Are you interested in Information Assurance and Computer Network Defense (IA/CND) or have you ever worked in or had aspirations to oversee Cyber Defense operations that includes Firewall, Virtual Private Network and Network Access Control Management? AECOM is looking for someone to employ Defense-in-Depth security strategies across an Enterprise-wide network.

The Information Assurance Engineer is responsible for maintaining the security, integrity and robustness of a portion of the DoD Global Information Grid (GIG). This includes the infrastructure associated with the GIG (routers and switches), the boundary protection devices (firewalls and proxy servers), intrusion detection devices, software antivirus and anti-spam services and core services within a Network Operations Security Center (NOSC).


Information Assurance Engineer will be part of a Network Operations Security (NOSC) team working with Vulnerability Assessment and Security Incident Response personnel with providing Information Assurance (IA) and Computer Network Defense (CND) security capabilities and direction. Performs management functions on devices such as Firewalls, Routers, Switches, VPN and NAC solutions to include network based Intrusion Detection, Intrusion Prevention Systems and Host base Intrusion Prevention Systems. Assists in the assessments of systems and networks within the network environment or enclave and identify where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. On occasion, works with the IT work centers to develop risk response recommendations for the government client organization including avoidance, transference, acceptance or mitigation of security risks and vulnerabilities. The candidate should have experience in managing, configuring and sustaining an enterprise network environment of boundary and infrastructure equipment/capabilities. In addition, candidate must be able to perform network server builds, test their configuration and remotely manage their capabilities.

Candidate may be asked to manage and monitor the following capabilities:

Wireless Local Area Network

LAN/WAN Connectivity

Remote Access Controls

VoIP Security

Malicious Codes Control (Anti-Virus/Anti-Malware systems)

Intrusion Detection and Prevention

Media Control Practices

Physical and Environmental Security

Data Leakage Protection

Network Penetration Assessment Tools (e.g. CoreImpact)

Host Based Intrusion Prevents Systems

Forensic Application Suites (e.g. EnCase)


Candidate may be asked to produce, although not all inclusive, the following information as part of an assessment:

Both Executive and Technical summaries containing the findings and recommendations on how to improve technical deficiencies and potential DISA STIG or IAVA oversights

All work papers including network vulnerability scan results of locations

A network inventory summary listing all computing devices examined (Computing device configurations and installed software details)

A topology detailing WAN/LAN connectivity and critical networking components

Candidate may be responsible for, among other tasks, reviewing and coordinating the implementation of DoD policies and procedures concerning Information Assurance. Candidate will be actively involved in staying abreast of and informing the client of the current government directives, instructions, guidance or policies regarding or impacting Information Assurance.


Excellent communication and presentation skills required.



Active Secret security clearance (or ability to be granted an interim Secret clearance)

Security+ certification

Achievement of ITILv3 certification

2+ Years IT or Computer Network Defense (CND) enterprise network experience

Experience with Checkpoint, Sidewinder, PIX or similar firewalls

Experience with BlueCoat Proxy or Websense or internet access management system

Experience with Virtual Private Network solutions (Juniper)

Experience with Network Access Control (NAC)

Experience with Intrusion Prevention, Intrusion Detection, or Host Intrusion Prevention/Detection systems

Shift flexibility mandatory



CCNA, MCSE, MCITP or Certified Ethical Hacker (CEH) certification Experience with MS System Center Configuration Manager (SCCM) Familiarity with Vulnerability Life-Cycle Management (VLMS)

Host Based Security System (HBSS)

Scanning tools such as eEye Retina, Nessus, Accunetix

Forensic tool such as EnCase

Experience with ePolicy Orchestrator (HBSS)

Experience with Remedy Trouble Ticketing System for Incident tracking

Experience with Anti-Virus/Anti-Malware systems

Current TS/SCI security clearance


Please Apply to link below:


About Jay Perreault

Recruits for a full range of IT Services, which support every stage of the systems development lifecycle… SUMMARY Proven experience in leadership and operations within a corporate work environment, and foster internal growth for current employer of choice while improving individual chances for success. Proactive Recruiting Manager with more than 15 years of experience in training, managing and executing delivery for local and global organizations. Long record of achievement in the following industries: architecture, banking, corporate, commercial and most recently within the intelligence and information technology fields. KEY ATTRIBUTES • Talent Management • Cross Function Team Leadership • Succession Planning • Employee Relations • Work Force Planning • Career Counseling • Social Media Strategist • Project Planning • Enterprise Social Networking • Attrition Planning • P&L Budget Management • Retention