AECOM is where women work

Home    AECOM    Jobs    Job

Job is no longer available

Security Monitoring and Incident Response Lead, EMEAI


St Albans, United Kingdom

AECOM is a premier, fully integrated professional and technical services firm positioned to design, build, finance and operate infrastructure assets around the world for public- and private-sector clients. With nearly 100,000 employees — including architects, engineers, designers, planners, scientists and management and construction services professionals — serving clients in over 150 countries around the world, AECOM is ranked as the #1 engineering design firm by revenue in Engineering News-Record magazine’s annual industry rankings, and has been recognized by Fortune magazine as a World’s Most Admired Company. AECOM provides a blend of global reach, local knowledge, innovation and technical excellence in delivering customized and creative solutions that meet the needs of clients’ projects. A Fortune 500 firm, AECOM companies, including URS Corporation and Hunt Construction Group, have annual revenue of approximately $19 billion.

About the Business Line Construction Services
Our talented experts are dedicated to managing the complexity inherent in construction projects, catering to each client’s unique needs. We provide services such as program management, construction management and owner’s representation to our clients around the globe.

Job Summary
We are seeking an individual to lead the SOC functions which include Incident Response and monitoring in the EMEAI region and oversee the APAC region, within a Fortune 500 company with nearly 100,000 employees worldwide. He/she will serve as a critical member of a global Security Operations Center (SOC) and will play a key part in lifting the SOC to a world class level.

A qualified candidate is a seasoned professional with a broad level of experience in multiple areas of IT and a strong emphasis on Information Security. This includes awareness of current security risks, threats and targeted attack methods. This individual will be a human sensor for the global monitoring and response team as part of a “follow the sun” model and will be responsible for partnering with members of IT in the EMEAI and APAC regions for incident containment and remediation.

Expand the global SOC team as the SOC lead for the EMEAI and APAC regions.
Accept responsibility for ongoing incidents handed off from the previous shift.
Communicate status of new and ongoing incidents that are handed off to the following shift.
Monitor and analyze alerts from various sources in the SOC queue.
Identify false positive alerts and work with SIEM to quiet noisy alerts.
Identify systems exhibiting suspicious or malicious behavior.
Collect and analyze volatile forensic data to confirm or rule out malicious and/or attacker activity.
Document Indicators of Compromise (IOCs) in threat intelligence database.
Perform malware analysis and research.
Incident containment.
Follow up and determine root cause of incidents.
Produce written reports to management after large scale incidents.
Develop Corrective Action Plans (CAPs) to recover from incidents.
Contribute to procedural methods and documentation.
Mentoring and knowledge sharing with local and global SOC teams.
All other reasonable job tasks as determined by the Director of the SOC.

Minimum Requirements
Must be fluent in the English language
Excellent oral/written communication skills (in English) are mandatory
Able to pass a thorough background check
Bachelor’s Degree with concentration in Computer Science or equivalent experience
Current security industry certifications preferred (GIAC, ISC2, EC-Council, etc.)
Strong analytical and problem solving skills
General IT security best practices knowledge that include Firewalls, Server Hardening, Web Content Filtering, Vulnerability Scanning, and Endpoint Protection (antivirus, disk encryption, host intrusion prevention, etc.)
Experience with packet capture and analysis preferred (Security Onion, Wireshark, and other tools)
Solid understanding of Windows operating system, registry, security configurations, services, processes and WMI
Familiarity with Linux/Unix systems
Strong scripting or application development skills preferred
Global experience
Able to work well on a virtual team without close supervision
Strong understanding of security and network event logs
Strong interpersonal and customer service skills
Experience with common open source forensic tools
Basic understanding of email headers
Experience with tools for ip/host/binary research

Preferred Qualifications Advanced degree an advantage

What We Offer
AECOM is a place where you can put your innovative thinking and business skills into high gear and work alongside other highly intelligent and motivated people. It's a place where you can apply your skills to some of the world's most challenging, interesting, and meaningful projects worldwide. It's a place that values the diversity of our areas of practice and our people. It's what makes AECOM a great place to work and grow.


Share this page:

Join the community