Manager Cybersecurity OT Infrastructure & Safety

Job ID: 8035

Business Unit: MTA Headquarters

Location: New York, NY, United States

Regular/Temporary: Regular

Department: IT CISO

Date Posted: Jul 16, 2024

Description

JOB TITLE: Manager Cybersecurity OT Infrastructure & Safety

SALARY RANGE: $156,275 - $184,456

HAY POINTS: 805

DEPT/DIV: Information Technology / Cybersecurity

SUPERVISOR: Cybersecurity Director, IT Cyber Security

LOCATION: Various/ 2 Broadway New York, NY 10004

HOURS OF WORK: 9:00 am - 5:30 pm (7.5 hours or as required)

This position is eligible for telework which is currently two day per week. New hires are eligible to apply 30 days after their effective date of hire.

About us:

The MTA transportation network has very large systems and infrastructure for financial, business, automated train, transportation, power, and physical security. The MTA IT Department is centrally responsible for providing a full range of Information and Operational Technology services to the MTA agencies and administrative units through its operating and support units.

MTA IT Cybersecurity is responsible for protecting the organization’s users, corporate and critical infrastructure systems. Leveraging industry best practices and regulatory guidance, the team manages a host of tools and programs focused on reducing cyber risk to the MTA. The Operational Technology (OT) Cybersecurity team works to protect the systems that can have significant impacts on life, safety, and transportation operations.

Summary of Job:

This role is responsible for overseeing concurrent cybersecurity projects, managing their resources and stakeholders, and driving them to completion. The Cybersecurity Manager is responsible for managing and developing staff, technology, and processes to reduce risk with the evolved cyber threat landscape and changing technology portfolio. The ideal candidate will have expertise in managing complex problems, highly skilled staff, contracts, and tasks associated with risk management.

Responsibilities

Planning

• Manage and plan the future technical architecture, providing insight into the future of their area of technology to continually improve effectiveness and efficiency.

• Manage and plan the development of roadmaps related to their area(s) of expertise to manage and meet identified technology needs.

• Manage and plan the evaluation of new technologies relative to their domain(s) to determine applicability to and best meet the needs of MTA and constituent agencies.

  Architecture

• Oversees architectural direction for domains under management to meet senior management and cybersecurity goals.

• Understand, review, and approve Cybersecurity Reference Architectures and Solutions for applying them.

  Contracts/Vendor Management

• Contribute and own technical elements of RFPs and RFIs and negotiate with vendors on technical issues to ensure results are delivered in line with user and organization requirements.

• Manages contracts and expenses to ensure SLAs and contract renewals are processed timely.

• Provide contract management support to ensure vendor deliverables are met.

• Manage and lead major projects and assigned service providers with technical expertise to address mission critical issues, evaluates ongoing vendor service level and enforces SLAs and penalties.

  Documentation

• Develop and maintain detailed and updated documentation is in place for cybersecurity systems and user processes .

• Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the IT Security Manager, where appropriate.

  Guidance, Communications and Training Support

• Provides technical guidance to project managers and senior leadership on cybersecurity and technology strategies.

• Ensure quality and review of new systems and manage cybersecurity risks and remediation system testing, baseline, and best practices.

  Research & Analysis

• Validates and maintains incident response plans and processes to address potential threats.

• Compiles and analyzes data for management reporting and metrics.

  Qualifications:

  Education and experience:

• Education: Bachelor’s Degree or related fields or equivalent experience. An equivalent combination of education and experience may be considered in lieu of degree.

• Experience: A minimum of 5 plus years of relevant experience. Leadership ability.

  Knowledge & Skills:

  Leadership Skills

• 2+ years of experience in Leadership/Management role.

• Experienced in delivering to deadlines.

• Experienced in managing and training people/teams.

• Experienced in public speaking and leading meetings.

• Strong work ethic and the ability to handle multiple priorities.

• Experienced in managing vendor relationships.

• Experienced in financial budgeting/planning.

  Preferred Qualifications:

• Cybersecurity General Certification (CISSP, CISM, CISA, CRISC, etc.)

• Cybersecurity Specific Certification (OSCP, GICSP, etc.)

• Project Management Certification (PMP, etc.)

  Preferred Technical Skills:

• 5+ years of cybersecurity experience and a deep understanding of technology and cybersecurity domain principles.

• 3+ years of experience working specifically on securing OT/ICS systems.

• Proficient in Network Engineering/Architecture.

• Demonstrated ability in implementing/solutioning cybersecurity tools/systems (firewalls, IAM, SIEM, etc.)

• Experience in scripting or programming skills (PERL, Python, PowerShell, etc.).

• Proficient in productivity tools (PowerPoint, Excel, Visio, etc.).

• Experience in programming/securing PLC/HMI’s.

  Soft Skills:

• Strong Communication

• Strong Leadership

• Problem Solving

• Performs other duties and tasks

• Observing the work performed by the contractor

• Reviewing invoices and approving them if the work had contractual standards

• Addressing performance issues with the contractor when possible

• Escalating issues to other parties as needed

  Competencies:

  Core Competency

  Proficiency Level

  Competency Definition

  Collaborates

  Expert

  Building partnerships and working collaboratively with others to meet shared objectives

  Cultivates Innovation

  Expert

  Creating new and better ways for the organization to be successful

  Customer Focus

  Expert

  Building strong customer relationships and delivering customer-centric solutions

  Communicates Effectively

  Expert

  Developing and delivering multi-mode communications that convey a clear understanding of the unique needs of different audiences

  Tech Savvy

  Expert

  Anticipating and adopting innovations in business-building digital

  and technology applications

  Technical Skills

  Expert

  Specialized knowledge and expertise on tools, programs, domains, platforms, and products used for specific tasks

  Values Diversity

  Expert

  Recognizing the value that different perspectives and cultures bring to an organization

  GENERAL:

• May need to work outside of normal work hours (i.e., evenings and weekends)

• Travel may be required to other MTA locations or other external sites

  Pursuant to the New York State Public Officers Law & the MTA Code of Ethics, all employees who hold a policymaking position must file an Annual Statement of Financial Disclosure (FDS) with the NYS Commission on Ethics and Lobbying in Government (the “Commission”).

MTA and its subsidiary and affiliated agencies are Equal Opportunity Employers, including with respect to veteran status and individuals with disabilities.

The MTA encourages qualified applicants from diverse backgrounds, experiences, and abilities, including military service members, to apply.