Easter Seals Jobs

Manager, Cybersecurity Cloud Security

Job ID: 8110

Business Unit: MTA Headquarters

Location: New York, NY, United States

Regular/Temporary: Regular

Department: IT CISO

Date Posted: Jul 16, 2024

Description

JOB TITLE: Manager, Cybersecurity Cloud Security

SALARY RANGE: $156,275 - $184,456

HAY POINTS: 805

DEPT/DIV: Information Technology / Cybersecurity

SUPERVISOR: Cybersecurity Director

LOCATION: Various/ 2 Broadway New York, NY 10004

HOURS OF WORK: 9:00 am - 5:30 pm (7.5 hours or as required)

This position is eligible for telework which is currently two day per week. New hires are eligible to apply 30 days after their effective date of hire.

About Us

The MTA transportation network has very large systems and infrastructure for financial, business, automated train, transportation, power, and physical security. The MTA IT Department is centrally responsible for providing a full range of Information and Operational Technology, and cybersecurity services to the MTA agencies and administrative units through its operating and support units.

MTA Cybersecurity is empowered, multi-functional teams focused on the protection of MTA’s assets from both internal and external cybersecurity threats which can affect both safety of employees and customers, system integrity, and availability of operations.

The purpose of this position is to provide technical leadership and management of MTA’s cyber security program in one or more technical domains as well as maintain secure environments for information systems to support MTA goals and priorities.

As part of managing the program, this role will require expertise in managing a complex program with highly skilled staff, contracts, and processes associated with risk management that are essential to maintaining electronic and physical safety for MTA’s business in all areas that utilize technology (Corporate, Customer Facing and Informational, Fare Payment/PCI, Operational Technologies, 3rd Party Managed, Vendors, etc.).

The Cybersecurity Manager will be responsible for managing and developing staff, technology, and processes to reduce risk with the evolved cyber threat landscape and changing technology portfolio. This position works across multiple technology and cybersecurity domains to ensure cybersecurity is looked at holistically from user, data and component, and systems perspectives.

The position also considers all risk assessments, data driven analytics, and actively seeks to develop and maintain standards, reference architectures, and reduce risk of the MTA through emerging technologies and trends in the industry.

Summary of Job

This position is responsible for continuously evaluating and partnering with the business and MTA IT disciplines to secure MTA’s Cloud Computing Environments. With the increase in the adoption of cloud technologies within MTA. The role will ensure that cloud solutions; Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) currently in use are continuously evaluated and monitored for cybersecurity risks and have appropriate security controls. The manager will assist in administering a comprehensive cloud security program that covers these applications, middleware, and infrastructure environments. Specific expertise and skillset in the domain of Cloud Security are required to improve MTA Cybersecurity delivery and accommodate the strategic shift to cloud resources. Managing the security of MTA cloud resources and the constant need for oversight is extremely important to ensure secure environments through Cloud-Native Application Protection Platform (CNAPP), Cloud Access Service Broker, Cloud Workload Protection Platform (CWPP), Cloud Security Posture Management (CSPM) and various configuration profiles of the SaaS Applications, Rapid Application Development Platforms, and Cloud Infrastructure environments.

The candidate we are seeking needs to have up-to-date cloud security skills in securing data and SaaS applications and a broad expertise and knowledge in various technologies and design principles such as Zero-trust architecture to collaborate with cross-functional teams, the ability to deliver security services, to mature and develop processes and governance.

This role will ensure that resources are available and managed appropriately for timely delivery to various departments to minimize operational and business impact.

Responsibilities

• Develop strategies to ensure cloud resources are protected and continuously assessments in various cloud environments (Azure, AWS, GCP, OCI.)

• Secure Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) platforms.

• Secure Software as a Service (SaaS)applications and interfaces.

• Implement or assess existing cloud security controls.

• Assess multi-cloud role-based access controls, logging, and configuration baselines to ensure appropriate security posture.

• Develop and maintain strategy to manage System to System authenticated connections and review the risk and

• Collaborate with various stakeholders to evaluate client needs, coordinate design for a solution, and communicate cybersecurity requirements.

• Automate (where possible) security hardening tasks to ensure gaps are identified and addressed quickly with the organization’s standards.

• Develop KPI and reporting to manage cloud projects, security initiatives, security risks, and remediations.

• Help establishes a strategic security architecture vision, including standards and frameworks for the organization.

• Review and analysis of security logs from a wide variety of sources for risk and issues while providing input to Security Operation Center (SOC) for monitoring and remediation.

• Coordinate and perform security audits and vulnerability assessments to assess internal security procedures and compliance requirements.

• Participate in the development of the security roadmap and communicate the cybersecurity vision to senior management and technical departments.

• Work with relevant Business stakeholders, IT Product, IT Infrastructure, Cybersecurity, and Vendors to ensure that security controls are implemented at all significant layers, test those controls, and perform gap analysis to find areas of improvement.

• Perform security architecture design reviews of enterprise applications hosted on the cloud and provide cybersecurity recommendations and standards to secure architecture.

• Provide input and guidance to Application Programming Interface (API) Security and monitoring

• Develop and coordinate DevSecOps security tools and monitoring in collaboration with Application Security and Product Engineering teams to ensure cybersecurity is properly enforced through processes

• Work with Product and infrastructure teams to help prioritize and validate urgency of mitigation of identified vulnerabilities and security events.

• Configure, manage, and use security systems, security monitoring and alerting applications, and security management tools.

  Qualifications:

  Required Qualifications:

• Education: Bachelor’s Degree or related fields or equivalent experience. An equivalent combination of education and experience may be considered in lieu of degree.

• Experience: A minimum of 5 plus years of relevant experience. Leadership ability​.

• Demonstrated ability to inspire, motivate, and empower people to achieve organizational goals.

• Collaboration skills to ensure design specifications are seamlessly implemented by the development team.

  Knowledge & Skills:

• Cloud Security Expertise: Deep understanding of cloud platforms (e.g., AWS, Azure, Google Cloud, Oracle Cloud Infrastructure, etc.) and their security features.

• Experience and understanding and securing SaaS applications (i.e., Salesforce, Dynamics, Office 365, Slack, etc.)

• Knowledge of cloud-specific threats and vulnerabilities.

• Experience with cloud security tools and services.

• Cybersecurity Knowledge: A strong foundation in general cybersecurity principles and practices.

• Awareness of current cybersecurity threats and trends.

• Risk Assessment and Management: Ability to assess security risks in cloud environments.

• Proficiency in risk mitigation strategies and risk management processes.

• Compliance and Regulations: Knowledge of relevant compliance frameworks (e.g., GDPR, HIPAA, PCI DSS).

• Experience in ensuring cloud infrastructure complies with industry and regulatory standards.

• Identity and Access Management (IAM): Skill in evaluation, designing, managing and securing user identities, roles, and permissions in the cloud.

• Proficiency in implementing multi-factor authentication (MFA) and least privilege access.

• Encryption and Data Protection: Expertise in data encryption techniques and key management.

• Capability to protect sensitive data stored in the cloud.

• Incident Response and Forensics: Ability to develop and implement incident response plans for cloud-related security incidents.

• Knowledge of digital forensics to investigate security breaches.

• Security Architecture: Skill in designing and implementing secure cloud architectures.

• Understanding of secure network configurations and segmentation.

• Security Monitoring and SIEM: Experience with Security Information and Event Management (SIEM) tools.

• Proficiency in continuous monitoring of cloud environments for threats and vulnerabilities.

• Cloud-specific Security Tools: Familiarity with cloud-native security tools and services (e.g., AWS Security Hub, Azure Security Center).

• Communication and Leadership: Strong communication skills to convey security requirements and risks to non-technical stakeholders.

• Leadership abilities to guide teams and influence security decisions.

• Vendor Management: Ability to assess and manage the security practices of third-party cloud service providers.

• Continuous Learning: Willingness to stay updated on cloud security best practices and emerging threats.

• Pursuit of relevant certifications (e.g., Certified Cloud Security Professional, AWS Certified Security).

• Collaboration: Skill in collaborating with IT teams, developers, and other departments to integrate security into cloud initiatives.

• Problem-Solving: Effective problem-solving skills to address complex cloud security challenges.

• Business Acumen: Understanding of how cloud security aligns with organizational goals and the ability to make security decisions in a business context.

• Adaptability: Flexibility to adapt to evolving cloud technologies and security threats.

• Preferred Qualifications:

• CISSP, CCSP, CISM, or other advanced security-related certification preferred

• Certifications in technology subdomains preferred (i.e., Cloud, Applications, Cloud Security, Infrastructure, as a Service Security, DevOps, Cybersecurity Technology, etc.).

  Preferred Technical Skills:

• Knowledge of Cloud-Native Application Platform to ensure security and compliance needed to protect cloud-native applications.

• Experience in Project Management Principles (Waterfall and Agile) preferred.

• Cloud Computing (Thorough Knowledge/Fully Proficient)

  Soft Skills:

• Active Listening, Attention to Detail, Customer Service,

• Prioritization, Problem Solving, Effective Verbal and Written Communication

• Performs other duties and tasks

• Observing the work performed by the contractor

• Reviewing invoices and approving them if the work had contractual standards

• Addressing performance issues with the contractor when possible

• Escalating issues to other parties as needed

  Competencies:

  Core Competency

  Proficiency Level

  Competency Definition

  Collaborates

  Expert

  Building partnerships and working collaboratively with others to meet shared objectives

  Cultivates Innovation

  Expert

  Creating new and better ways for the organization to be successful

  Customer Focus

  Expert

  Building strong customer relationships and delivering customer-centric solutions

  Communicates Effectively

  Expert

  Developing and delivering multi-mode communications that convey a clear understanding of the unique needs of different audiences

  Tech Savvy

  Expert

  Anticipating and adopting innovations in business-building digital

  and technology applications

  Technical Skills

  Expert

  Specialized knowledge and expertise on tools, programs, domains, platforms, and products used for specific tasks

  Values Diversity

  Expert

  Recognizing the value that different perspectives and cultures bring to an organization

  GENERAL:

• May need to work outside of normal work hours (i.e., evenings and weekends)

• Travel may be required to other MTA locations or other external sites

  Pursuant to the New York State Public Officers Law & the MTA Code of Ethics, all employees who hold a policymaking position must file an Annual Statement of Financial Disclosure (FDS) with the NYS Commission on Ethics and Lobbying in Government (the “Commission”). MTA and its subsidiary and affiliated agencies are Equal Opportunity Employers, including with respect to veteran status and individuals with disabilities.

The MTA encourages qualified applicants from diverse backgrounds, experiences, and abilities, including military service members, to apply.