Manager, Federal Information Systems Safeguarding and Compliance

Arlington, VA, United States

Company Description

Work with Us. Change the World.

At AECOM, we're delivering a better world. Whether improving your commute, keeping the lights on, providing access to clean water, or transforming skylines, our work helps people and communities thrive. We are the world's trusted infrastructure consulting firm, partnering with clients to solve the world’s most complex challenges and build legacies for future generations.

There has never been a better time to be at AECOM. With accelerating infrastructure investment worldwide, our services are in great demand. We invite you to bring your bold ideas and big dreams and become part of a global team of nearly 50,000 planners, designers, engineers, scientists, digital innovators, program and construction managers and other professionals delivering projects that create a positive and tangible impact around the world.

We're one global team driven by our common purpose to deliver a better world. Join us.

Job Description

AECOM is seeking a Temporary Manager, Federal Information Systems Safeguarding and Compliance. This role will serve as a member of the Federal Business Services team and will report to the Director of Federal Business Services Federal Information Safeguarding and Compliance. This position is temporary to cover work for a specific project and federal safeguarding compliance configurations. We anticipate this position will last for a period of 4 – 6 months. This will be a remote role and will be based out of Arlington, VA.

This role will be responsible for developing and supporting adherence to all aspects of a rigorous Secure Services compliance program as stipulated by DFARS, internal Cybersecurity Control Standards and associated NIST publications. This will include:

  • Assisting the Director regarding IT and information system security issues by implementing common information system security practices, policies and technologies.
  • Interfacing with multiple AECOM project teams and functional groups and provide support in developing proposals, responding to inquiries, define and deliver Secure Services as needed and provide direct support throughout the secure operation of federal projects.
  • Being proficient in DFARS and Contractor Program Security functions, responsibilities, and disciplines that make up a strong Federal Security Program.

Additionally, the ideal candidate will be a cyber security generalist and will be experienced in providing guidance to both technical and operations delivery teams across all aspects of information security, ensuring adherence to federal regulations and best practices which promote secure and reliable delivery of mission critical services within a global enterprise.

Roles and Responsibilities

  • Maintain operational security posture for programs and information systems
  • Information safeguarding interface to AECOM project teams
  • Participate in the system development lifecycle to ensure secure solutions are delivered
  • Ensure system security measures comply with applicable government policies
  • Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system
  • Ensure proper measures are taken when a federal information security incident or vulnerability is discovered
  • Assist IT in monitoring and resolving Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned Information Systems
  • Maintain thorough understanding of NIST 800-171 controls, as well as document implementation in the Systems Security Plan
  • Conduct reviews and technical inspections to identify and mitigate potential security weaknesses and ensure that all security controls applied to a system are implemented and functional
  • Maintains awareness of upcoming customer / government driven changes and challenges and suggests approaches to meet those challenges
  • Ensure development and implementation of applicable Federal information security education, training, and awareness activities
  • Responsible for both the technical practice and operational management of one large or multiple small to medium sized offices/operating units with moderate complexity
  • Determines and executes the strategic direction of the office(s) to ensure financial profitability
  • Works in conjunction with the district and/or regional management to ensure financial success of the offices within the district or operating unit

Tasks and objectives:

  • Cloud services reduction- AWS
  • Onboard business teams, oversee the contractor provisioning SSD workspaces
  • Virtualize the SSD in Azure by working with project teams defining requirements, architecting and overseeing the delivery of assets, developing and updating project specific work instructions
  • Develop and document run books for virtualizing SSD applications
  • FY25 budgeting- roadmap
  • Peering with cleared facilities ISSM, develop cleared facilities run book.
  • Extend USA safeguarding knowledge to Canada
  • Information Security Oversight
  • Environment Security Initiatives
  • Environment Security Controls/Measures
  • Governance & Compliance Oversight
  • Regulatory Compliance Initiatives (NIST 800-171, CMMC II)
  • POA&M & Attestation Compliance
  • Engineering Oversight
  • Project Onboarding
  • Workload Support & Consumption
  • Operation & Maintenance Oversight
  • Azure GCC-High Support
  • Azure Networking Support
  • Azure Firewall Support
  • Azure Web Application Firewall Support
  • Azure Database Support
  • Azure Virtual Machines Support
  • SSD Helpdesk Oversight
  • Add ports document updates
  • Audit remediation
  • Mature and support FBS Artificial Intelligence, FAQ Bots, user self-service tools

Qualifications

Minimum Requirements:

  • Bachelors degree in Information systems/technology or a related field + 8 years of experience securing enterprise networks and information systems according to Industry frameworks (such as NIST 800-171) or a demonstrated equivalency of experience and/or education.
  • Understanding of RMF to include: NIST SP 800-171, NIST SP 800-53, DFARS Clause 252.204-7012 and or FAR Clause 52.204-21
  • Expert technical & operational knowledge of cyber technologies such as (SSO, MFA, Endpoint Protection, Encryption, DLP, Vulnerability Scanning Firewalls, IDS/IPS, AWS)
  • At least one relevant IT Security Certification (PMP, CISSP, SANS, CCSP, Security+, CISM, etc.)
  • Past federal Cyber Security experience
  • Due to nature of work, candidate must be a US Citizen

Preferred Qualifications:

  • Experienced at managing large scale enterprise wide security projects
  • Familiar with secure coding and secure software development lifecycle processes
  • Previous experience designing and implementing a Secure Services Domain is a plus
  • Knowledge and experience with public cloud environments (Azure, AWS)
  • Knowledge of security methodologies, policies, standards and industry practices
  • Candidates with prior experience with AECOM Information Safeguarding and Compliance will be preferred
  • Ability to communicate in both written & verbal forms, technical matters in detail with subject matter expert engineers and then pivot to communicate into business, financial, or user experience perspectives for executive and non-technical audiences
  • Ability to remain organized, pay attention to detail, and meet critical deadlines
  • Strong quantitative and analytical skills
  • Strong written, verbal, interpersonal and presentation skills with the ability to lead meetings and present to large groups of technical and business personnel
  • Performing effectively in a team environment and independently with minimal direction; self-motivated Employee
  • Highly self-motivated and ability to work on multiple activities in a fast-paced environment

Additional Information

  • This position does not include sponsorship for United States work authorization now or in the future
  • Relocation assistance and/or per diem is not offered for this position
  • All your information will be kept confidential according to EEO guidelines
  • Offered rate of compensation will be based on individual education, qualifications, experience, and work location. The salary range for this position is $141k - $155k annually. 
  • AECOM is proud to offer a comprehensive benefits program to meet the diverse needs of our employees. Depending on your employment status, AECOM benefits may include medical, dental, vision, life, AD&D, disability benefits, paid time off, leaves of absences, voluntary benefits, perks, U.S and global well-being programs, employee assistance program, business travel insurance, service recognition awards, retirement savings plan, and employee stock purchase plan.

About AECOM

AECOM is the world’s trusted infrastructure consulting firm, delivering professional services throughout the project lifecycle – from advisory, planning, design and engineering to program and construction management. On projects spanning transportation, buildings, water, new energy and the environment, our public- and private-sector clients trust us to solve their most complex challenges. Our teams are driven by a common purpose to deliver a better world through our unrivaled technical and digital expertise, a culture of equity, diversity and inclusion, and a commitment to environmental, social and governance priorities. AECOM is a Fortune 500 firm and its Professional Services business had revenue of $14.4 billion in fiscal year 2023. See how we are delivering sustainable legacies for generations to come at aecom.com and @AECOM.

 

Freedom to Grow in a World of Opportunity 

You will have the flexibility you need to do your best work with hybrid work options. Whether you’re working from an AECOM office, remote location or at a client site, you will be working in a dynamic environment where your integrity, entrepreneurial spirit and pioneering mindset are championed.

You will help us foster a culture of equity, diversity and inclusion – a safe and respectful workplace, where we invite everyone to bring their whole selves to work using their unique talents, backgrounds and expertise to create transformational outcomes for our clients.

AECOM provides a wide array of compensation and benefits programs to meet the diverse needs of our employees and their families. We also provide a robust global well-being program. We’re the world’s trusted global infrastructure firm, and we’re in this together – your growth and success are ours too.

Join us, and you’ll get all the benefits of being a part of a global, publicly traded firm – access to industry-leading technology and thinking and transformational work with big impact and work flexibility. As an Equal Opportunity Employer, we believe in each person’s potential, and we’ll help you reach yours.

All your information will be kept confidential according to EEO guidelines.

Apply now Apply later
  • Share this job via
  • or

Tags: Artificial Intelligence AWS Azure CCSP CISM CISSP Cloud CMMC Compliance DFARS Encryption Firewalls Governance IDS IPS Monitoring NIST NIST 800-53 POA&M RMF SANS SDLC SSO Vulnerabilities

Perks/benefits: Career development Equity Health care Insurance Relocation support Startup environment

Region: North America
Country: United States
Job stats:  10  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.