Job Title: Security Specialist, Levels 3-5
Salary Range: Level 3 – Min: $74,597 Mid: $99,463.00 Max: $124,329
Level 4 – Min: $79,023 Mid: $105,364 Max: $131,705
Level 5 – Min: $86,653 Mid: $115,537.50 Max: $144,422
HAT Points: Level 3 – 393
Level 4 – 451
Level 5 – 551
Dept/Div: MTA IT/ Office of IT Cyber Security Services
Location: 2 Broadway, New York, NY 10004
Hours of Work: 8:30 AM – 5:00 PM (7.5 hours) or as required
Deadline: Open Until Filled
In order to protect our employees and continue to provide safe and reliable service to our communities, as of November 14, 2021 we are requiring all new MTA hires to be fully vaccinated against COVID-19 prior to their start date. MTA will consider exceptions for religious and medical reasons, where appropriate. “Fully vaccinated” means you must have both doses of a 2-dose vaccine and two weeks have elapsed since the second dose, or have received 1 dose of a 1-dose vaccine and two weeks have elapsed since the dose. Proof of your vaccination status in the form of a CDC vaccine card must be submitted prior to your start date.
With the heightened focus of cybersecurity across all Industries including the Transportation Sector, it is paramount for the MTA to possess the capability of preventing, detecting, responding, and mitigating cyber security breaches and incidents in a short amount of time. Securing the MTA’s employee and customer PII, financial information, enterprise network, intellectual property, transportation assets, and safeguarding public is a top priority. This job is accountable for providing both strategic and tactical support for cyber security incident response and investigation activities related to the Cyber Security Operation Center (CSOC). This position is a highly skilled technical position which requires an individual with up-to-date expert cyber security knowledge of Enterprise Networks, Applications, Endpoints, Cloud assets, and Security infrastructure. Individual should possess advance knowledge of software development, coding and scripting languages, network communications, AV/EDR, internet security systems, SIEM, Firewalls, Intrusion Protection Systems, Remote Access VPN, Proxy, Wireless Security, NAC, Enterprise ID Management systems, Databases, computer systems, Operating systems, Programming, Active Directory, Office365, Cloud Computing, security event analysis and forensic investigation techniques. Candidate should have industry standard security information on current trends, and evolving security of vendor products utilized in enterprise security.
Utilizing this experience, this position will assist MTA Management with efficiently maintaining and contributing to the IT Threat Intelligence catalog within the MTA-IT CSOC. More specifically, this position is part of the team charged with (including but not limited to) performing digital forensic investigations, processing and contributing threat intelligence products, properly handling evidence and forensic artifacts, supporting internal and external investigative units including law enforcement, maintaining cyber incident response plans, developing effective countermeasures, and organizing and running cyber security table top exercises. This position will also operate in conjunction with the Cyber Security Monitoring team to provide cyber security threat landscape & vulnerability awareness to CSOC management with respect to current infrastructure security events, reporting, investigation monitoring, and day to day security operations.
Perform computer and network forensic examinations and investigations regarding all types of digital media including, but not limited to, computers, cameras, cell phones, flash or thumb drives, and networking devices using proprietary methodologies and cutting-edge forensic tools.
Obtain / collect malware samples during cyber forensic investigations, perform reverse engineering and decipher the underlying programing code using in house and open source tools.
Review and analyze escalated CSOC level 1 (MSSP) and 2 monitoring team (or other sources) identified cyber incidents and events
Perform IR tasks including validation artifacts, determine root cause, performing containment if needed, manage recovery by working with SMEs and Stake holders, document lessons learned and reporting to MTA Management
Develop countermeasures and security recommendations based on escalated events
Work with partners, vendors, departments, and law enforcement agencies to maintain an understanding of security threats, vulnerabilities, and exploits that could impact MTA systems, networks, and assets.
Work with IT staff, SMEs, Stake holders and other MTA business units (Agencies) to ensure awareness of security concerns, mitigation techniques and assist in following procedures or implementing controls as necessary.
Ability to utilize all associated cyber security tools and services which includes but are not limited to Spelunk, Crowd Strike EDR, Palo Alto, Scalar Proxy, AD, Intelligence Sources for security Incident investigation.
Assist and serve as backup to other staff members in supporting Cyber Security Operation Center 24x7x365
Tracking and dissemination of Threat landscape news and intelligence and ensure MTA is not impacted
Participate in on-call after hours support, nights, weekends, and holidays.
Apply before July 25, 2022 at email@example.com