Vacancy expired!
Description
Job Title: Cybersecurity Engineer Levels 1-7, OT Privileged Access Management Salary Range: Level 1: $82,857.04 - $105,000 Level 2: $87,685.20 - $115,500 Level 3: $95,929.32 - $127,050 Level 4: $102,760.32 -$139,755 Level 5: $114,537.24 -$153,731 Level 6: $124,311.32 -$169,104 Level 7: $140,917.09 -$186,014 POINTS: Level 1 - 282 Level 2 - 323 Level 3 - 393 Level 4 - 451 Level 5 - 551 Level 6 - 634 Level 7 - 775 DEPT/DIV: MTA Information Technology/ Office of IT Cyber Security Services SUPERVISOR: Director, Identity and Access Management LOCATION: 2 Broadway, New York, NY 10004 HOURS OF WORK: 9AM to 5:30PM(7.5 hours) This position is eligible for telework which is currently two days per week. New hires are eligible to apply 30 days after their effective date of hire. In order to protect our employees and continue to provide safe and reliable service to our communities, as of November 14, 2021, we are requiring all new MTA hires to be fully vaccinated against COVID-19 prior to their start date. MTA will consider exceptions for religious and medical reasons, where appropriate. "Fully vaccinated" means you must have both doses of a 2-dose vaccine and two weeks have elapsed since the second dose or have received 1 dose of a 1-dose vaccine and two weeks have elapsed since the dose. Proof of your vaccination status in the form of a CDC vaccine card must be submitted prior to your start date. The purpose of this position is to provide critical technical expertise in managing and analyzing cybersecurity risks. Cybersecurity Engineer will be experienced OT privilege access management and access controls specialist within identity and access management team ensuring the security of our industrial control systems (ICS) Cybersecurity Engineer will be responsible for developing and implementing security controls for these systems, including access controls, identity for firewalls, intrusion detection/prevention systems, leaset privilege and other security measures As well as ensuring compliance with industry standards such as NIST SP 800-82 and IEC 62443 and keeping up-to-date with the latest developments in these systems security. Developing and implementing access security controls for industrial control systems (ICS) such as Distributed control systems (DCS), Programmable logic controllers (PLC), Remote terminal units (RTU), Intelligent electronic devices (IED), Human-machine interfaces (HMI), Supervisory software, Industrial communication networks and Industrial data historians. Level 1- Understanding of TCP/IP (OSI Layers 1- 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.
- Basic knowledge and familiarity with installing, maintaining and troubleshooting technology systems.
- Proven ability to troubleshoot and support technical issues.
- Proven ability to analyze a security risk assessment
- Proven ability to troubleshoot and support technical issues.
- Understanding of TCP/IP (OSI Layers 1- 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.
- Some scripting or programming skills (PERL, Python, PowerShell, etc.) preferred as needed.
- Understanding of Operating Systems and Configuration Hardening.
- Understanding of security concepts for technical domain
- Proven ability to troubleshoot and support technical issues using standardized procedures.
- Proven ability to analyze a security risk assessment or conduct one with guidance
- Understanding of TCP/IP (OSI Layers 1- 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.
- Some scripting or programming skills (PERL, Python, PowerShell, etc.) preferred as needed.
- Proficient in Operating Systems and Configuration Hardening.
- Understanding of security concepts for technical domain.
- Proven ability to independently evaluate and resolve most problems within an area of infrastructure, applications within a security domain context.
- Proven ability to analyze and/or conduct a security risk assessment
- Advanced understanding of TCP/IP (OSI Layers 1- 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.
- Some scripting or programming skills (PERL, Python, PowerShell, etc.) preferred as needed.
- Progressive cybersecurity related accomplishments.
- Requires broad technical knowledge of multiple technologies, or an in-depth knowledge of one technology including its impact on other technologies.
- Proven ability to analyze and/or conduct a security risk assessment.
- Advanced understanding of TCP/IP (OSI Layers 1- 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.
- Some scripting or programming skills (PERL, Python, PowerShell, etc.) preferred as needed.
- Requires seasoned expertise in multiple technologies and strong understanding of the current and future technology architecture, including the inter-operability of technologies.
- Advanced ability to conduct and analyze a security risk assessment
- Expert understanding of TCP/IP (OSI Layers 1- 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.
- Some scripting or programming skills (PERL, Python, PowerShell, etc.) preferred as needed.
- Significant practical expertise in cybersecurity related disciplines
- Requires seasoned expertise in multiple security domains, technologies and strong understanding of the current and future technology and security architecture, including the inter-operability of security solutions and technologies.
- Requires proven track record of successful implementation of architectural designs.
- Requires proven track record in configuration and hardening of systems
- Associate degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.
- Basic knowledge and familiarity with monitoring, installing, maintaining and/or troubleshooting cybersecurity related issues associated to applications and/or infrastructure systems
- Associate degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree and 2+ years of relevant experience, or a bachelor's degree in Computer Science or related fields.
- Bachelor's Degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.
- 2+ years of relevant experience.
- CISSP or other advanced security-related certification preferred but not required.
- Certifications in technology subdomains preferred but not required (ie. Cloud, Applications, Infrastructure, Security Technology, etc.)
- Requires prior experience with installing, maintaining and troubleshooting technology systems.
- Bachelor's Degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.
- Current CISSP or other advanced security-related certification preferred but not required.
- Certifications in technology subdomains preferred but not required (ie. Cloud, Applications, Infrastructure, Security Technology, etc.)
- 3+ years of relevant experience or 18 months of experience in a specific cybersecurity subdomain (Cloud, Applications, Infrastructure, Security Technology, etc.)
- Bachelor's Degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.
- 5+ years of relevant experience or 2.5 years of experience in a specific cybersecurity subdomain (Cloud, Applications, Infrastructure, Security Technology, etc.).
- CISSP or other advanced security-related certification preferred
- Certifications in technology subdomains preferred but not required (ie. Cloud, Applications, Infrastructure, Security Technology, etc.)
- Current and updated security certification
- Bachelor's Degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.
- 8+ years of relevant experience or 4 years of experience in a specific cybersecurity subdomain (Cloud, Applications, Infrastructure, Security Technology, etc.) CISSP or other advanced security-related certification preferred.
- Certifications in technology subdomains preferred but not required (ie. Cloud, Applications, Infrastructure, Security Technology, etc.)
- Verifiable implementation of security domain controls for enterprise technologies
- Bachelor's Degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.
- 10+ years of relevant technology based or cybersecurity experience or 5 years of experience in a specific cybersecurity subdomain (Cloud, Applications, Infrastructure, Security Technology, etc.).
- CISSP and other advanced security-related certification preferred
- ID: #49919706
- State: New York New york city 10001 New york city USA
- City: New york city
- Salary: USD TBD TBD
- Job type: Permanent
- Showed: 2023-05-12
- Deadline: 2023-07-10
- Category: Et cetera