Amtrak · 1 day ago
Lead Cyber Watch Ops Analyst - 90402954 - null
United States
Full-time
Remote
Mid, Senior Level
$104K/yr - $134K/yr
6+ years expAmtrak connects businesses and communities across the country, prioritizing the safety of passengers and employees. The Cyber Watch Operations Analyst is responsible for supporting the day-to-day operations of the Cyber Threat Command Center, focusing on cybersecurity incident management and threat analysis to protect the organization's systems and data.
Service IndustrySoftwareTourismTravel
Responsibilities
Ability to work under pressure, prioritize tasks, and meet deadlines in a fast-paced environment
Ability to think critically and like threat actors
Strong analytical and problem-solving skills, with the ability to assess complex situations and make informed decisions
Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means
Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies
Ability to interpret the information collected by security tools
Knowledge of attack vectors, threat tactics, and attacker techniques
Preferred ability for effective communication and interpersonal skills, work well with others in an integrated team environment, and must be self-motivated
Preferred knowledge and familiarity with Operational Technology (OT), Industrial Controls Systems (ICS) or Supervisory Control and Data Acquisition (SCADA) systems but not required
Responsible for delivery of security solutions for activity‐based assignments, executing and resolving problems within specified area
Monitor Cyber security anomalies, investigate, resolve and escalate Cyber Security events, incidents and problems
Search for potential vulnerability, exploit, or “0” Day based on the user behavior, Endpoint threat detection, Network behavior analytics, artificial engine alarms and managed security reports
Review Firewall, IDS/IPS logs, web content filtering logs, net flow device logs, antivirus logs
Lead Cyber Security tools (SIEM, EDR, CASB etc.) administration
Lead Periodical check for company policy violation / Support the investigation on policy violation
Lead Cyber security audits and inspecting security logs to uncover possible security violations
Generating, gathering, and tracking security metrics, developing scorecards for the metrics, and communicating the results Supports and participates in formal reporting related to Cyber Security Operations
Monitor security events and develop Cyber security controls across the enterprise
Lead Security support efforts for application and infrastructure related projects
Lead application security risk assessments for new or updated internal or third-party applications
Conduct quality test activities and validates test completeness in preparation for go‐live
Responding and resolving problems, security incidents and forensic investigations
Investigates, resolves and escalates problems. Monitors and analyzes metrics to ensure customer satisfaction and vendor performance
Lead vulnerability and risk analysis using commercial tools or custom scripts and documenting found gaps
Qualification
Required
Bachelor's degree in computer science, Information Systems, or related field plus 6+ years relevant experience required or 9+ years of relevant work experience required to satisfy education and experience requirements
Professional security‐related certifications (e.g. Security+, Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), etc.)
Must possess excellent customer service, strong communication and interpersonal skills, work well with others in an integrated team environment, and must be self-motivated
Strong analytical skills
Experience with SIEM, EDR, CASB, IDS/IPS, AV, DLP UEBA, FW, etc. technologies
Experience performing vulnerability management assessments
Experience working in a Cyber Security Operations (or SOC) as an analyst
Ability to work under pressure, prioritize tasks, and meet deadlines in a fast-paced environment
Ability to think critically and like threat actors
Strong analytical and problem-solving skills, with the ability to assess complex situations and make informed decisions
Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means
Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies
Ability to interpret the information collected by security tools
Knowledge of attack vectors, threat tactics, and attacker techniques
Responsible for delivery of security solutions for activity‐based assignments, executing and resolving problems within specified area
Monitor Cyber security anomalies, investigate, resolve and escalate Cyber Security events, incidents and problems
Search for potential vulnerability, exploit, or “0” Day based on the user behavior, Endpoint threat detection, Network behavior analytics, artificial engine alarms and managed security reports
Review Firewall, IDS/IPS logs, web content filtering logs, net flow device logs, antivirus logs
Lead Cyber Security tools (SIEM, EDR, CASB etc.) administration
Lead Periodical check for company policy violation / Support the investigation on policy violation
Lead Cyber security audits and inspecting security logs to uncover possible security violations
Generating, gathering, and tracking security metrics, developing scorecards for the metrics, and communicating the results Supports and participates in formal reporting related to Cyber Security Operations
Monitor security events and develop Cyber security controls across the enterprise
Lead Security support efforts for application and infrastructure related projects
Lead application security risk assessments for new or updated internal or third-party applications
Conduct quality test activities and validates test completeness in preparation for go‐live
Responding and resolving problems, security incidents and forensic investigations
Investigates, resolves and escalates problems. Monitors and analyzes metrics to ensure customer satisfaction and vendor performance
Lead vulnerability and risk analysis using commercial tools or custom scripts and documenting found gaps
Preferred
Master's degree in information technology, Cyber Security, or equivalent
Experience with scripting languages
8+ years' experience in cyber security specialization (compliance, information security program management, continuous monitoring, vulnerability assessment)
Benefits
Health, dental, and vision plans
Health savings accounts
Wellness programs
Flexible spending accounts
401K retirement plan with employer match
Life insurance
Short and long term disability insurance
Paid time off
Back-up care
Adoption assistance
Surrogacy assistance
Reimbursement of education expenses
Public Service Loan Forgiveness eligibility
Railroad Retirement sickness and retirement benefits
Rail pass privileges
Company
Amtrak
Amtrak is a provider of intercity passenger rail services across the country, connecting major cities and regions.
10001+ employees
H1B Sponsorship
Amtrak has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (57)
2024 (40)
2023 (50)
2022 (52)
2021 (42)
2020 (34)
Funding
Current Stage
Late StageTotal Funding
$125.7MKey Investors
Federal Railroad AdministrationU.S. Department of Transportation
2024-09-03Grant· $63.9M
2023-09-25Grant· $8.8M
2022-08-18Grant· $45M
Leadership Team
John McSorley
Director of Critical Infrastructure Protection
Recent News
2026-01-05
bloomberglaw.com
2026-01-03
2026-01-03
Company data provided by crunchbase