AECOM’s Technology Solutions Group (TSG) seeks a Technology & Security Consultant III to work independently on projects for Federal clients. You will perform cybersecurity assessments of operational technology and industrial control systems, support the Risk Management Framework (RMF), and develop critical security documentation. This role requires an active Secret or Top-Secret Security Clearance and is open to remote work with occasional travel.
What You'll Do
- Perform cybersecurity assessments of OT/ICS environments, including SCADA systems, PLCs, RTUs, HMIs, field devices, and supporting network infrastructure.
- Identify vulnerabilities, analyze risk posture, and develop actionable remediation plans aligned with industry standards and federal requirements.
- Support implementation and documentation of controls in accordance with the Risk Management Framework (RMF) and applicable cybersecurity frameworks.
- Develop and maintain required cybersecurity documentation, including System Security Plans (SSPs), security assessment reports, Plans of Action & Milestones (POA&Ms), and related compliance artifacts.
- Collaborate with engineering, network, and project management teams to ensure cybersecurity requirements are integrated into system design and deployment.
- Support Authority to Operate (ATO) efforts and ongoing compliance monitoring activities.
- Conduct technical reviews, analyze system configurations, and recommend improvements to enhance system resilience and regulatory compliance.
- Provide clear, concise, and technically sound written deliverables for Federal clients.
- Support project planning, scheduling, and execution activities as needed.
What We're Looking For
- BA/BS in Cybersecurity, Information Technology, Engineering or related field plus 4 years of related experience or demonstrated equivalency of experience and education.
- 4+ years of relevant industry experience in OT/ICS cybersecurity.
- Experience securing SCADA, PLC, and industrial network environments.
- Experience with cybersecurity frameworks and Risk Management Framework (RMF).
- Due to the nature of this work, US Citizenship is required.
- Experience supporting DoD, DHS, or other Federal agencies.
- Active Secret or Top-Secret Security Clearance.
Nice to Have
- Knowledge of cybersecurity and privacy laws, regulations, and compliance standards.
- Experience conducting security risk assessments and developing remediation plans.
- Previous experience supporting Federal projects.
- Experience developing and maintaining Authority to Operate (ATO) packages.
- Hands-on experience with vulnerability management, network segmentation, and system hardening in OT environments.
- Security+, CISSP, CISM, or equivalent industry certifications are a plus.
- Strong technical writing, analytical, and governance skills.
Team & Environment
This role is part of the Technology Solutions Group (TSG) within the Buildings + Places practice.
Benefits & Compensation
- Medical, dental, vision, life, AD&D, disability benefits
- Paid time off, leaves of absences
- Voluntary benefits, perks, flexible work options
- Well-being resources, employee assistance program
- Business travel insurance, service recognition awards
- Retirement savings plan, employee stock purchase plan
Work Mode
This position offers a hybrid work mode, with remote work supported and occasional travel required.
As an Equal Opportunity Employer, we believe in your potential and are here to help you achieve it. All your information will be kept confidential according to EEO guidelines.
