Cybersecurity Engineer (Term-Limited Appointment) jobs in United States
info-icon
This job has closed.
company-logo

Sound Transit · 8 hours ago

Cybersecurity Engineer (Term-Limited Appointment)

positionSeattle, WA
timeFull-time
remoteHybrid
senioritySenior Level
money$78K/yr - $180K/yr
date5+ years exp

Sound Transit is a transportation agency dedicated to providing public transit solutions. They are seeking a Cybersecurity Engineer to evaluate, design, and implement security solutions while ensuring compliance with internal policies and regulatory frameworks.

Public TransportationRailroadTransportation
check
Work & Life Balance

Responsibilities

Identifies and assesses technology-related risks to information security associated with current and prospective technology solutions; and recommends appropriate mitigating controls
Evaluates any prospective technology solution and system for adherence to documented agency standards, policies, and regulatory responsibilities
Collaborates with other IT engineering and administration disciplines to ensure security best practices are incorporated into design, implementation, operation, and maintenance of systems and services within the agency
Performs vulnerability assessments and penetration tests of information systems
Assesses and classifies any identified system vulnerabilities in accordance with pre-defined risk criteria; advises and consults with internal customers on risk assessment, threat modeling, and mitigation of vulnerabilities
Participates in incident response activities; conducts computer and network forensic investigations in support of incident response activities; performs root-cause analysis when incidents occur and prepares incident reports
Evaluates, implements, and supports security-focused tools and services required to support information security controls
Conducts regular security reviews of both software and processes. Reviews and creates threat models and recommends security enhancements consistent with information security strategy and evolving threats
Interacts with penetration testers and other external vendors as needed
Keeps up to date on latest information security trends, “best practices”, threats, and countermeasures
Reviews log-based data, both in raw form and utilizing SIEM or aggregation tools
Operates and maintains technologies, systems, and applications used to support security controls and activities
Assists in promoting a culture of information security at Sound Transit
Champions and models Sound Transit's core values and demonstrates values-based behaviors in everyday interactions across the agency
Contributes to a culture of diversity, equity and inclusion in alignment with Sound Transit’s Equity & Inclusion Policy
It is the responsibility of all employees to follow the Agency safety rules, regulations, and procedures pertaining to their assigned duties and responsibilities, which could include systems, operations, and/or other employees
It is the responsibility of all employees to integrate sustainability into everyday business practices
Other duties as assigned

Qualification

CISSP certificationSecurity operations knowledgeVulnerability assessmentsIncident response experienceThreat modelingMicrosoft OS proficiencyLinux OS proficiencyNetwork security knowledgeCloud platforms knowledgeScripting skillsTechnical documentationTime managementEffective communication

Required

Bachelor's degree in Computer Science, Information Technology, Business Management Information Systems or related field
Five years of verifiable information systems security (or cyber security) experience
Or an equivalent combination of education and experience
Certified Information Systems Security Professional (CISSP), or ability to obtain certification within 12 months of employment
Experience with the application of threat modeling or other risk identification techniques
Working understanding of Operating System architecture as it relates to the functions of the following components: OS kernel, OS kernel modules and device drivers, memory management, inter-process communication, security subsystem, user account rights, user group rights, system logs, I/O functions, network services, file-system permissions, and application interaction with the Operating System
Strong understanding of Microsoft OS (Server and Workstation) and Linux OS products. MacOS is strongly desirable
Technical skills proficiency in the following areas: security information event management, network protocols (e.g. TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols), system administration, malware (propagation, infection, types), intermediate knowledge of network security controls and technologies (proxy, firewall, IDS/IPS, router/switch, open source information collection platforms), cryptography, Microsoft Active Directory, and Microsoft cloud technologies (Azure, M365, Entra)
Deep knowledge of security operations: perimeter defense, forensics, incident response, kill chain analysis, risk assessment, and security metrics
Strong understanding of internet-facing, web applications
Relevant experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, and cryptography
Good knowledge of information security incident handling and investigation procedures
Demonstrated skills in conducting forensic analysis of digital evidence, network traffic, managing event analysis/correlation, and related incident investigations
In-depth knowledge of security software threats and vulnerability mitigation techniques
Strong understanding of cloud platforms (Azure, AWS)
Working knowledge of risk-based methodologies and one or more of the following frameworks: ISO 27001/2:2022, PCI-DSS, or NIST 800-53
Ability to self-organize and manage workload and activities
Principles of business letter writing and basic report preparation
English usage, spelling, grammar, and punctuation
Modern office procedures, methods, and equipment including computers and computer applications such as word processing, spreadsheets, and statistical databases

Preferred

CEH, CCFP, GCIH (or other GIAC), CCSP, CSA or others that are considered field relevant
Scripting skills (e.g., PowerShell)
Establishing and maintaining effective working relationships with other department staff, management, vendors, and other stakeholders
Documenting and explaining risks, recommendations, and incident data to technical and non-technical stakeholders
Interpreting information security policies, standards, and procedures sufficiently to administer, discuss, resolve, and explain them to staff and other constituencies
Generating metrics and preparing reports to facilitate decision-making on security-related activities
Utilizing personal computer software programs affecting assigned work and in compiling and preparing spreadsheets and reports
Writing of technical documentation and standards
Responding to inquiries and in effective oral and written communication
Candidate should have excellent time management skills including the ability to prepare, prioritize, and complete work plans
Ability to work effectively and organize priorities independently
Results oriented, highly organized, proactive, and self-motivated
Working effectively under pressure, meeting deadlines, and adjusting to changing priorities

Benefits

Health Benefits: We offer two choices of medical plans, a dental plan, and a vision plan all at no cost for employee coverage; comprehensive benefits for employees and eligible dependents, including a spouse or domestic partner.
Long-Term Disability and Life Insurance.
Employee Assistance Program.
Retirement Plans: 401a – 10% of employee contribution with a 12% match by Sound Transit; 457b – up to IRS maximum (employee only contribution).
Paid Time Off: Employees accrue 25 days of paid time off annually with increases at four, eight and twelve years of service. Employees at the director level and up accrue additional days. We also observe 12 paid holidays and provide up to 2 paid floating holidays and up to 2 paid volunteer days per year.
Parental Leave: 12 weeks of parental leave for new parents.
Pet Insurance.
ORCA Card: All full-time employees will receive an ORCA card at no cost.
Tuition Reimbursement: Sound Transit will pay up to $5,000 annually for approved tuition expenses.

Company

Sound Transit

twittertwittertwitter
company-logo
Sound Transit is a public transit agency serving the Seattle metropolitan area.
dateFounded in 1996
location
Seattle, Washington, USA
people-size501-1000 employees
web-link
https://www.soundtransit.org

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Juan Higuera
Chief of Staff to CEO
linkedin
leader-logo
John S. Henry, CPA, CMA, CTP
Chief Financial Officer and Treasurer
linkedin

Recent News

PRWeb
AOEP and Citiri Announce 2025 Opconic Awards Honoring Excellence in Operational Readiness and Owner Scope Management
2025-12-16
PR Newswire
AtkinsRéalis Delivers Oversight Services for Sound Transit's Largest Design-Build Project
2025-12-08
MarketScreener
Parsons Selected for $1B Sound Transit MATOC to Support Regional Transit Expansion
2025-12-05
Company data provided by crunchbase