Requisition/Vacancy No\. 117684BR
**Position Title** Network Defender
**Job Category** Information Technology
**Business Line** Government
**Office Region** USA \- West
**Office Location** US \- Colorado Springs, CO
**Why Choose AECOM?** AECOM is a premier, fully integrated professional and technical services firm positioned to design, build, finance and operate infrastructure assets around the world for public\- and private\-sector clients\. With nearly 100,000 employees — including architects, engineers, designers, planners, scientists and management and construction services professionals — serving clients in over 150 countries around the world, AECOM is ranked as the \#1 engineering design firm by revenue in _Engineering News\-Record_ magazine’s annual industry rankings, and has been recognized by _Fortune_ magazine as a World’s Most Admired Company\. The firm is a leader in all of the key markets that it serves, including transportation, facilities, environmental, energy, oil and gas, water, high\-rise buildings and government\. AECOM provides a blend of global reach, local knowledge, innovation and technical excellence in delivering customized and creative solutions that meet the needs of clients’ projects\. A _Fortune 500_ firm, AECOM companies, including URS Corporation and Hunt Construction Group, have annual revenue of approximately $19 billion\. More information on AECOM and its services can be found at www\.aecom\.com\.
**About the Business Line** **Government**
AECOM’s Global Support Services \(GSS\) organization resides within AECOM’s Government business line and is comprised of three divisions — International Development, Operations and Mission Support, and Global Programs\. GSS has the international presence, personnel networks and procurement infrastructure to deliver support for any mission, anywhere\. We optimize the reliability, availability and sustainability of equipment, logistics systems and facilities for clients around the world\. GSS supports the U\.S\. Government, non\-U\.S\. Governments and industry clients with worldwide program management, planning, design, operations and maintenance, logistics, aviation services, security, international development, environmental and civil engineering and mission and intelligence support\.
**Job Summary** Network Defenders maintain a vigilant watch over external and internal data traffic for over 50\+ US Air Force Base’s and installations supporting the 561st Network Operation Squadron \(NOS\) in a 24/7 environment\. Services provided include: overseeing and directing incident response actions to investigating nefarious network activity, researching and making recommendations for effective mitigation of external threats, to include the utilization of Boundary Protection devices and to advise on the utilization of tools and procedures in order to sustain information security, integrity, and availability\.
+ Monitor, detect, and respond to network events and provide internal/external IT threat analysis affecting the operational availability of the AFIN
+ Identify and verbally report suspicious activity
+ Create and present written threat analysis reports
+ Perform trend analysis of traffic to identify “low\-and\-slow” attacks/scans of the enterprise, and recommend appropriate mitigating options
+ Detect and report host\-to\-host/peer\-to\-peer malicious internal network traffic
+ Terminate network sessions suspected of generating malicious network activity
+ Review, validate and report daily new technologies and tactics which threaten the AFIN
+ Monitor the AFIN in real\-time and identify suspicious activity and immediately report with recommendations/options to mitigate the suspicious activity
+ Coordinate with Air Force Computer Emergency Response Team \(AFCERT\) and affected base IA personnel to block any intruding IP addresses when the authenticity and authorization of a given network connection is not positively established
+ Coordinate with the AFCERT Incident Response Team \(IRT\) and Air Force Office of Special Investigations \(OSI\) personnel when required
Shift Hours:
3:30 PM \- 11:30 PM
**Minimum Requirements** Mandatory Qualifications:
+ Current Secret Security Clearance
+ Current Security \+ certification
+ ITIL Foundation certification
Experience:
+ Analyzing Firewall logs \(Sidewinder, CISCO PIX\), Proxy logs \(Blue Coat\) and Windows Event and Security logs
+ Knowledge of Network Topologies and devices
**Preferred Qualifications**
+ McAfee Host Based Security System \(HBSS\)
+ ArcSight, Splunk, Wireshark or SNORT
+ Network or Host Based IDS \(NIDS/HIDS\)
+ Active Directory
+ Remedy for Incident tracking
+ Experience with US Air Force Network environments
+ Certification or training in Information Security
+ 3\-5 Years experience as Systems Administrator in an Enterprise Environment
**What We Offer** AECOM is a place where you can put your innovative thinking and business skills into high gear and work alongside other highly intelligent and motivated people\. It's a place where you can apply your skills to some of the world's most challenging, interesting, and meaningful projects worldwide\. It's a place that values the diversity of our areas of practice and our people\. It's what makes AECOM a great place to work and grow\.
AECOM is an equal opportunity employer and Minorities, Females, Veterans, and Disabled persons are encouraged to apply\. For further information, please click here to view the EEO Is The Law poster\.
↧