Cybersecurity Engineer Term-Limited
Cybersecurity Engineer Term-Limited
Posted on :
19-04-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Salary range is $80k to $175k with a midpoint of $125k. New hires typically receive between minimum and midpoint however we may go slightly higher based on experience internal equity and market.
Sound Transit also offers a competitivebenefits packagewith a wide range of offerings including:
- Health Benefits: We offer two choices of medical plans a dental plan and a vision plan all at no cost for employee coverage; comprehensive benefits for employees and eligible dependents including a spouse or domestic partner.
- LongTerm Disability and Life Insurance.
- Employee Assistance Program.
- Retirement Plans: 401a 10 of employee contribution with a 12 match by Sound Transit; 457b up to IRS maximum (employee only contribution).
- Paid Time Off: Employees accrue 25 days of paid time off annually with increases at four eight and twelve years of service. Employees at the director level and up accrue additional days. We also observe 12 paid holidays and provide up to 2 paid floating holidays and up to 2 paid volunteer days per year.
- Parental Leave: 12 weeks of parental leave for new parents.
- Pet Insurance.
- ORCA Card: All fulltime employees will receive an ORCA card at no cost.
- Tuition Reimbursement: Sound Transit will pay up to $5000 annually for approved tuition expenses.
- Inclusive Reproductive Health Support Services.
- Compensation Practices: We offer competitive salaries based on market rates and internal equity. In addition to compensation and benefits youll find that we provide worklife balance opportunities for professional development and recognition from your colleagues.
This is a termlimited opportunity with an anticipated duration of 5 years.
GENERAL PURPOSE:
Under general direction evaluates designs builds operates and documents security solutions and technical controls; evaluates proposed projects and activities to identify information security risks and available mitigating controls; evaluates systems for compliance with internal policies and standards as well as applicable regulatory frameworks recommending solutions to address any gaps; and provides technical expertise to multidisciplinary teams to address security considerations.
ESSENTIAL FUNCTIONS:
The following duties are a representative summary of the primary duties and responsibilities. Incumbent(s) may not be required to perform all duties listed and may be required to perform additional positionspecific duties.
- Identifies and assesses technologyrelated risks to information security associated with current and prospective technology solutions; and recommends appropriate mitigating controls.
- Evaluates any prospective technology solution and system for adherence to documented agency standards policies and regulatory responsibilities.
- Collaborates with other IT engineering and administration disciplines to ensure security best practices are incorporated into design implementation operation and maintenance of systems and services within the agency.
- Performs vulnerability assessments and penetration tests of information systems.
- Assesses and classifies any identified system vulnerabilities in accordance with predefined risk criteria; advises and consults with internal customers on risk assessment threat modeling and mitigation of vulnerabilities.
- Participates in incident response activities; conducts computer and network forensic investigations in support of incident response activities; performs rootcause analysis when incidents occur and prepares incident reports.
- Evaluates implements and supports securityfocused tools and services required to support information security controls.
- Conducts regular security reviews of both software and processes. Reviews and creates threat models and recommends security enhancements consistent with information security strategy and evolving threats.
- Interacts with penetration testers and other external vendors as needed.
- Keeps up to date on latest information security trends best practices threats and countermeasures.
- Reviews logbased data both in raw form and utilizing SIEM or aggregation tools.
- Operates and maintains technologies systems and applications used to support security controls and activities.
- Assists in promoting a culture of information security at Sound Transit.
- Champions and models Sound Transits core values and demonstrates valuesbased behaviors in everyday interactions across the agency.
- Contributes to a culture of diversity equity and inclusion in alignment with Sound Transits Equity & Inclusion Policy.
- It is the responsibility of all employees to follow the Agency safety rules regulations and procedures pertaining to their assigned duties and responsibilities which could include systems operations and/or other employees.
- It is the responsibility of all employees to integrate sustainability into everyday business practices.
- Other duties as assigned.
MINIMUM QUALIFICATIONS:
Education and Experience:Bachelors degree in Computer Science Information Technology Business Management Information Systems or related field; Five years of verifiable information systems security (or cyber security) experience; Or an equivalent combination of education and experience.
Required Licenses or Certifications:
- Certified Information Systems Security Professional (CISSP) or ability to obtain certification within 12 months of employment.
Preferred Licenses or Certifications:
- CEH CCFP GCIH (or other GIAC) CCSP CSA or others that are considered fieldrelevant.
Required Knowledge and Skills:
- Experience with the application of threat modeling or other risk identification techniques.
- Working understanding of Operating System architecture as it relates to the functions of the following components: OS kernel OS kernel modules and device drivers memory management interprocess communication security subsystem user account rights user group rights system logs I/O functions network services filesystem permissions and application interaction with the Operating System.
- Strong understanding of Microsoft OS (Server and Workstation) and Linux OS products. MacOS is strongly desirable.
- Technical skills proficiency in the following areas: security information event management network protocols (e.g. TCP/IP UDP IPSEC HTTP HTTPS routing protocols) system administration malware (propagation infection types) intermediate knowledge of network security controls and technologies (proxy firewall IDS/IPS router/switch open source information collection platforms) cryptography Microsoft Active Directory and Microsoft cloud technologies (Azure M365 Entra).
- Deep knowledge of security operations: perimeter defense forensics incident response chain analysis risk assessment and security metrics.
- Strong understanding of internetfacing web applications.
- Relevant experience and detailed technical knowledge in security engineering system and network security authentication and security protocols and cryptography.
- Good knowledge of information security incident handling and investigation procedures.
- Demonstrated skills in conducting forensic analysis of digital evidence network traffic managing event analysis/correlation and related incident investigations.
- Indepth knowledge of security software threats and vulnerability mitigation techniques.
- Strong understanding of cloud platforms (Azure AWS).
- Working knowledge of riskbased methodologies and one or more of the following frameworks: ISO 27001/2:2022 PCIDSS or NIST 80053.
- Ability to selforganize and manage workload and activities.
- Principles of business letter writing and basic report preparation.
- English usage spelling grammar and punctuation.
- Modern office procedures methods and equipment including computers and computer applications such as word processing spreadsheets and statistical databases.
Preferred Knowledge and Skills:
- Scripting skills (e.g. PowerShell).
- Establishing and maintaining effective working relationships with other department staff management vendors and other stakeholders.
- Documenting and explaining risks recommendations and incident data to technical and nontechnical stakeholders.
- Interpreting information security policies standards and procedures sufficiently to administer discuss resolve and explain them to staff and other constituencies.
- Generating metrics and preparing reports to facilitate decisionmaking on securityrelated activities.
- Utilizing personal computer software programs affecting assigned work and in compiling and preparing spreadsheets and reports.
- Writing of technical documentation and standards.
- Responding to inquiries and in effective oral and written communication.
- Candidate should have excellent time management skills including the ability to prepare prioritize and complete work plans.
- Ability to work effectively and organize priorities independently.
- Results oriented highly organized proactive and selfmotivated.
- Working effectively under pressure meeting deadlines and adjusting to changing priorities.
Physical Demands / Work Environment:
- Work is performed in a hybrid office and field environment.
- Positions working in field may occasionally be exposed to dangerous machinery extreme weather conditions physical harm hazardous chemicals and/or extreme noise.
- Position is responsible for connecting equipment to other equipment mounted above eye level; may be subject to reaching.
- Position is responsible for operating the graphic interfaces for the software applications that display large amounts of data. Numerous data elements are also conveyed in graphical format; may be subject to eye/hand coordination and vision.
- Position includes on call and weekend and night shifts to support incident response activities.
- The Agency promotes a safe and healthy work environment and provides appropriate safety and equipment training for all personnel as required.
Sound Transit is an equal employment opportunity employer. No person is unlawfully excluded from employment action based on race color religion national origin sex (including gender identity sexual orientation and pregnancy) age genetic information disability veteran status or other protected class.
Employment Type
Full-Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
