San Mateo County Transit District
Cybersecurity Architect
San Mateo County Transit District, San Carlos, California, United States, 94071
Salary :
$121,791.80 - $182,687.96 Annually
Location :
San Carlos, CA
Job Type:
Full-Time
Job Number:
2024-00140
Division:
IT
Department:
IT & Telecommunications
Opening Date:
10/25/2024
Closing Date:
1/5/2025 11:59 PM Pacific
General
The Cybersecurity Architect will report to the Director of IT Infrastructure & Cybersecurity and will be responsible for the design, development, and implementation of information security solutions and processes that are aligned with the District's Cybersecurity Program. The District's Cybersecurity Program is the implementation of information security governance and controls for the San Mateo County Transit District (SamTrans), the Peninsula Corridor Joint Powers Board (Caltrain), and the San Mateo County Transportation Authority (TA).
APPLICATION DEADLINE: Sunday, January 5th, 2025 (1st cutoff November 17th, 2024)Essential Functions & Duties
Act as a resident subject matter expert in information security, including strategies to secure multiple cloud-based tenants, on-premises virtual infrastructure, computer systems, networks, telecommunications, and applications.
Coordinate and manage the District's information security activities and programs, and participate in, and occasionally chair, the District's interdepartmental cybersecurity committee.
Plan, design, implement, and then perform ongoing monitoring and analysis of information security measures and controls related to the District's computer networks and other technology systems. Align information security activities with business risk priorities through prioritization of security risk and mitigation activities.
Improve data security through the mitigation of cybersecurity risks and safeguarding the District's computer networks and related systems against security intrusions.
Investigate and lead response activity for observed or reported data security incidents.
Provide hands-on support for a broad spectrum of technologies, including security software running on Windows and Linux systems, network devices, virtual machines, Cloud Infrastructure as well as software-as-service (SaaS) services.
Collaborate with internal and external stakeholders in implementing and supporting technical projects, and for operational support of production platforms.
Supervise staff. Hires, mentors, and takes appropriate corrective and/or disciplinary action. Participates in the hiring of staff, contractors, and consultants, establishes performance objectives, monitors and evaluates employee performance.Examples of Duties:
Develops, implements, and monitors the District's Cybersecurity Program to protect the confidentiality, integrity, availability, privacy, and recoverability of information assets owned, controlled, or/and processed by the District.
Develops a metrics and reporting framework to measure the efficiency and effectiveness of the District's Cybersecurity Program, provide analysis of the metrics and recommend improvements, and report on the effectiveness of the program at all levels of management.
Identifies, evaluates, and reports on cybersecurity risk related to assets. Recommends, and upon approval implements, measures to address identified risks in line with the District's goals for risk management.
Ensures organizational compliance with the District's information security policies, standards, and procedures; responsible for maintaining an exception process that authorizes and documents all exceptions; and maintains a repository of all exceptions.
Acts in a leadership role for all information security related audit work (internal & external). Coordinates with auditors in the execution of audits. Develops a strategy for handling audits and external assessment processes for relevant regulations.
Provides security guidance for all IT projects, including the evaluation and recommendation of technical controls, and reviewing and recommending security protections to be included in contracts and other agreements.
Responsible for conducting a security awareness training program that includes progressive training of all staff, creating and distributing regular communications in a variety of media of timely and relevant security information, monitoring the effectiveness of the security awareness training program, and recommending improvements to the program as needed.
Responsible for oversight of the District's PCI compliance program. This includes coordinating an annual PCI compliance assessment, monitoring changes to the PCI Data Security Standard, and implementing changes to security protections to stay compliant with changing regulations.
Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.
Conduct cybersecurity vulnerability testing and risk analysis
Maintain relationships with local, state, and federal law enforcement and other related government agencies to ensure that the organization is prepared for effective incident response.
Perform all job duties and responsibilities in a safe manner to protect oneself, fellow employees, and the public from injury or harm. Promote safety awareness and follow safety procedures to reduce or eliminate accidents.
Perform other duties as assigned.Supervision:
Works under the general supervision of the Director of IT Infrastructure & Cybersecurity, who establishes goals and objectives and evaluates performance.
Minimum Qualifications
Sufficient education, training, and experience to demonstrate the knowledge and ability to successfully perform the essential functions of the position. Development of the required knowledge and abilities is typically obtained through but not limited to:
Bachelor's degree in information security, management information systems, information technology, or a closely related field.
Five (5) years of experience managing information security programs and initiatives.Preferred Qualifications:
Certified CISSP, CISM, GSE, or other relevant security certifications.Experience managing compliance with information security standards, such as NIST Cybersecurity Framework, CIS Critical Security Controls, PCI-DSS, or ISO 27000.
Hands-on experience installing and administering security systems and tools, including firewalls, IDS/IPS, SIEM, manage antivirus/antimalware, patch management, log analyzers, network tracers, vulnerability scanners, and centralized policies.
Strong knowledge in the following areas: Cloud Security, Identity and Access Management, Application Whitelisting, Threat and Vulnerability Management, Data Loss Prevention, and operating systems security for Windows and Linux environments.
Expert level technical and operational understanding of TCP/IP and security protocols, network defense, and security related technologies including encryption, VPNs, firewalls, proxy services, and IDS/IPS, Windows Active Directory, VMwareStrong working understanding and knowledge of Windows and Linux Operating Systems.
Knowledge and depth and/or breadth of expertise in informational technology disciplines e.g., network operations, databases, software application and interfaces, computer operations, production control, quality assurance and systems management.
Two (2) or more years of project management experience with technology projects.
Excellent verbal, written, organizational, presentation, and interpersonal communications skills.The selection process may include a panel interview, written and skills test assessments, or supplemental questions. Only those candidates who are the most qualified will continue in the selection process. Meeting the minimum qualifications does not guarantee an invitation to continue in the process.
How to Apply
Complete an online employment application by 11:59 p.m. of the listed closing date. A resume will not be accepted in lieu of the application. Incomplete applications will not be considered.The Human Resources Department will make reasonable efforts in the recruitment/examination process to accommodate applicants with disabilities upon request. If you have a need for an accommodation, please contact the Human Resources Department.We celebrate diversity and are committed to creating an inclusive and welcoming workplace environment. We are an Affirmative Action/Equal Opportunity Employer. Minorities, Women, Persons with Disabilities and Veterans are encouraged to apply.Below is a summary of the comprehensive benefits provided to District full-time employees:
Health and Welfare Benefits:
Healthcare Benefits -District employees are offered a choice of healthcare providers under the CalPERS Health Benefits Program. The District will contribute ninety (90) percent towards monthly premiums for full-time employees. Fifty (50) percent for part-time employees.
Free Dental and Vision Benefits provided - Employer Covers Premiums
Free Employee Assistance Benefit - Employees are entitled to 5 face-to-face sessions or telephonic or web-video consultations for problem-solving support per incident, per calendar year.Flexible Spending Accounts - Pre-tax dollars to pay for qualified Health or Dependent Care expenses.Retirement Medical Benefits:
Long Term Disability Insurance - After 90 days of total disability, Administrative full-time employees are eligible for 60% of monthly income covered by the District.
Health and Wellness - Gyms located at most work locations and discounted Weight Watcher Membership Option.Holidays and Paid Time Off:
Paid Time Off - Newly hired employees accrue 6.5 hours bi-weekly when hired (if Exempt 8.25 hours). As you move up in years of service credit, the rate of the amount of PTO accrued will also increase.
Paid Holidays - The District provides seven paid holidays throughout the year - New Years Day, Martin Luther King Jr. Day, Memorial Day, Independence Day (July 4th), Labor Day, Thanksgiving Day and Christmas Day
Floating Holidays - District employees can earn up to five (5) floating holidays.Financial Planning Benefits:
Pension Benefits through CalPERS -You must have a minimum of 5 years of service to be eligible for this pension.CalPERS PEPRA vs. Classic - All employees hired on, or after January 1, 2013, are considered PEPRA members and will contribute 8% of their salary up to the maximum IRS cut-off. All Classic members will contribute 6%
Deferred Compensation Options - Select to contribute to one or both of our Tax Deferred Compensation Options
Reliance Standard Life Insurance with 100% premium paid by the District - 1 times annual salary of employee - max $200,000
Optional Life Insurance - Employees may purchase additional life insurance for themselves and their eligible family members.Growth and Education Benefits:
Professional Development - Access to LinkedIn Learning and San Mateo County's professional training. District Tuition Reimbursement Program - A maximum of $5,250 per year for courses related to your job or career goals with the District.
Computer Loan Program - Interest-free two-year loan with a maximum amount of $2,000.Other Amazing Benefits:
Credit Union - Employees and family members are eligible to join the San Mateo Credit Union and Patelco Credit Union.
Employee Clean Commute (ECC) - Car/Van poolers and Public Transit riders receive a monthly reimbursement.
Commuter Benefits - Free Employee Parking; Free Bus Pass for employee as well as children/spouse; Clipper Card/Go Pass Program for Central employees.
For union employees, all of the above benefits are subject to the employee's Collective Bargaining Agreement. Benefits listed are also subject to change with or without notice and are subject to contract/provider terms and conditions.
01
Do you hold a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), GIAC Security Expert (GSE), or any other relevant security certification?
YesNo
02
Do you have a Bachelor's degree in Information Security, Management Information Systems, Information Technology, or a closely related field?
YesNo
03
Do you have Five (5) years of experience managing information security programs and initiatives?
YesNo
04
Do you have hands-on experience installing and administering security systems and tools, such as firewalls, IDS/IPS, SIEM, antivirus/antimalware management, patch management, log analyzers, network tracers, vulnerability scanners, and centralized policies?
YesNo
Required Question
$121,791.80 - $182,687.96 Annually
Location :
San Carlos, CA
Job Type:
Full-Time
Job Number:
2024-00140
Division:
IT
Department:
IT & Telecommunications
Opening Date:
10/25/2024
Closing Date:
1/5/2025 11:59 PM Pacific
General
The Cybersecurity Architect will report to the Director of IT Infrastructure & Cybersecurity and will be responsible for the design, development, and implementation of information security solutions and processes that are aligned with the District's Cybersecurity Program. The District's Cybersecurity Program is the implementation of information security governance and controls for the San Mateo County Transit District (SamTrans), the Peninsula Corridor Joint Powers Board (Caltrain), and the San Mateo County Transportation Authority (TA).
APPLICATION DEADLINE: Sunday, January 5th, 2025 (1st cutoff November 17th, 2024)Essential Functions & Duties
Act as a resident subject matter expert in information security, including strategies to secure multiple cloud-based tenants, on-premises virtual infrastructure, computer systems, networks, telecommunications, and applications.
Coordinate and manage the District's information security activities and programs, and participate in, and occasionally chair, the District's interdepartmental cybersecurity committee.
Plan, design, implement, and then perform ongoing monitoring and analysis of information security measures and controls related to the District's computer networks and other technology systems. Align information security activities with business risk priorities through prioritization of security risk and mitigation activities.
Improve data security through the mitigation of cybersecurity risks and safeguarding the District's computer networks and related systems against security intrusions.
Investigate and lead response activity for observed or reported data security incidents.
Provide hands-on support for a broad spectrum of technologies, including security software running on Windows and Linux systems, network devices, virtual machines, Cloud Infrastructure as well as software-as-service (SaaS) services.
Collaborate with internal and external stakeholders in implementing and supporting technical projects, and for operational support of production platforms.
Supervise staff. Hires, mentors, and takes appropriate corrective and/or disciplinary action. Participates in the hiring of staff, contractors, and consultants, establishes performance objectives, monitors and evaluates employee performance.Examples of Duties:
Develops, implements, and monitors the District's Cybersecurity Program to protect the confidentiality, integrity, availability, privacy, and recoverability of information assets owned, controlled, or/and processed by the District.
Develops a metrics and reporting framework to measure the efficiency and effectiveness of the District's Cybersecurity Program, provide analysis of the metrics and recommend improvements, and report on the effectiveness of the program at all levels of management.
Identifies, evaluates, and reports on cybersecurity risk related to assets. Recommends, and upon approval implements, measures to address identified risks in line with the District's goals for risk management.
Ensures organizational compliance with the District's information security policies, standards, and procedures; responsible for maintaining an exception process that authorizes and documents all exceptions; and maintains a repository of all exceptions.
Acts in a leadership role for all information security related audit work (internal & external). Coordinates with auditors in the execution of audits. Develops a strategy for handling audits and external assessment processes for relevant regulations.
Provides security guidance for all IT projects, including the evaluation and recommendation of technical controls, and reviewing and recommending security protections to be included in contracts and other agreements.
Responsible for conducting a security awareness training program that includes progressive training of all staff, creating and distributing regular communications in a variety of media of timely and relevant security information, monitoring the effectiveness of the security awareness training program, and recommending improvements to the program as needed.
Responsible for oversight of the District's PCI compliance program. This includes coordinating an annual PCI compliance assessment, monitoring changes to the PCI Data Security Standard, and implementing changes to security protections to stay compliant with changing regulations.
Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.
Conduct cybersecurity vulnerability testing and risk analysis
Maintain relationships with local, state, and federal law enforcement and other related government agencies to ensure that the organization is prepared for effective incident response.
Perform all job duties and responsibilities in a safe manner to protect oneself, fellow employees, and the public from injury or harm. Promote safety awareness and follow safety procedures to reduce or eliminate accidents.
Perform other duties as assigned.Supervision:
Works under the general supervision of the Director of IT Infrastructure & Cybersecurity, who establishes goals and objectives and evaluates performance.
Minimum Qualifications
Sufficient education, training, and experience to demonstrate the knowledge and ability to successfully perform the essential functions of the position. Development of the required knowledge and abilities is typically obtained through but not limited to:
Bachelor's degree in information security, management information systems, information technology, or a closely related field.
Five (5) years of experience managing information security programs and initiatives.Preferred Qualifications:
Certified CISSP, CISM, GSE, or other relevant security certifications.Experience managing compliance with information security standards, such as NIST Cybersecurity Framework, CIS Critical Security Controls, PCI-DSS, or ISO 27000.
Hands-on experience installing and administering security systems and tools, including firewalls, IDS/IPS, SIEM, manage antivirus/antimalware, patch management, log analyzers, network tracers, vulnerability scanners, and centralized policies.
Strong knowledge in the following areas: Cloud Security, Identity and Access Management, Application Whitelisting, Threat and Vulnerability Management, Data Loss Prevention, and operating systems security for Windows and Linux environments.
Expert level technical and operational understanding of TCP/IP and security protocols, network defense, and security related technologies including encryption, VPNs, firewalls, proxy services, and IDS/IPS, Windows Active Directory, VMwareStrong working understanding and knowledge of Windows and Linux Operating Systems.
Knowledge and depth and/or breadth of expertise in informational technology disciplines e.g., network operations, databases, software application and interfaces, computer operations, production control, quality assurance and systems management.
Two (2) or more years of project management experience with technology projects.
Excellent verbal, written, organizational, presentation, and interpersonal communications skills.The selection process may include a panel interview, written and skills test assessments, or supplemental questions. Only those candidates who are the most qualified will continue in the selection process. Meeting the minimum qualifications does not guarantee an invitation to continue in the process.
How to Apply
Complete an online employment application by 11:59 p.m. of the listed closing date. A resume will not be accepted in lieu of the application. Incomplete applications will not be considered.The Human Resources Department will make reasonable efforts in the recruitment/examination process to accommodate applicants with disabilities upon request. If you have a need for an accommodation, please contact the Human Resources Department.We celebrate diversity and are committed to creating an inclusive and welcoming workplace environment. We are an Affirmative Action/Equal Opportunity Employer. Minorities, Women, Persons with Disabilities and Veterans are encouraged to apply.Below is a summary of the comprehensive benefits provided to District full-time employees:
Health and Welfare Benefits:
Healthcare Benefits -District employees are offered a choice of healthcare providers under the CalPERS Health Benefits Program. The District will contribute ninety (90) percent towards monthly premiums for full-time employees. Fifty (50) percent for part-time employees.
Free Dental and Vision Benefits provided - Employer Covers Premiums
Free Employee Assistance Benefit - Employees are entitled to 5 face-to-face sessions or telephonic or web-video consultations for problem-solving support per incident, per calendar year.Flexible Spending Accounts - Pre-tax dollars to pay for qualified Health or Dependent Care expenses.Retirement Medical Benefits:
Long Term Disability Insurance - After 90 days of total disability, Administrative full-time employees are eligible for 60% of monthly income covered by the District.
Health and Wellness - Gyms located at most work locations and discounted Weight Watcher Membership Option.Holidays and Paid Time Off:
Paid Time Off - Newly hired employees accrue 6.5 hours bi-weekly when hired (if Exempt 8.25 hours). As you move up in years of service credit, the rate of the amount of PTO accrued will also increase.
Paid Holidays - The District provides seven paid holidays throughout the year - New Years Day, Martin Luther King Jr. Day, Memorial Day, Independence Day (July 4th), Labor Day, Thanksgiving Day and Christmas Day
Floating Holidays - District employees can earn up to five (5) floating holidays.Financial Planning Benefits:
Pension Benefits through CalPERS -You must have a minimum of 5 years of service to be eligible for this pension.CalPERS PEPRA vs. Classic - All employees hired on, or after January 1, 2013, are considered PEPRA members and will contribute 8% of their salary up to the maximum IRS cut-off. All Classic members will contribute 6%
Deferred Compensation Options - Select to contribute to one or both of our Tax Deferred Compensation Options
Reliance Standard Life Insurance with 100% premium paid by the District - 1 times annual salary of employee - max $200,000
Optional Life Insurance - Employees may purchase additional life insurance for themselves and their eligible family members.Growth and Education Benefits:
Professional Development - Access to LinkedIn Learning and San Mateo County's professional training. District Tuition Reimbursement Program - A maximum of $5,250 per year for courses related to your job or career goals with the District.
Computer Loan Program - Interest-free two-year loan with a maximum amount of $2,000.Other Amazing Benefits:
Credit Union - Employees and family members are eligible to join the San Mateo Credit Union and Patelco Credit Union.
Employee Clean Commute (ECC) - Car/Van poolers and Public Transit riders receive a monthly reimbursement.
Commuter Benefits - Free Employee Parking; Free Bus Pass for employee as well as children/spouse; Clipper Card/Go Pass Program for Central employees.
For union employees, all of the above benefits are subject to the employee's Collective Bargaining Agreement. Benefits listed are also subject to change with or without notice and are subject to contract/provider terms and conditions.
01
Do you hold a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), GIAC Security Expert (GSE), or any other relevant security certification?
YesNo
02
Do you have a Bachelor's degree in Information Security, Management Information Systems, Information Technology, or a closely related field?
YesNo
03
Do you have Five (5) years of experience managing information security programs and initiatives?
YesNo
04
Do you have hands-on experience installing and administering security systems and tools, such as firewalls, IDS/IPS, SIEM, antivirus/antimalware management, patch management, log analyzers, network tracers, vulnerability scanners, and centralized policies?
YesNo
Required Question