Work with Us. Change the World.
At AECOM, we're delivering a better world. Whether improving your commute, keeping the lights on, providing access to clean water, or transforming skylines, our work helps people and communities thrive. We are the world's trusted infrastructure consulting firm, partnering with clients to solve the world’s most complex challenges and build legacies for future generations.
There has never been a better time to be at AECOM. With accelerating infrastructure investment worldwide, our services are in great demand. We invite you to bring your bold ideas and big dreams and become part of a global team of over 50,000 planners, designers, engineers, scientists, digital innovators, program and construction managers and other professionals delivering projects that create a positive and tangible impact around the world.
We're one global team driven by our common purpose to deliver a better world. Join us.
Job DescriptionAECOM is seeking a Cloud Security Engineer to join the Cybersecurity Engineering team, responsible for driving and enforcing security outcomes across a global multi-cloud environment spanning AWS, Microsoft Azure, and Microsoft m365.
This role focuses on defining control requirements, identifying risk, and ensuring remediation of cloud security issues in partnership with Infrastructure and Application teams, who perform hands-on implementation.
This position offers flexibility for a hybrid work schedule, combining in-office and virtual work, and must be based in Dallas or Houston, TX.
Key Responsibilities:
Cloud Security Governance & Control Oversigh
- Perform Cloud Security Posture management (CSPM)
- Utilize Palo Alto Prisma Cloud and Qualys TotalCloud to identify misconfigurations, vulnerabilities, and deviations from baseline
- Define and initiate remediation requirements for Infrastructure and Application teams
- Track and drive remediation efforts to closure
- Partner with Security Architecture to translate cloud security standards into actionable control requirements
- Ensure adherence to approved cloud security baselines and standards
- Support exception management and risk acceptance processes with Cybersecurity Architecture and Cybersecurity GRC
- Develop and deliver reporting on cloud security posture and risk to Cybersecurity and IT leadership
Cloud Visibility & Risk Management
- Own visibility into cloud security posture across AWS and Azure
- Define risk metrics, prioritization models, and reporting standards
- Improve asset visibility and configuration awareness across cloud environments
Partnership & Enablement
- Partner with Infrastructure and Application teams to ensure secure implementation of controls
- Provide guidance on secure cloud practices aligned with enterprise standards (NIST, CIS)
- Collaborate with stakeholders to prioritize and address security risks
Cloud Logging & Integration
- Support integration of cloud telemetry into enterprise logging and monitoring platforms
- Enhance visibility into cloud activity and control effectiveness
Proofpoint / Email Security (Secondary Responsibility)
- Provide backup support for Proofpoint Email Gateway
- Assist with policy updates, tuning, and troubleshooting mail flow issues
- Ensure continuity of secure email operations
Continuous Improvement
- Drive continuous improvement of cloud security processes, tooling, and reporting
- Stay current with evolving cloud threats and technologies
Minimum Requirements:
- Bachelor’s degree (BA/BS) and at least 6 years of information technology / cybersecurity experience with cloud security focus or demonstrated equivalency of experience and/or education
- Experience with AWS and Microsoft Azure environments
- Experience with CSPM/CNAPP tools (Prisma Cloud, Qualys TotalCloud, CrowdStrike Cloud Security, or similar)
- Strong understanding of cloud security concepts, IAM, and network security
- Experience managing and driving remediation of security issues
Preferred Qualifications:
- Strong communication and stakeholder management skills
- Experience with Proofpoint Email Protection or similar platforms
- Experience with SIEM/logging integrations
- Familiarity with Infrastructure-as-Code concepts
- Understanding of NIST, CIS, ISO 27001
- Cloud security certifications (AWS, Azure) highly preferred
- Experience in large enterprise environments
- Relocation assistance is not available for this position
- Sponsorship for US work authorization is not available for this position, now or in the future
At AECOM, we are committed to maintaining a secure and trustworthy recruitment process and take any fraudulent hiring activity seriously. To support this commitment, all newly hired employees are required to attend an in-person Day 1 onboarding at an AECOM office location as a condition of employment.
About AECOM
AECOM is proud to offer comprehensive benefits to meet the diverse needs of our employees. Depending on your employment status, AECOM benefits may include medical, dental, vision, life, AD&D, disability benefits, paid time off, leaves of absences, voluntary benefits, perks, flexible work options, well-being resources, employee assistance program, business travel insurance, service recognition awards, retirement savings plan, and employee stock purchase plan.
AECOM is the global infrastructure leader, committed to delivering a better world. As a trusted professional services firm powered by deep technical abilities, we solve our clients’ complex challenges in water, environment, energy, transportation and buildings. Our teams partner with public- and private-sector clients to create innovative, sustainable and resilient solutions throughout the project lifecycle – from advisory, planning, design and engineering to program and construction management. AECOM is a Fortune 500 firm that had revenue of $16.1 billion in fiscal year 2025. Learn more at aecom.com.
What makes AECOM a great place to work
You will be part of a global team that champions your growth and career ambitions. Work on groundbreaking projects - both in your local community and on a global scale - that are transforming our industry and shaping the future. With cutting-edge technology and a network of experts, you’ll have the resources to make a real impact. Our award-winning training and development programs are designed to expand your technical expertise and leadership skills, helping you build the career you’ve always envisioned. Here, you’ll find a welcoming workplace built on respect, collaboration and community—where you have the freedom to grow in a world of opportunity.
As an Equal Opportunity Employer, we believe in your potential and are here to help you achieve it. All your information will be kept confidential according to EEO guidelines.
Skills Required
- Bachelor's degree (BA/BS) or equivalent experience
- At least 6 years of information technology / cybersecurity experience with cloud security focus
- Experience with AWS
- Experience with Microsoft Azure
- Experience with Microsoft 365
- Experience with CSPM/CNAPP tools (Prisma Cloud, Qualys TotalCloud, CrowdStrike Cloud Security, or similar)
- Strong understanding of cloud security concepts, IAM, and network security
- Experience managing and driving remediation of security issues
- Must be based in Dallas or Houston, TX (hybrid schedule) and attend in-person Day 1 onboarding
- Strong communication and stakeholder management skills
- Experience with Proofpoint Email Protection or similar platforms
- Experience with SIEM/logging integrations
- Familiarity with Infrastructure-as-Code concepts
- Understanding of NIST, CIS, ISO 27001
- Cloud security certifications (AWS, Azure) highly preferred
- Experience in large enterprise environments
AECOM Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about AECOM and has not been reviewed or approved by AECOM.
-
Healthcare Strength — Healthcare coverage includes comprehensive medical, dental, and vision options, with mental health support and specialized programs for cancer screening and surgical care. Regional offerings such as private medical insurance further strengthen access to care.
-
Retirement Support — Retirement programs include a U.S. savings plan with company matching and pension schemes in the U.K. and Ireland. This mix supports long-term financial security across regions.
-
Parental & Family Support — Family support includes parental leave, adoption assistance, childcare support options, and resources like an onsite Mother’s Room. Family medical leave and flexible arrangements further enable caregiving needs.
AECOM Insights
What We Do
AECOM is the global infrastructure leader, committed to delivering a better world. As a trusted professional services firm powered by deep technical abilities, we solve our clients’ complex challenges in water, environment, energy, transportation and buildings. Our teams partner with public- and private-sector clients to create innovative, sustainable and resilient solutions throughout the project lifecycle – from advisory, planning, design and engineering to program and construction management. AECOM is a Fortune 500 firm that had revenue of $16.1 billion in fiscal year 2024. Learn more at aecom.com.
Why Work With Us
Together, we thrive. We’re committed to being the best workplace in our industry – fostering respect, community, and innovation so our people can thrive, drive better outcomes for our clients, and fulfill our purpose of delivering a better world.
Gallery







