Manager Cybersecurity OT Infrastructure & Safety Job ID: 8035Business Unit: MTA HeadquartersLocation: New York, NY, United StatesRegular/Temporary: RegularDepartment: IT CISODate Posted: Jul 8, 2024Description JOB TITLE: Manager Cybersecurity OT Infrastructure & SafetySALARY RANGE: $156,275 - $184,456 HAY POINTS: 805DEPT/DIV: Information Technology / CybersecuritySUPERVISOR: Cybersecurity Director, IT Cyber SecurityLOCATION: Various/ 2 Broadway New York, NY 10004HOURS OF WORK: 9:00 am - 5:30 pm (7.5 hours or as required) This position is eligible for telework which is currently two day per week. New hires are eligible to apply 30 days after their effective date of hire. About us: The MTA transportation network has very large systems and infrastructure for financial, business, automated train, transportation, power, and physical security. The MTA IT Department is centrally responsible for providing a full range of Information and Operational Technology services to the MTA agencies and administrative units through its operating and support units. MTA IT Cybersecurity is responsible for protecting the organization’s users, corporate and critical infrastructure systems. Leveraging industry best practices and regulatory guidance, the team manages a host of tools and programs focused on reducing cyber risk to the MTA. The Operational Technology (OT) Cybersecurity team works to protect the systems that can have significant impacts on life, safety, and transportation operations. Summary of Job: This role is responsible for overseeing concurrent cybersecurity projects, managing their resources and stakeholders, and driving them to completion. The Cybersecurity Manager is responsible for managing and developing staff, technology, and processes to reduce risk with the evolved cyber threat landscape and changing technology portfolio. The ideal candidate will have expertise in managing complex problems, highly skilled staff, contracts, and tasks associated with risk management. Responsibilities Planning
Manage and plan the future technical architecture, providing insight into the future of their area of technology to continually improve effectiveness and efficiency.
Manage and plan the development of roadmaps related to their area(s) of expertise to manage and meet identified technology needs.
Manage and plan the evaluation of new technologies relative to their domain(s) to determine applicability to and best meet the needs of MTA and constituent agencies.
Architecture
Oversees architectural direction for domains under management to meet senior management and cybersecurity goals.
Understand, review, and approve Cybersecurity Reference Architectures and Solutions for applying them.
Contracts/Vendor Management
Contribute and own technical elements of RFPs and RFIs and negotiate with vendors on technical issues to ensure results are delivered in line with user and organization requirements.
Manages contracts and expenses to ensure SLAs and contract renewals are processed timely.
Provide contract management support to ensure vendor deliverables are met.
Manage and lead major projects and assigned service providers with technical expertise to address mission critical issues, evaluates ongoing vendor service level and enforces SLAs and penalties.
Documentation
Develop and maintain detailed and updated documentation is in place for cybersecurity systems and user processes .
Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the IT Security Manager, where appropriate.
Guidance, Communications and Training Support
Provides technical guidance to project managers and senior leadership on cybersecurity and technology strategies.
Ensure quality and review of new systems and manage cybersecurity risks and remediation system testing, baseline, and best practices.
Research & Analysis
Validates and maintains incident response plans and processes to address potential threats.
Compiles and analyzes data for management reporting and metrics.
Qualifications:
Education and experience:
Education: Bachelor’s Degree or related fields or equivalent experience. An equivalent combination of education and experience may be considered in lieu of degree.
Experience: A minimum of 5 plus years of relevant experience. Leadership ability.
Knowledge & Skills:
Leadership Skills
2+ years of experience in Leadership/Management role.
Experienced in delivering to deadlines.
Experienced in managing and training people/teams.
Experienced in public speaking and leading meetings.
Strong work ethic and the ability to handle multiple priorities.
Experienced in managing vendor relationships.
Experienced in financial budgeting/planning.
Preferred Qualifications:
Cybersecurity General Certification (CISSP, CISM, CISA, CRISC, etc.)
Cybersecurity Specific Certification (OSCP, GICSP, etc.)
Project Management Certification (PMP, etc.)
Preferred Technical Skills:
5+ years of cybersecurity experience and a deep understanding of technology and cybersecurity domain principles.
3+ years of experience working specifically on securing OT/ICS systems.
Proficient in Network Engineering/Architecture.
Demonstrated ability in implementing/solutioning cybersecurity tools/systems (firewalls, IAM, SIEM, etc.)
Experience in scripting or programming skills (PERL, Python, PowerShell, etc.).
Proficient in productivity tools (PowerPoint, Excel, Visio, etc.).
Experience in programming/securing PLC/HMI’s.
Soft Skills:
Strong Communication
Strong Leadership
Problem Solving
Performs other duties and tasks
Observing the work performed by the contractor
Reviewing invoices and approving them if the work had contractual standards
Addressing performance issues with the contractor when possible
Escalating issues to other parties as needed
Competencies:
Core Competency
Proficiency Level
Competency Definition
Collaborates
Expert
Building partnerships and working collaboratively with others to meet shared objectives
Cultivates Innovation
Expert
Creating new and better ways for the organization to be successful
Customer Focus
Expert
Building strong customer relationships and delivering customer-centric solutions
Communicates Effectively
Expert
Developing and delivering multi-mode communications that convey a clear understanding of the unique needs of different audiences
Tech Savvy
Expert
Anticipating and adopting innovations in business-building digital
and technology applications
Technical Skills
Expert
Specialized knowledge and expertise on tools, programs, domains, platforms, and products used for specific tasks
Values Diversity
Expert
Recognizing the value that different perspectives and cultures bring to an organization
GENERAL:
May need to work outside of normal work hours (i.e., evenings and weekends)
Travel may be required to other MTA locations or other external sites
Pursuant to the New York State Public Officers Law & the MTA Code of Ethics, all employees who hold a policymaking position must file an Annual Statement of Financial Disclosure (FDS) with the NYS Commission on Ethics and Lobbying in Government (the “Commission”).
MTA and its subsidiary and affiliated agencies are Equal Opportunity Employers, including with respect to veteran status and individuals with disabilities. The MTA encourages qualified applicants from diverse backgrounds, experiences, and abilities, including military service members, to apply.
