Cyber Security Project Manager

Glen Allen, VA, United States

Company Description

Work with Us. Change the World.

At AECOM, we're delivering a better world. Whether improving your commute, keeping the lights on, providing access to clean water, or transforming skylines, our work helps people and communities thrive. We are the world's trusted infrastructure consulting firm, partnering with clients to solve the world’s most complex challenges and build legacies for future generations.

There has never been a better time to be at AECOM. With accelerating infrastructure investment worldwide, our services are in great demand. We invite you to bring your bold ideas and big dreams and become part of a global team of nearly 50,000 planners, designers, engineers, scientists, digital innovators, program and construction managers and other professionals delivering projects that create a positive and tangible impact around the world.

We're one global team driven by our common purpose to deliver a better world. Join us.

Job Description

AECOM is seeking a client-facing Cyber Security Project Manager based out of our Glen Allen, VA office to support current Energy Utility cybersecurity implementation program and our growing Security & Communications Technology Group within the US East region. 

The ideal candidate will interface with the client daily, manage technical work, direct field staff, and oversee reporting for a variety of client locations primarily in Virginia.  As we align to the global strategy, overall regional growth strategy and focus on key clients in the region, this role will improve the contributions of the security and communications technology services team for the region.

The Cyber Security Project Manager will have the opportunity to support multiple projects across multiple business lines and will be afforded exposure to high profile projects sites throughout the AECOM Digital Technology client base.  

The job responsibilities of this position will include, but are not limited to:

  • Primary responsibility for implementing cyber security standards for a large energy utility with multiple generation assets including coal, gas, biomass, solar, and hydroelectric facilities.
  • Direct a team of system engineers and other domain experts in variety of cybersecurity roles including assessment, engineering/design, implementation, verification, compliance oversight, and research.
  • Work with internal and external engineering teams to build cybersecurity awareness and understanding, technical protocols and procedures for efficient and accurate project execution.
  • Engage in ongoing learning and information sharing efforts with other cybersecurity personnel at AECOM to grow the team’s knowledge base and capabilities.
  • Support technical project work in other areas of digital technology as needed.
  • Analyze Windows-based systems, networks, and interfaces for compliance with generalized standards and re-configure as required to meet cybersecurity requirements
  • Validate external logical and physical connections
  • Map on-site topology and validate that engineering drawings match actual implementation of hardware and software
  • Create hardware and software inventories
  • Identify non-essential and vulnerable software
  • Verify that logging capabilities are active and working; activate capabilities as required
  • Identify remote access tools and configurations
  • Review software and equipment for lifecycle management parameters; develop temporary mitigation and upgrade plans as required
  • Verify malware prevention presence and configuration
  • Apply patches and upgrades as required (to OS, software, firmware) in ICS environments and coordinate with engineering staff and supervisors to ensure processes are not disturbed or disturbances are planned/minimized
  • Credential management analysis (e.g. checking for password strength across systems and change frequency policies/records). Document findings and activities performed thoroughly per specific client and facility needs.
  • Manages projects and personnel. 
  • Oversees the administration and maintenance of the company’s infrastructure and directs, leads and manages as necessary. 
  • Works with diverse business groups and customers to implement strategic objectives for the IT organization.  
  • Plans and implements improvements in all areas of IT responsibility.  
  • Mentors and encourages development of junior level employees to take responsibility for their development within the company.  
  • Reports to an Sr. IT Manager.

Qualifications

MINIMUM REQUIREMENTS:

  • BA/BS + 8 years of related experience or demonstrated equivalency of experience and/or education
  • Valid U.S Driver’s License and as a condition of employment, must pass AECOM’s Motor Vehicle Records Review
  • Due to the nature of work, U.S. Citizenship is required for this position.
  • Ability to travel on a weekly basis within Virginia and the continental US up to 75%
  • As a condition of employment, candidates must pass a drug screening.

PREFERRED QUALIFICATIONS:

  • Bachelor’s or Master's Degree in Information Technology, Security, or related field from ABET accredited college or university
  • 9+ years of relevant experience in networks and cybersecurity related configuration elements & hardware     
  • Possess intermediate degree of technical skill in both Windows and Linux operating environments, with a strong ability to research and identify ways to accomplish required tasks
  • Strong understanding of networks and cybersecurity related configuration elements / hardware, Ability to understand, modify and apply basic scripts
  • Strong desire to continue learning and practicing/developing technical, hands-on skills. Familiarity with industry cybersecurity standards and best practices (e.g., NIST 800 series). Reliable with a high sense of confidentiality regarding the data and understands business limiters to ensure high value return
  • Cybersecurity community involvement (e.g. a portfolio of programming/scripting projects, cybersecurity related write-ups, blog posts / articles, public presentation videos or guides, etc.)
  • Operating Systems: MS Windows, MacOS, Kali Linux, Ubuntu. Industrial Control System Cybersecurity Certifications (CSSA, GICSP, GCIP, or GRID). Experience in industrial and power generation settings with industrial control systems is very beneficial in this role. Current cyber security implementation program requires the ability to direct and oversee staff performing all the following tasks with minimal guidance 
  • Direct experience with, or working knowledge of: Security Information and Event Management (SIEM), Open-Source Intelligence (OSINT), NMap network scan, Network packet analysis, Reverse Engineering (Ghidra), Web vulnerability scanning, Utility and power generation, Operational Technology (OT), Both IT and OT networking equipment, Industrial Control Systems (ICS), Distributive Control Systems (DCS), Programmable Logic Controllers (PLCs), Instrumentation and Control Engineering (ICE), Supervisory Control and Data Acquisition (SCADA), North American Electric Reliability Corporation - Critical Infrastructure Protection (NERC-CIP)

Additional Information

  • Sponsorship is not available for this position.
  • Relocation is not available for this position.
  • All your information will be kept confidential according to EEO guidelines.

#LI-SG1

About AECOM

AECOM is proud to offer a comprehensive benefits program to meet the diverse needs of our employees. Depending on your employment status, AECOM benefits may include medical, dental, vision, life, AD&D, disability benefits, paid time off, leaves of absences, voluntary benefits, perks, U.S and global well-being programs, employee assistance program, business travel insurance, service recognition awards, retirement savings plan, and employee stock purchase plan.

AECOM is the world’s trusted infrastructure consulting firm, delivering professional services throughout the project lifecycle – from advisory, planning, design and engineering to program and construction management. On projects spanning transportation, buildings, water, new energy and the environment, our public- and private-sector clients trust us to solve their most complex challenges. Our teams are driven by a common purpose to deliver a better world through our unrivaled technical and digital expertise, a culture of equity, diversity and inclusion, and a commitment to environmental, social and governance priorities. AECOM is a Fortune 500 firm and its Professional Services business had revenue of $14.4 billion in fiscal year 2023. See how we are delivering sustainable legacies for generations to come at aecom.com and @AECOM.

 

Freedom to Grow in a World of Opportunity 

You will have the flexibility you need to do your best work with hybrid work options. Whether you’re working from an AECOM office, remote location or at a client site, you will be working in a dynamic environment where your integrity, entrepreneurial spirit and pioneering mindset are championed.

You will help us foster a culture of equity, diversity and inclusion – a safe and respectful workplace, where we invite everyone to bring their whole selves to work using their unique talents, backgrounds and expertise to create transformational outcomes for our clients.

AECOM provides a wide array of compensation and benefits programs to meet the diverse needs of our employees and their families. We also provide a robust global well-being program. We’re the world’s trusted global infrastructure firm, and we’re in this together – your growth and success are ours too.

Join us, and you’ll get all the benefits of being a part of a global, publicly traded firm – access to industry-leading technology and thinking and transformational work with big impact and work flexibility. As an Equal Opportunity Employer, we believe in each person’s potential, and we’ll help you reach yours.

All your information will be kept confidential according to EEO guidelines.

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Compliance CSSA Driver’s license Ghidra GICSP Governance ICS Industrial Kali Linux MacOS Malware NIST Nmap OSINT Reverse engineering SCADA Scripting SIEM Strategy Travel Ubuntu Windows

Perks/benefits: Career development Equity Health care Insurance Relocation support Startup environment

Region: North America
Country: United States
Job stats:  9  1  0
Category: Leadership Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.