• Find preferred job with Jobstinger
  • ID
    #46081066
  • Job type
    Permanent
  • Salary
    TBD
  • Source
    MTA New York City Transit
  • Date
    2022-09-28
  • Deadline
    2022-11-26

Vacancy expired!

Job Information

Job Title: SCADA/ICS Security Specialist (Operations Technology) - Levels 2-5

Salary Range: Level 2 Min: $66,593 Mid:$88,791

Level 3: Min: $71,729 Mid: $95,639 Level 4: Min: $75,984 Mid: $101,312 Level 5: Min: $83,321 Mid: $111,095

Level 2 - 323

Points: Level 3 - 393

Level 4 - 451

Level 5 - 551

Dept/Div: IT/ Office of Cyber Security Services

Supervisor: Director Office of IT Security ICS

Location: 2 Broadway and other locations as required

Hours of Work: 9:00 AM - 5:30 PM (7.5 hours/day) or as required

Application Deadline: Posted Until Filled

Summary

The SCADA/ICS Security Specialist (Operations Technology) is responsible for identifying risks to the critical infrastructure of the MTA to protect against cyber threats from foreign state, hackers and internal sources. This position will actively work and coordinate with Operations Technology agency staff to integrate cybersecurity tools to identify, protect, detect, respond and recover from cybersecurity events. Additionally, the person is responsible for remediating the risks to the systems. his position will also assist in supporting tests of security controls to gauge their effectiveness and collaborating with the MTA Operating departments to determine the real and active threats. This position will integrate various ICS/SCADA systems to corporate security detection and prevention systems and will develop incident response procedure in case of a breach. Knowledge of various transportation ICS/SCADA assessment technologies and standards are a must.

Responsibilities

Level 2
  • Analyze MTA Agencies Supervisory Control and Data Acquisition / Industrial Control System (SCADA/ICS) to coordinate the efforts in the preparation of and response to cyber incidents that may significantly impact the critical infrastructure of the MTA and constituent agencies.
  • Identify all agency SCADA/ICS critical infrastructure on a risk-based approach to where cyber security incident could reasonably result in a catastrophic effect on the MTA and the public.
  • Knowledge of various transportation ICS/SCADA technologies is highly desirable.
  • Analyze, manage a threat and vulnerability assessment, identify the mitigation impact of cyber security framework with associated security measures or controls on business confidentially, availability to protect MTA from unauthorized access ensuring MTA assets are protected.
  • Maintain a cybersecurity framework to provide a prioritized, flexible performance based assessment, risk mitigation and cost effective approach, including information security measures and controls to assist Industrial Control Systems and (SCADA/ICS) owners to identify, assess and manage cyber security.
  • Analyze and maintain a process to coordinate improvements to the cyber security of critical infrastructure in a collaborative process with critical infrastructure owners to determine if current cyber security requirements are sufficient given current and projected risks.
  • Develop and coordinate the MTA-IT SCADA/ICS preparedness, in a standardized coordinated approach through the agencies critical SCADA/ICS systems as directed by NYS, FRA, APTA, etc. cyber security procedures escalation, funding and resources to develop uniformity by agencies on cyber security preparedness and incident response.
  • Assist and conduct the incident response planning and implementation as well as the investigation and monitoring of security breaches, Internet/Intranet security intrusion assessment while assisting with investigative and legal matters associated with such breaches as necessary as required by NYS, APTA and Executive Order
  • Maintain on-going communication with all MTA-IT Directors, Managers, business units, agency stakeholders and security staff to provide vital input for the planning of new SCADA/ICS applications, hardware, and rolling stock in support of the MTA operating system strategy to ensure future SCADA/ICS assets are protected.
  • Candidate must be available 24/7/365.

Level 3

Same as Level 2 with the following additional responsibilities;
  • Demonstrated ability to work and partner with the stakeholders and the technical team to manage short- or long-term ICS/SCADA projects is required.
  • Analyze security and monitor data collected including event logs and asset inventory from various cybersecurity tools and support the development of OT use cases.
  • Provide and update senior management analysis of MTA Opertations Technology portfolio current risk-based methodologies for security assessments and recommend security solutions for SCADA/ICS systems.
  • Analyze, manage a threat and vulnerability assessment, identify the mitigation impact of cyber security framework with associated security measures or controls on business confidentially, availability to protect MTA from unauthorized access ensuring MTA assets are protected.

Level 4

Same as Level 3 with the following additional responsibilities:
  • Work with senior staff and SCADA/ICS owners to prioritize security initiatives and spending based on appropriate risk management and/or financial methodology. Maintain internal and external relationships including other related government agencies to disseminate critical SCADA/ICS information to operating agencies.

Level 5

Same as Level 4 with the following additional responsibilities:
  • Develop incident response procedure for security breaches in the transportation systems.
  • Technical knowhow to integrate various ICS/SCADA systems into the existing detection and prevention systems.
Qualifications

Level 2
  • Good troubleshooting and problem solving skills.
  • Strong technical and analytical abilities.
  • Strong oral and written communication skills.
  • Well-organized and highly motivated.
  • Knowledge of Industrial control protocols and systems
  • Must be able to move and lift up to 25 lbs. of equipment such as monitors, keyboards, CPU's, laptops, firewalls, etc.
  • Must possess a valid driver's license.

Level 3

Same as level 2 with the following additional qualifications:
  • Good leadership skills.
  • Good troubleshooting and problem-solving skills.
  • Level 4

Same as level 3 with the following additional qualifications:
  • Proficiency in risk assessment methodologies

Level 5

Same as level 4 with the following additional qualifications:
  • Strong leadership skills.
  • Strong troubleshooting and problem-solving skills.
  • Strong ability to motivate and develop personnel.
  • Represent the SCADA/ICS Manager in their absence.
  • Experience interacting with all levels of the organization.
  • Ability to lead highly technical personnel.
  • Knowledge of industry best practices.
  • Expertise in risk assessment and mitigation methodologies is preferred
Education and Experience

Level 2

A Bachelor's degree in Computer Science, Business Administration, Engineering, Finance, and Information Services (or the equivalent of education and progressive responsible experience) plus a minimum of 1 - 2 years of Information Technology or Operating Technology experience.

Knowledge and experience of a broad range of policy, standards and common risk management methodologies - for example, NIST, ISO 27001/27002, PCI/DSS, COBIT, ITIL, ISO 2000, etc

Level 3

A Bachelor's degree in Computer Science, Business Administration, Engineering, Finance, and Information Services (or the equivalent of education and progressive responsible experience) plus a minimum of 3 - 4 years of Information Technology or Operating Technology experience or two years of direct experience in ICS/SCADA risk assessments.

Knowledge and experience of a broad range of policy, standards and common risk management methodologies - for example, NIST, ISO 27001/27002, PCI/DSS, COBIT, ITIL, ISO 2000, etc.

Project Management experience is a plus

Level 4

A Bachelor's degree in Computer Science, Business Administration, Engineering, Finance, and Information Services (or the equivalent of education and progressive responsible experience) plus a minimum of 5 - 6 years of Information Technology experience or 3 years of direct experience in ICS/SCADA systems assessments.

Knowledge and experience of a broad range of policy, standards and common risk management methodologies - for example, NIST, ISO 27001/27002, PCI/DSS, COBIT, ITIL, ISO 2000, etc.

Project Management experience is a plus

IT Security Certifications (CISSP, CISA, SANS, etc.) are a plus.

Level 5

A Bachelor's degree in Computer Science, Business Administration, Engineering, Finance, and Information Services (or the equivalent of education and progressive responsible experience) plus a minimum of 7 - 8 years of Information Technology or Operating Technology experience or 4 years of direct experience in ICS/SCADA risk assessments and mitigation.

Knowledge and experience of a broad range of policy, standards and common risk management methodologies - for example, NIST, ISO 27001/27002, PCI/DSS, COBIT, ITIL, ISO 2000, etc.

Project Management experience is a plus

IT Security Certifications (CISSP, CISA, SANS, etc.) are a plus.

Other Information

As an employee of MTA Headquarters you may be required to complete an annual financial disclosure statement with the State of New York, if your position earns more than $101,379 (this figure is subject to change) per year or if the position is designated as a policy maker

How To Apply

Qualified applicants can submit an online application by clicking on the 'APPLY NOW' button from either the CAREERS page or from the JOB DESCRIPTION page.

If you have previously applied on line for other positions, enter your User Name and Password. If it is your first registration, click on the CLICK HERE TO REGISTER hyperlink and enter a User Name and Password; then click on the REGISTER button.

Equal Employment Opportunity

MTA and its subsidiary and affiliated agencies are Equal Opportunity Employers, including with respect to veteran status and individuals with disabilities.

The MTA encourages qualified applicants from diverse backgrounds, experiences, and abilities, including military service members, to apply.

Vacancy expired!

Report job

Related Jobs

Jobstinger