOM business development.
The candidate should also possess strong analytical skills and have an inherent drive for seeking knowledge, sharing knowledge and continuous process improvement.
MAJOR TASKS AND RESPONSIBILITIES MAY INCLUDE:
- Research, analyze and present options to evolve our suite of network security controls as well as integrations both upstream and downstream
- Develop and maintain a network security roadmap
- Identify and research network security improvement opportunities though interaction with IT operations, vendors and leading practices
- Work alongside network operations teams to gain alignment for necessary changes
- Create and edit granular network firewall/security filters & rules to reduce our attack surface and potential for breach
- Take part in projects as a subject matter expert and service owner
- Provide investigative support to the CSOC
- Manage and maintain playbooks and runbooks, both manual and automated; make recommendations for improvements
- Monitor and analyze alerts various sources in the incident queue
- Identify false positive alerts and create appropriate exceptions to quiet noisy alerts
- Identify and analyze systems exhibiting suspicious or malicious behavior
- Collect and analyze volatile forensic data to confirm or rule out malicious or attacker activity
- Document Indicators of Compromise (IOCs) in threat intelligence database
- Perform threat & malware analysis and research
- Perform containment during incident response
- Follow up and determine root cause of incidents
- Produce written reports to management after large scale incidents
- Provide recommendations post-incident to mitigate failed security controls
- Contribute to procedural methods and documentation
- Mentoring and knowledge sharing with local and global CSOC team members
At AECOM, we believe infrastructure creates opportunity for everyone. Whether it’s improving your commute, keeping the lights on, providing access to clean water or transforming skylines, our work helps people and communities thrive.
We take on the most complex challenges and pioneer innovative, iconic solutions that push the limits of what’s possible – the world’s longest cable-stayed bridge, record-breaking sports events, the largest greenfield port development mega project, life-sustaining and disaster recovery programs, and the tallest tower in the Western Hemisphere.
On projects spanning transportation, buildings, water, governments, energy and the environment, we deliver professional services throughout the project lifecycle.
We are proud to be recognized for excellence:
- Fortune’s World’s Most Admired Companies – 2014-2020
- #1 in Transportation and General Building in Engineering-News Record’s 2019 “Top 500 Design Firms” and #1 2019 “Top 200 Environmental Firms”
- VIQTORY 2020 Military Friendly® Gold Employer
- Perfect score on the Human Rights Campaign Foundation’s Corporate Equality Index for 2017-2019
- Bachelor degree in Cyber Security, Information Technology, Computer Science, or similar
- 6+ years of relevant experience in network security or demonstrated equivalency of experience and/or education
- Must be able to work EMEA business hours (UTC+1) and one on-call weekend every 2 months
- Proficient with DNS, routing protocols, network alerting use cases and Active Directory
- Hands on experience with virtualized, cloud and SaaS based firewalls and related network security platforms
- Experience with network security products and an understanding of the associated protocols, logs and configurations. This includes, but is not limited to VPN, load balancers, routers, next gen firewalls and IDS and IPS technology
- Must be fluent in the English language
- Excellent oral/written communication skills (in English)
- Experience working with a global company and team
- Able to pass a thorough background check
- Current security industry certifications preferred (GIAC, ISC2, EC-Council, etc)
- Strong analytical and problem-solving skills.
- Strong interpersonal and customer service skills
- Able to work well on a virtual team without close supervision
- Solid understanding of the Windows operating system, registry, security configurations, services, processes and WMI
- Experience with built-in OS shell commands and 3rd party command line tools
- Familiar with general IT security best practices and controls
- Familiarity with Linux/Unix systems
- Familiar with various infrastructure components, and how they interact
- Strong understanding of security and network event logs
- Basic understanding of email headers
- Experience with tools used for IP/host/binary research
- Solid understanding of malware, static and dynamic analysis and removal (detecting, persistence mechanism, network communication, etc)
- Strong scripting or application development skills preferred
- Experience with host-based forensics is preferred
- Experience on a SOC highly preferred
- Relocation is not available for this position
- Sponsorship is not available for this position
What We Offer
When you join AECOM, you become part of a company that is pioneering the future. Our teams around the world are involved in some of the most cutting-edge and innovative projects and programs of our time, addressing the big challenges of today and shaping the built environment for generations to come. We ensure a workplace that encourages growth, flexibility and creativity, as well as a company culture that champions inclusion, diversity and overall employee well-being through programs supported by company leadership. Our core values define who we are, how we act and what we aspire to, which comes down to not only delivering a better world, but working to “make amazing happen” in each neighborhood, community and city we touch. As an Equal Opportunity Employer, we believe in each person’s potential, and we’ll help you reach yours.
Job Category Information Technology
Business Line Corporate
Business Group Corporate
Country United Kingdom
Position Status Full-Time
Requisition/Vacancy No. 242775BR
Additional Locations AU – Melbourne, VIC – Collins Square, CA – Markham, ON – 105 Commerce Valley Dr W, HK – Shatin, N.T., PH – Taguig City, 14th Floor, Bonifacio Stopover Corp., SG – The Concourse, US – Houston, TX – 19219 Katy Freeway, US – Los Angeles, CA – 1999 Avenue of the Stars
Clearance Required No
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.