Director, Cyber Security Operations & Incident Response

Reqid: 260117BR

Job Category: Information Technology

Business Line: Corporate

Business Group: Corporate

Virtual: Yes

Job Summary

AECOM is seeking a Director, Cyber Security Operations & Incident Response. This position will lead the day-to-day operations and continued evolution of the organization’s Cyber Incident Response program and Global Cyber Security Operations Center. The Leader is expected to be a subject matter expert in cyber forensics, industry best practices and incident response process. The Director will have overall accountability for a timely and appropriate response to security threats and incidents. This will be a remote/virtual position that can be based from a variety of location in the US, not limited to those listed.

The responsibilities of this role are:

  • Lead, manage and mature the people, process, and technologies present in a 24×7 global security operations center.
  • Collaborate with stakeholders such as Crisis Management and Business Continuity to support security larger initiatives, assessments, and resilience testing.
  • Develop and direct the Enterprise Incident Response Program ensuring continuous maturity.
  • Define and maintain dashboards and metrics that support Incident Response Program and Cyber Security Operation Center maturity efforts.
  • Provide cyber security briefings, status updates, and consultancy to various audiences, including technical and executive leadership teams.
  • Leverage the incident response program to conduct cyber table-top simulations and educational sessions with stakeholders
  • Provide leadership for incident response investigations, coordinate response activity and brief senior leaders while maintaining confidentiality

Skills and Abilities

Management and Leadership:

  • Unwavering focus and crisis management skills and the ability to manage relationships and communication channels.
  • Exceptional written and verbal presentation skills – able to articulate complex technical issues concisely to both technical personnel and executive-level management.
  • Exceptional leadership skills, able to lead, manage and grow a global cyber security operations center and incident response program
  • Advanced critical thinking and decision-making ability, able to explain and defend a complex decision point.
  • Demonstrated ability to communicate complex subjects regarding strategic and tactical incident response processes to stakeholders of varying technical levels.
  • Highly motivated and self-sufficient, able to operate autonomously within the scope of the role.


  • In depth experience leading security incident response processes in the cloud, virtualized, and on-prem environments.
  • Extensive and direct experience in high-pressure situations managing and responding to complex technical cyber security incidents.
  • Develop and present accurate and timely information to stakeholders outlining proper technical solutions, recommendations, and accurate conclusions.
  • Proven skills in various elements of incident response, including but not limited to computer intrusion investigations and digital forensics in enterprise environments.
  • Understanding current and emerging threats and associated countermeasures by establishing solid relationships with cyber threat teams and vendors. This includes directing a team on managing, maintaining, and increasing visibility into the organization and applying threat intelligence to proactively mitigate risk.

Minimum Requirements

  • BA/BS plus at least 12 years of experience or demonstrated equivalency of experience and/or education, including 4 years of leadership.
  • Experience influencing key stakeholders to resolve high-impact security incidents.
  • Ability to work independently on multiple projects with minimal supervision and meet aggressive deadlines is essential.
  • Experience with the tools and techniques used in security event analysis, incident response, computer forensics, malware analysis, or other areas of security operations.
  • Strong understanding of advanced persistent threats, attacker methodologies, attack lifecycle, cyber kill chain, diamond modeling and the MITRE framework.

Preferred Qualifications

  • Advanced certification in cyber security a plus, CISSP, GCIH, GCFE, GCIA, CISM or similar.
  • Experience within a highly regulated industry (banking, finance, investments, etc.)
  • Current security clearance preferred.

Additional Information:

  • Sponsorship for US work authorization is not available for this position.

At AECOM, we’re delivering a better world.

We believe infrastructure creates opportunity for everyone. Whether it’s improving your commute, keeping the lights on, providing access to clean water or transforming skylines, our work helps people and communities thrive.

Our clients trust us to bring together the best people, ideas, technical expertise and digital solutions to our work in transportation, buildings, water, the environment and new energy. We’re one global team – 47,000 strong – driven by a common purpose to deliver a better world.

Offered rate of compensation will be based on individual education, qualifications, experience, and work location. The midpoint of the salary range is $195,410 annually.

AECOM is proud to offer a comprehensive benefits program to meet the diverse needs of our employees. Depending on your employment status, AECOM benefits may include medical, dental, vision, life, AD&D and disability benefits, paid time off, leaves of absence, retirement benefits, voluntary benefits, perks, wellness and global well-being, and global EAP, Business Travel and Service Awards programs.

What We Offer

We will give you the flexibility you need to do your best work with hybrid work options. Whether you’re working from an AECOM office, remote location or at a client site, you will be working in a dynamic environment where your integrity, entrepreneurial spirit and pioneering mindset are championed.

You will help us foster a culture of equity, diversity and inclusion – a safe and respectful workplace, where we invite everyone to bring their whole selves to work using their unique talents, backgrounds and expertise to create transformational outcomes for our clients.

We will encourage you to grow and develop your career with us through our technical and professional development programs and diverse career opportunities. We believe in leadership at all levels. No matter where you sit in the organization you can make a lasting impact on the projects you work on, the teams and committees you join and our business.

We offer competitive pay and benefits, well-being programs to support you and your family, and the development resources you need to advance your career.

When you join us, you will connect and collaborate with a global network of experts – planners, designers, engineers, scientists, consultants, program and construction managers – leading the change toward a more sustainable and equitable future. Join us and let’s get started.

As an Equal Opportunity Employer, we believe in each person’s potential, and we’ll help you reach yours.

Job Category Information Technology

Business Line Corporate

Business Group Corporate

Country United States of America

Position Status Full Time

Requisition/Vacancy No. 260117BR

Additional Locations US – Charlotte, NC – 6000 Fairview Road, US – Chicago, IL – 303 E Wacker Drive, US – Dallas, TX – 13355 Noel Road, US – Detroit, MI – 2550 Grand Blvd, US – Houston, TX – 19219 Katy Freeway, US – Las Vegas, NV – 13975 Grand Valley Parkway, US – Los Angeles, CA – 300 S Grand Ave, US – Milwaukee, WI – 1555 N Rivercenter Drive, US – Orlando, FL -20 N Orange Ave, US – Seattle, WA – 1111 3rd Avenue

Virtual: Yes

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.

More Information

Apply for this job

Leave your thoughts

Share this job