Apply on Employer Site

Sound Transit · 2 weeks ago

Manager - Information Security Engineering

Seattle, WA

Full-time

Hybrid

Mid, Senior Level

$104K/yr - $206K/yr

5+ years exp

Sound Transit is seeking a Manager for Information Security Engineering to oversee essential security functions including tool management and compliance with agency standards. The role involves leading a team, supporting security architecture, and managing risks associated with technology solutions.

Public TransportationRailroadTransportation

Work & Life Balance

Responsibilities

Acts as Service Owner for related Information Security Engineering services of the Information Security business unit

Support Information Security Architecture and Security Operations services

Manages personal for the Information Security Engineering components of the Information Security Division

Provides guidance to the technical professionals that comprise the Security Engineering functions of the Information Security Division

Participates in the overall implementation of the agency’s information security program, under the direction of the Chief Information Security Officer (or delegate), where appropriate

Participates in the creation of information security governance documents (policies, standards, baselines, guidelines, and procedures) under the direction of the Chief Information Security Officer (or delegate), where appropriate

Identifies and assesses technology-related risks to information security associated with prospective technology solutions; and recommends appropriate mitigating controls

Influences the design of any prospective technology solution for adherence to documented agency standards, policies, and regulatory responsibilities

Evaluates, implements, and supports security-focused tools and services required to support information security controls

Collaborates with other IT engineering and administration disciplines to ensure security best practices are incorporated into design, implementation and sustainment of systems and services within the agency

Consults with internal customers on risk assessment, threat modeling and mitigation of vulnerabilities

Conducts security assessments, evaluates controls, and provide feedback to management and system owners on the design and effectiveness of control processes

Conducts regular security reviews of both software and processes. Reviews and creates threat models and recommends security enhancements consistent with information security strategy and evolving threats

Participates in ongoing information security education, awareness, and outreach activities

Participate with information security incident investigation and response efforts, leading as needed

Participate with computer and network forensic investigations in support of incident response activities

Prepares regular reports on relevant metrics for different stakeholders

Coaches, manages, mentors, and develops staff

Focuses on keeping professional skills current

Keeps up to date on latest information security threats and countermeasures

Champions and models Sound Transit's core values and demonstrates values-based behaviors in everyday interactions across the agency

Contributes to a culture of diversity, equity and inclusion in alignment with Sound Transit’s Equity & Inclusion Policy

It is the responsibility of all employees to follow the Agency safety rules, regulations, and procedures pertaining to their assigned duties and responsibilities, which could include systems, operations, and/or other employees

It is the responsibility of all employees to integrate sustainability into everyday business practices

Other duties as assigned

Qualification

Information Security EngineeringSecurity ArchitectureSecurity OperationsCISSP CertificationITIL CertificationCISM CertificationCloud ComputingNIST StandardsSecurity ToolsWorkload PrioritizationSelf-OrganizationTeam LeadershipCommunication SkillsProject Management

Required

Bachelor's degree in Computer Science, Information Technology, Business Administration, Engineering, or closely related field

Five years of information technology experience with a focus on security engineering and operations, OR an equivalent combination of education and experience

Three years of leadership, budgetary, planning and workforce management experience

Certified Information Systems Security Professional (CISSP), or obtain within 12 months of hire

Strong command of ITIL core processes and principles

Strong command and experience with information security architecture and engineering principles

General knowledge of the NIST 800 series standards, PCI DSS standard, and the ISO 27001/2 frameworks

Demonstrated work experience in a few of the following areas: Information Security, Security Architecture, Security Engineering, Security Operations and implementing best practices, tools and technology

Strong understanding of information technology and security controls

Strong understanding of and experience with security-related technologies, systems, and tools

Proven competency in the use of MS Office applications (Microsoft Project, Word, Excel, PowerPoint, and SharePoint)

Strong team leadership and communicational (verbal/written) skills

Ability to work in highly collaborative environments

Strong workload prioritization and self-organization skills

Strong project management skills

Preferred

Certified Information Security Manager (CISM)

Information Technology Infrastructure Library (ITIL)

Certified Ethical Hacker (CEH)

Certified Cyber Forensics Professional (CCFP)

GIAC Certified Incident Handler (GCIH)

Understanding of Cloud Computing environments (Microsoft Azure preferred)

Benefits

Health Benefits: We offer two choices of medical plans, a dental plan, and a vision plan all at no cost for employee coverage; comprehensive benefits for employees and eligible dependents, including a spouse or domestic partner.

Long-Term Disability and Life Insurance.

Employee Assistance Program.

Retirement Plans: 401a – 10% of employee contribution with a 12% match by Sound Transit; 457b – up to IRS maximum (employee only contribution).

Paid Time Off: Employees accrue 25 days of paid time off annually with increases at four, eight and twelve years of service. Employees at the director level and up accrue additional days. We also observe 12 paid holidays and provide up to 2 paid floating holidays and up to 2 paid volunteer days per year.

Parental Leave: 12 weeks of parental leave for new parents.

Pet Insurance discount.

ORCA Card: All full-time employees will receive an ORCA card at no cost.

Tuition Reimbursement: Sound Transit will pay up to $5,000 annually for approved tuition expenses.

Inclusive Reproductive Health Support Services.