Job Description

Company Description

At AECOM, we\'re delivering a better world.

We believe infrastructure creates opportunity for everyone. Whether it\'s improving your commute, keeping the lights on, providing access to clean water or transforming skylines, our work helps people and communities thrive.

Our clients trust us to bring together the best people, ideas, technical expertise and digital solutions to our work in transportation, buildings, water, the environment and new energy. We\'re one global team - 47,000 strong - driven by a common purpose to deliver a better world.

Here, you will have freedom to grow in a world of opportunity.

We will give you the flexibility you need to do your best work with hybrid work options. Whether you\'re working from an AECOM office, remote location or at a client site, you will be working in a dynamic environment where your integrity, entrepreneurial spirit and pioneering mindset are championed.

You will help us foster a culture of equity, diversity and inclusion - a safe and respectful workplace, where we invite everyone to bring their whole selves to work using their unique talents, backgrounds and expertise to create transformational outcomes for our clients.

We will encourage you to grow and develop your career with us through our technical and professional development programs and diverse career opportunities. We believe in leadership at all levels. No matter where you sit in the organization you can make a lasting impact on the projects you work on, the teams and committees you join and our business.

We offer competitive pay and benefits, well-being programs to support you and your family, and the development resources you need to advance your career.

When you join us, you will connect and collaborate with a global network of experts - planners, designers, engineers, scientists, consultants, program and construction managers - leading the change toward a more sustainable and equitable future. Join us and let\'s get started.



Cyber Governance:

- Assist in maintaining cybersecurity governance frameworks, policies, and standards.

- Execute and follow/track tasks in a GRC (Governance, Risk & Compliance) platform.

- Ensure alignment of cybersecurity strategies with business objectives, regulatory requirements, and industry best practices.

- Establish and maintain effective communication channels with stakeholders to promote cybersecurity governance

awareness and compliance.

Policy Lifecycle Management:

- Assist with executing end-to-end policy lifecycle management process, including policy development, review, approval, and

dissemination

- Collaborate with cross-functional teams to identify policy needs, review existing policies, and ensure policy effectiveness

and adherence

- Monitor regulatory changes and industry trends to keep policies up-to-date and aligned with emerging cybersecurity risks

and standards

General Risk Management:

- Conduct risk assessment exercises to identify and prioritize cyber risks.

- Work with key stakeholders such as Enterprise Risk Management, IT Infrastructure & Operations, Internal Audit, Legal, HR,

and Supply Chain groups to communicate and manage Cybersecurity requirements and provide guidance around

remediation or risk acceptance.

- Provide guidance to IT, Business, and Functional teams on controls/security/risk management/compliance issues; ensure

that project plans/technology initiatives are compliant with the support of a team lead or senior members of the team.

- Communicate and execute risk mitigation strategies and action plans, working closely with relevant teams to implement

controls and countermeasures.

- Monitor and report on key risk indicators, track risk treatment plans, and provide recommendations for risk reduction and

mitigation.

Cybersecurity Exceptions Management:

- Assist with the process of handling cybersecurity exceptions and deviations from established policies or controls.

- Evaluate exception requests, conduct risk assessments, and provide guidance on risk acceptance or mitigation measures

with the support of a team lead or senior members of the team.

- Ensure exceptions are properly documented, tracked, and reported to relevant stakeholders.

Qualifications

Minimum Requirements:

- Bachelor\'s degree in Cybersecurity, Information Technology, Risk Management, or other relevant courses

- At least 3 to 4 years of relevant experience in cyber governance, policy lifecycle management, general risk management,

and cybersecurity exceptions management

- Understanding and knowledge of cybersecurity frameworks (e.g., NIST Cybersecurity Framework, ISO 27001),

cybersecurity controls, technologies, industry standards, and best practices

- Familiarity with regulatory requirements and best practices in cybersecurity and privacy (e.g., GDPR, PCI-DSS, HIPAA)

- Understanding and knowledge around conducting risk assessments, threat modeling, and vulnerability assessments.

- Relevant certifications such as CISSP, CISA, CRISC, or similar are desirable.

Attributes:

- Ability to effectively communicate and collaborate within a specific group of internal and external customers.

(Communication)

- Ability to maintain good customer relationship with the ability to proactively support customer needs and requirements.

(Customer Service)

- Ability to be thorough and meticulous in completing assigned tasks and identifying errors, duplicates, & discrepancies

through defined methods. (Attention to Detail)

- Ability to identify, assess, and resolve simple to moderate issues by following defined policies and procedures. (Problem Solving)

Additional Information

Additional information

With infrastructure investment accelerating worldwide, our services are in great demand, and there\'s never been a better time to be at AECOM! Join us, and you\'ll get all the benefits of being a part of a global, publicly traded firm - access to industry-leading technology and thinking and transformational work with big impact and work flexibility.

AECOM provides a wide array of compensation and benefits programs to meet the diverse needs of our employees and their families. We also provide a robust global well-being program. We\'re the world\'s trusted global infrastructure firm, and we\'re in this together - your growth and success are ours too.

As an Equal Opportunity Employer, we believe in each person\'s potential, and we\'ll help you reach yours.

Join us and let\'s get started.

All your information will be kept confidential according to EEO guidelines.

About AECOM

AECOM is the world\'s trusted infrastructure consulting firm, delivering professional services throughout the project lifecycle - from advisory, planning, design and engineering to program and construction management. On projects spanning transportation, buildings, water, new energy and the environment, our public- and private-sector clients trust us to solve their most complex challenges. Our teams are driven by a common purpose to deliver a better world through our unrivaled technical and digital expertise, a culture of equity, diversity and inclusion, and a commitment to environmental, social and governance priorities. AECOM is a Fortune 500 firm and its Professional Services business had revenue of $13.1 billion in fiscal year 2022. See how we are delivering sustainable legacies for generations to come at aecom.com and @AECOM.

Freedom to Grow in a World of Opportunity

You will have the flexibility you need to do your best work with hybrid work options. Whether you\'re working from an AECOM office, remote location or at a client site, you will be working in a dynamic environment where your integrity, entrepreneurial spirit and pioneering mindset are championed.

You will help us foster a culture of equity, diversity and inclusion - a safe and respectful workplace, where we invite everyone to bring their whole selves to work using their unique talents, backgrounds and expertise to create transformational outcomes for our clients.

AECOM provides a wide array of compensation and benefits programs to meet the diverse needs of our employees and their families. We also provide a robust global well-being program. We\'re the world\'s trusted global infrastructure firm, and we\'re in this together - your growth and success are ours too.

Join us, and you\'ll get all the benefits of being a part of a global, publicly traded firm - access to industry-leading technology and thinking and transformational work with big impact and work flexibility. As an Equal Opportunity Employer, we believe in each person\'s potential, and we\'ll help you reach yours.

All your information will be kept confidential according to EEO guidelines.

AECOM