Director of Cybersecurity Assessments - 90400986 - Washington D.C. jobs in United States
cer-icon
Apply on Employer Site
company-logo

Amtrak · 19 hours ago

Director of Cybersecurity Assessments - 90400986 - Washington D.C.

positionWashington, DC
timeFull-time
remoteOnsite
seniorityDirector/Executive
money$179K/yr - $232K/yr
date10+ years exp

Amtrak is a leading transportation company that connects businesses and communities across the United States. They are seeking a Director of Cybersecurity Assessments to oversee enterprise cybersecurity assessments for both IT and OT networks, ensuring comprehensive protection against cyber threats and aligning measures with industry standards. The role involves managing a team, conducting risk assessments, and developing policies to safeguard Amtrak's operational and business systems.

Service IndustrySoftwareTourismTravel
check
Comp. & Benefits
check
H1B Sponsor Likelynote

Responsibilities

Oversees enterprise penetration testing and cyber assessments against both IT and OT systems, using industry standard tools and in compliance with NIST SP 800-53, IEC 62443-2-1, and PCI DSS
Conducts risk assessments following NIST SP 800-30, tailored for both IT and OT contexts, to prioritize findings and vulnerabilities based on potential impact to operations and safety
Develops and implements remediation plans, ensuring OT-specific considerations like maintaining operational continuity while findings are addressed
Crafts policies that address security in both IT and OT, in compliance with NIST 800-53 and IEC 62443-2-3
Directs a team that includes both IT and OT security specialists, promoting collaboration and knowledge sharing
Ensures adherence to regulatory standards, manages audits, and reports on key findings to executive leadership
Coordinates with IT and OT incident response teams to manage vulnerabilities that could lead to security incidents, leveraging frameworks like NIST SP 800-61
Assigns or serves as cybersecurity SME in support of Amtrak projects

Qualification

Cybersecurity frameworksPenetration testingRisk assessmentIncident responseLeadershipOperating systemsIndustrial control systemsScripting for automationCommunicationInterpersonal skillsCollaborationProblem-solvingAdaptability

Required

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or an equivalent combination of training, education, and relevant experience
10 plus years of experience in cybersecurity, with at least 4 years specifically in penetration testing across IT and OT
In-depth knowledge of cybersecurity frameworks such as NIST, ISO/IEC 27001, IEC 62443, and PCI DSS
Experience with penetration testing tools tailored for both IT and OT environments
Proficiency in operating systems including Windows and Linux
Strong understanding of IT and OT networking and associated protocols
Familiarity with industrial control systems (ICS) and their security implications
Excellent verbal and written communication skills to explain complex security concepts to diverse audiences, including non-technical personnel and executive management
Ability to draft comprehensive reports and deliver presentations
Strong leadership capabilities, fostering an environment of trust and cooperation between IT and OT teams
Effective in conflict resolution and team motivation
Adept at collaborating with various internal teams (IT, OT, engineering) and external vendors or auditors
Strategic thinker capable of identifying systemic vulnerabilities and proposing effective solutions across IT and OT domains
Quick to adapt to evolving threats, technologies, and standards in both IT and OT security landscapes

Preferred

Master's degree in Cybersecurity, Information Assurance, or a related field
Certifications such as CISSP, GICSP, or CSSLP
Demonstrated experience in managing security for SCADA systems, PLCs, or other OT environments
Familiarity with scripting for automation (Python, PowerShell) in both IT and OT contexts
Proven leadership in cross-functional, multi-disciplinary teams

Benefits

Health, dental, and vision plans
Health savings accounts
Wellness programs
Flexible spending accounts
401K retirement plan with employer match
Life insurance
Short and long term disability insurance
Paid time off
Back-up care
Adoption assistance
Surrogacy assistance
Reimbursement of education expenses
Public Service Loan Forgiveness eligibility
Railroad Retirement sickness and retirement benefits
Rail pass privileges

Company

Amtrak

twittertwittertwitter
Glassdoor3.6
company-logo
Amtrak is a provider of intercity passenger rail services across the country, connecting major cities and regions.
dateFounded in 1971
location
Washington, District of Columbia, USA
people-size10001+ employees
web-link
https://www.amtrak.com/

H1B Sponsorship

Amtrak has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (57)
2024 (40)
2023 (50)
2022 (52)
2021 (42)
2020 (34)

Funding

Current Stage
Late Stage
Total Funding
$125.7M
Key Investors
Federal Railroad AdministrationU.S. Department of Transportation
2024-09-03Grant· $63.9M
2023-09-25Grant· $8.8M
2022-08-18Grant· $45M

Leadership Team

leader-logo
John McSorley
Director of Critical Infrastructure Protection
linkedin

Recent News

WebProNews
Amtrak Sets Record with 34.5M Riders, $2.7B Revenue in 2025
2026-01-05
bloomberglaw.com
Amtrak Wins Reversal of $44 Million Award in Random Attack Case
2026-01-03
Business Insider
Amtrak is booming: Why more Americans are taking its trains than ever before
2026-01-03
Company data provided by crunchbase