AECOM Senior Analyst, Cyber Security (Globally Remote) in Shatin, United States
Australia - Queensland, Fortitude Valley
AECOM is seeking a Security Analyst for our Global Cyber Security Operations Centre (CSOC). The work location for this position is global and remote with specific requirements to cover the UTC +10 or +11 time zone hours covering the APAC region.
This role will be an integral part of a high performing team providing triage and response services as part of a “follow the sun” model. He/she will be responsible for partnering with members of IT in APAC and other global regions for incident containment and remediation.
Periodically the analyst will also be expected to liaise with the organization’s IT and security leadership in support of security OR business project(s) with security implications. These projects typically target expansion or improvements to CSOC capabilities or new AECOM business development.
The ideal candidate for this role is a seasoned professional with a broad level of experience in multiple areas of IT and a strong emphasis on Cyber Security. This includes awareness of current security risks, threats and targeted attack methods, techniques and tactics. In addition, we are seeking someone who has experience with technical investigations using contemporary event correlation and endpoint investigation technology. Finally, the candidate should possess strong analytical skills and have an inherent passion for seeking knowledge, sharing knowledge and continuous process improvement.
MAJOR TASKS AND RESPONSIBILITIES MAY INCLUDE:
Create strong relationships with IT leaders in the APAC region to become a trusted partner in the realm of incident response.
Accept responsibility for ongoing incidents handed off from the previous shift.
Communicate status of new and ongoing incidents that are handed off to the following shift.
Manage and maintain playbooks and runbooks, both manual and automated; make recommendations for improvements.
Analyze phishing emails submitted for review.
Monitor and analyze alerts from various sources in the incident queue.
Identify false positive alerts and create appropriate exceptions to quiet noisy alerts.
Identify and analyze systems exhibiting suspicious or malicious behavior.
Collect and analyze volatile forensic data to confirm or rule out malicious or attacker activity.
Document and research malicious emails from phishing review and provide data for cleanup and email purge to the appropriate email teams.
Create and edit granular email filter rules to catch current phishing/malware campaigns.
Document Indicators of Compromise (IOCs) in threat intelligence database.
Perform threat & malware analysis and research.
Perform containment during incident response.
Follow up and determine root cause of incidents.
Produce written reports to management after large scale incidents.
Provide recommendations post-incident to mitigate failed security controls.
Contribute to procedural methods and documentation.
Mentoring and knowledge sharing with local and global CSOC team members.
At AECOM, we believe infrastructure creates opportunity for everyone. Whether it’s improving your commute, keeping the lights on, providing access to clean water or transforming skylines, our work helps people and communities thrive.
We take on the most complex challenges and pioneer innovative, iconic solutions that push the limits of what’s possible – the world’s longest cable-stayed bridge, record-breaking sports events, the largest greenfield port development mega project, life-sustaining and disaster recovery programs, and the tallest tower in the Western Hemisphere.
On projects spanning transportation, buildings, water, governments, energy and the environment, we deliver professional services throughout the project lifecycle.
We are proud to be recognized for excellence:
Fortune’s World’s Most Admired Companies – 2014-2020
#1 in Transportation and General Building in Engineering-News Record's 2019 “Top 500 Design Firms” and #1 2019 “Top 200 Environmental Firms”
VIQTORY 2020 Military Friendly® Gold Employer
Perfect score on the Human Rights Campaign Foundation's Corporate Equality Index for 2017-2019
Bachelor degree in Cyber Security, Computer Science, or similar and 4+ years of relevant experience or demonstrated equivalency of experience and/or education.
Must be able to work during UTC +10 or +11 time zone hours and one on-call weekend every 2 months.
Fluency in the English language.
Excellent oral/written communication skills (in English) are.
Experience working with a global company and team.
Ability to pass a thorough background check.
Current security industry certifications preferred (GIAC, ISC2, EC-Council, etc).
Strong analytical and problem-solving skills.
Strong interpersonal and customer service skills.
Able to work well on a virtual team without close supervision.
Solid understanding of the Windows operating system, registry, security configurations, services, processes and WMI.
Experience with built-in OS shell commands and 3rd party command line tools.
Familiar with general IT security best practices and controls.
Familiarity with Linux/Unix systems.
Familiar with various infrastructure components, and how they interact.
Experience with cloud computing.
Relocation is not available for this position
Sponsorship is not available for this position
What We Offer
When you join AECOM, you become part of a company that is pioneering the future. Our teams around the world are involved in some of the most cutting-edge and innovative projects and programs of our time, addressing the big challenges of today and shaping the built environment for generations to come. We ensure a workplace that encourages growth, flexibility and creativity, as well as a company culture that champions inclusion, diversity and overall employee well-being through programs supported by company leadership. Our core values define who we are, how we act and what we aspire to, which comes down to not only delivering a better world, but working to “make amazing happen” in each neighborhood, community and city we touch. As an Equal Opportunity Employer, we believe in each person’s potential, and we’ll help you reach yours.
Job Category Information Technology
Business Line Corporate
Business Group Corporate
Position Status Full-Time
Requisition/Vacancy No. 241493BR
Additional Locations AU - Melbourne, VIC - Collins Square, CA - Markham, ON - 105 Commerce Valley Dr W, HK - Shatin, N.T., SG - The Concourse, UK - London, US - Houston, TX - 19219 Katy Freeway, US - Los Angeles, CA - 1999 Avenue of the Stars
Clearance Required No
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.