To be considered for this vacancy, follow these steps:
1 - Place the Control Code found below in the upper right hand corner of your resume.
2. - Make sure to include current salary and asking salary with your resume 3 - Ensure that your resume is received by this office by the Due Date provided below.
4 - Make sure that your resume includes a chronological work history.
5 - Send your resume to this address:
MTA Bridges and Tunnels
Employment Services - Resume Review Section
2 Broadway, 22nd Floor.
New York, New York 10004
or fax to 646-252-7949 or
Email Address: Apply@mtabt.org
|Resume Due Date:||6/5/2013|
|Job Title:||Cyber Security Operations Manager|
|Department/Division:||Technology/Network Operations & Security|
|Work Location:||2 Broadway|
|(Actual salary offers are made subject to the salary administration policy and are made considering a number of factors including, but not limited to, the selected candidate’s salary and work history.)|
|Overtime Eligibility:||Not eligible for paid overtime in accordance with FLSA|
The Cyber Security Operations Manager will oversee all cyber security activities, incidents and events and will oversee all network, system and application security monitoring and mitigation. The candidate will be responsible for situational security awareness by pulling together information from a variety of systems and normalizing and correlating the information. The individual working with a team will provide real-time detection and reaction services for information cyber security incidents within the Authority. The candidate will also oversee training, change management and knowledge transfer. Additional responsibilities will include:
- Oversee implementation of new security technologies and lead automation of monitoring administrative tools
- Coordinate with developers and database/system administrators to incorporate best security practices
- Periodic reviews of the corporate, electronic security, E-Z Pass and SCADA systems to identify vulnerabilities for corrective actions.
- Ensure work processes and products are in compliance with all PCI, HIPAA and MTA/NYS requirements and standards.
- Oversee the development and maintenance of standard procedures and policies Coordinate with internal and external agency representatives and team members to develop security policies and procedures
- Participate and coordinate in security activities with the MTA Security committees and teams and the NYS Office of Cyber Security
Additional responsibilities will include but are not limited to:
- Provide detection and response to cyber security events and incidents
- Security log management and monitoring
- Intrusion detections and prevention systems operations
- Vulnerability detection, assessment, and mitigation
- Risk assessment and deployment coordination of security patches
- Antivirus management and operations
- Develop and maintaining information security metrics
- Administrative and service account creation
- Enterprise encryption standards development and support
- Maintain growing knowledge of industry trends relating to security management and services
- Oversee identification and documentation of unique local cyber threats/vulnerabilities
- Oversees implementation of security features for the detection of malicious code, viruses, and intruders as appropriate
- Ensure protection and corrective measures on all identified findings and vulnerabilities as a result of auditing, logging & incidents.
- Manage and supervise technical staff in day to day activities
- 2+ years of managing people in an IT environment
- 5+ years of experience in information security working in an enterprise environment
- 5+ years of experience working with Microsoft Windows, Apple, Linux, Cisco and RSA
- Bachelor’s Degree in Information Security Management, Computer Science or similar discipline
- Ability to demonstrate a deep understanding of security architectures, policies, and security capabilities of major operating systems & platforms such as: Windows Server 2000 and up, Linux, Virtualization, Database Security, Cloud Security, Unix Web Apps, Firewalls, Active Directory Services, and Routers & Switches
- Strong analytical, documentation, and communication skills
- CISSP or CISSM certified
Specialized Knowledge Preferred:
- Security log management experience
- Understanding of IDS & IPS technologies
- Knowledge of live forensics with enterprise forensics tools
- Understanding of network traffic analysis
- Some departmental budget management
- Understanding of basic Windows registry and Windows event log analysis.
- Experience with enterprise information security data management tools such as BindView, Envision, Cisco Secure ACS, McAfee EPO, Nessus, Encasev7
- Knowledge of two or more of the following languages (Perl, Python, C++, Ruby, SQL, HTML, CSS, XSLT, XML or Java)
- Google Translate