Washington Metroplitan Area Transit Authority
Director, Cybersecurity (Risk Management)
Washington Metroplitan Area Transit Authority, Virginia Beach, Virginia, us, 23450
Job Description
Department Marketing Statement:
This is a senior level professional, technical, administrative, and managerial position requiring effective and efficient overall department program management for diverse and complex cybersecurity programs. The Director of Cybersecurity Risk Management develops and maintains a holistic system accreditation, vulnerability identification, and security engineering program, all based on NIST Risk Management Framework and associated doctrine. The Director works closely with other leaders across cybersecurity, IT, and operations to ensure considerable coordination of services and a holistic strategy is formulated and adjusted based on changing environments, requirements and threats. The incumbent innovates to ensure Washington Metropolitan Area Transit Authority (WMATA) has a leading cybersecurity program and collaborates with industry leaders to enhance security performance.
Minimum Qualifications
Education
A Bachelor's Degree in Computer Science, Cybersecurity or a related field. Experience
Ten (10) years of experience managing cybersecurity for a large organization with detailed experience one or more of the following cybersecurity areas: operations and monitoring, risk management, or governance. Preferred
Education
A Master's Degree in Cybersecurity or IT Management Certification/Licensure
One or more of the following:
CompTIA Security+ (SY0-401) (ISC)² Certified Information Systems Security Professional (CISSP) (ISACA) Certified Information Security Manager (CISM) GIAC Security Essentials (GSEC) EC-Council Certified Ethical Hacker (CEH) Medical Group
Satisfactorily complete the medical examination for this position, if required. The incumbent must be able to perform the essential functions of this position either with or without reasonable accommodations.
Job Summary
The Director, Cybersecurity in partnership with two other Directors, manages a team of cybersecurity professionals in the protection of critical transportation infrastructure for WMATA across the national capital region. The incumbent oversees functions including cyber operations, threat intelligence, engineering, architecture, governance, system authorizations and risk management. The Director designs and implements strategic and tactical cybersecurity plans that integrate with larger IT goals and WMATA's mission to deliver safe and reliable services to the public.
Essential Functions
Leads teams of cybersecurity professionals across a broad range of disciplines including risk management, compliance/audits, incident response, security tools, analytics, threat hunting/emulation, security engineering, monitoring/detection, governance, training, and policy creation and implementation. Ensuring compliance with the National Institute of Standards and Technology (NIST) and other applicable policies, laws and governing frameworks. Continuously refines the cybersecurity program by developing innovative strategies and tactical plans across a wide array of cybersecurity programs, leveraging the latest industry research, threat analysis, and lessons learned from internal practices. Ensures that WMATA's cybersecurity program is best-in-class. Develops a professional cadre of cybersecurity experts through mentorship, creating and facilitating professional development opportunities, and quality reviews and feedback of work. Ensures that employees are challenged and provided opportunities to keep pace with continuously evolving cyber threats. Designs, refines, implements and manages a risk-based, repeatable/consistent system security strategy based on the NIST Risk Management Framework(RFM)/Cybersecurity Framework which includes: control selection, system authorization, documenting, and remediating vulnerabilities, managing a Governance Risk and Compliance (GRC) tool, partnering with developers and stakeholders to ensure security is a part of the complete system development life cycle, and continuous monitoring. Ensures that WMATA maintains a thoughtful risk-management framework applied to all systems and applications. Conducts internal security audits of all aspects of the IT architecture for compliance and to determine where vulnerabilities exits, translating findings into Plans of Action and Milestones. Coordinates external audits to ensure WMATA has an effective compliance program that supports risk-prioritized remediation efforts. Leads security monitoring of all environments and incident response to cyber-attacks by: designing comprehensive plans, managing routine exercises, partnering with threat experts and law enforcement, designing and managing a holistic cyber fusion and security operations center, working with external vendors, as well as building and leveraging threat intelligence and analytics programs. Ensures that WMATA has a comprehensive threat monitoring and response program capable of rapidly detecting and responding to attacks. Creates and oversees threat hunting and emulation ("red/blue") efforts designed to detect and repair vulnerabilities across the enterprise based on a strategy tethered to risk and larger corporate future IT goals. Determines where WMATA's architecture lacks sufficient security controls that could be exploited by an adversary. Oversees (designs architecture/integration, procure, configure, manage) a comprehensive suite of security tools and monitoring technologies based on a continuous review of industry tools, security architecture designs, and gaps in the environment to support system authorization. Continuously monitors threat detection and response, hunting, compliance, and related enterprise-level security activities. Ensures that WMATA has a comprehensive set of tools that integrate effectively and keep pace with evolving threats. Develops and manages a dashboard of the enterprise cybersecurity posture depicting weaknesses and corrective activities, by compiling, reviewing and analyzing data from various tools and reporting sources. Develops and manages an innovative and current cybersecurity training and awareness program that looks both internally at developing professionals in the field and educating employees across WMATA. Ensures employees at all levels receive training to prevent security mishaps and build a stronger industry-leading workforce. Develops comprehensive cybersecurity policy that ties to larger IT policy, integrates with security architecture, anticipates future risk areas, and is based on industry-leading best practices, policy and laws. Ensures that WMATA has policy that guides the organization, manages compliance and risk, and defines key roles and partnerships. The essential duties listed are not intended to limit specific duties and responsibilities of any particular position. Nor is it intended to limit in any way the right of managers and supervisors to assign, direct and control the work of employees under their supervision.
Evaluation Criteria
Consideration will be given to applicants whose resumes demonstrate the required education and experience. Applicants should include all relevant education and work experience.
Evaluation criteria may include one or more of the following:
Skills and/or behavioral assessment Personal interview Verification of education and experience (including certifications and licenses) Criminal Background Check (a criminal conviction is not an automatic bar to employment) Medical examination including a drug and alcohol screening (for safety sensitive positions) Review of a current motor vehicle report
Closing
WMATA is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other status protected by applicable federal law.
This posting is an announcement of a vacant position under recruitment. It is not intended to replace the official job description. Job descriptions are available upon confirmation of an interview.
Department Marketing Statement:
This is a senior level professional, technical, administrative, and managerial position requiring effective and efficient overall department program management for diverse and complex cybersecurity programs. The Director of Cybersecurity Risk Management develops and maintains a holistic system accreditation, vulnerability identification, and security engineering program, all based on NIST Risk Management Framework and associated doctrine. The Director works closely with other leaders across cybersecurity, IT, and operations to ensure considerable coordination of services and a holistic strategy is formulated and adjusted based on changing environments, requirements and threats. The incumbent innovates to ensure Washington Metropolitan Area Transit Authority (WMATA) has a leading cybersecurity program and collaborates with industry leaders to enhance security performance.
Minimum Qualifications
Education
A Bachelor's Degree in Computer Science, Cybersecurity or a related field. Experience
Ten (10) years of experience managing cybersecurity for a large organization with detailed experience one or more of the following cybersecurity areas: operations and monitoring, risk management, or governance. Preferred
Education
A Master's Degree in Cybersecurity or IT Management Certification/Licensure
One or more of the following:
CompTIA Security+ (SY0-401) (ISC)² Certified Information Systems Security Professional (CISSP) (ISACA) Certified Information Security Manager (CISM) GIAC Security Essentials (GSEC) EC-Council Certified Ethical Hacker (CEH) Medical Group
Satisfactorily complete the medical examination for this position, if required. The incumbent must be able to perform the essential functions of this position either with or without reasonable accommodations.
Job Summary
The Director, Cybersecurity in partnership with two other Directors, manages a team of cybersecurity professionals in the protection of critical transportation infrastructure for WMATA across the national capital region. The incumbent oversees functions including cyber operations, threat intelligence, engineering, architecture, governance, system authorizations and risk management. The Director designs and implements strategic and tactical cybersecurity plans that integrate with larger IT goals and WMATA's mission to deliver safe and reliable services to the public.
Essential Functions
Leads teams of cybersecurity professionals across a broad range of disciplines including risk management, compliance/audits, incident response, security tools, analytics, threat hunting/emulation, security engineering, monitoring/detection, governance, training, and policy creation and implementation. Ensuring compliance with the National Institute of Standards and Technology (NIST) and other applicable policies, laws and governing frameworks. Continuously refines the cybersecurity program by developing innovative strategies and tactical plans across a wide array of cybersecurity programs, leveraging the latest industry research, threat analysis, and lessons learned from internal practices. Ensures that WMATA's cybersecurity program is best-in-class. Develops a professional cadre of cybersecurity experts through mentorship, creating and facilitating professional development opportunities, and quality reviews and feedback of work. Ensures that employees are challenged and provided opportunities to keep pace with continuously evolving cyber threats. Designs, refines, implements and manages a risk-based, repeatable/consistent system security strategy based on the NIST Risk Management Framework(RFM)/Cybersecurity Framework which includes: control selection, system authorization, documenting, and remediating vulnerabilities, managing a Governance Risk and Compliance (GRC) tool, partnering with developers and stakeholders to ensure security is a part of the complete system development life cycle, and continuous monitoring. Ensures that WMATA maintains a thoughtful risk-management framework applied to all systems and applications. Conducts internal security audits of all aspects of the IT architecture for compliance and to determine where vulnerabilities exits, translating findings into Plans of Action and Milestones. Coordinates external audits to ensure WMATA has an effective compliance program that supports risk-prioritized remediation efforts. Leads security monitoring of all environments and incident response to cyber-attacks by: designing comprehensive plans, managing routine exercises, partnering with threat experts and law enforcement, designing and managing a holistic cyber fusion and security operations center, working with external vendors, as well as building and leveraging threat intelligence and analytics programs. Ensures that WMATA has a comprehensive threat monitoring and response program capable of rapidly detecting and responding to attacks. Creates and oversees threat hunting and emulation ("red/blue") efforts designed to detect and repair vulnerabilities across the enterprise based on a strategy tethered to risk and larger corporate future IT goals. Determines where WMATA's architecture lacks sufficient security controls that could be exploited by an adversary. Oversees (designs architecture/integration, procure, configure, manage) a comprehensive suite of security tools and monitoring technologies based on a continuous review of industry tools, security architecture designs, and gaps in the environment to support system authorization. Continuously monitors threat detection and response, hunting, compliance, and related enterprise-level security activities. Ensures that WMATA has a comprehensive set of tools that integrate effectively and keep pace with evolving threats. Develops and manages a dashboard of the enterprise cybersecurity posture depicting weaknesses and corrective activities, by compiling, reviewing and analyzing data from various tools and reporting sources. Develops and manages an innovative and current cybersecurity training and awareness program that looks both internally at developing professionals in the field and educating employees across WMATA. Ensures employees at all levels receive training to prevent security mishaps and build a stronger industry-leading workforce. Develops comprehensive cybersecurity policy that ties to larger IT policy, integrates with security architecture, anticipates future risk areas, and is based on industry-leading best practices, policy and laws. Ensures that WMATA has policy that guides the organization, manages compliance and risk, and defines key roles and partnerships. The essential duties listed are not intended to limit specific duties and responsibilities of any particular position. Nor is it intended to limit in any way the right of managers and supervisors to assign, direct and control the work of employees under their supervision.
Evaluation Criteria
Consideration will be given to applicants whose resumes demonstrate the required education and experience. Applicants should include all relevant education and work experience.
Evaluation criteria may include one or more of the following:
Skills and/or behavioral assessment Personal interview Verification of education and experience (including certifications and licenses) Criminal Background Check (a criminal conviction is not an automatic bar to employment) Medical examination including a drug and alcohol screening (for safety sensitive positions) Review of a current motor vehicle report
Closing
WMATA is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other status protected by applicable federal law.
This posting is an announcement of a vacant position under recruitment. It is not intended to replace the official job description. Job descriptions are available upon confirmation of an interview.