Manager, Cybersecurity

As infrastructure critical to the region’s growth and prosperity, BNA is a vital asset for Middle Tennessee and serves as a gateway to Music City and beyond. According to a recent State of Tennessee study, in 2019 alone, BNA generated more than $9.9 billion in total economic impact. BNA supported more than 76,000 jobs in the region and produced more than $443 million in state, local and federal taxes. BNA receives no local tax dollars. For more information, visit flynashville.com. Follow us on Facebook: @NashvilleInternationalAirport, Twitter: @Fly_Nashville and Instagram: @FlyNashville. Learn more about BNA® Vision, our growth and expansion plan for the airport, at BNAVision.com.

  Hiring Process:

• Apply online
• Interview
• Offer
• Ten (10) year background check, including criminal history check, motor vehicle check, pre-employment drug screen, credit check, and breath alcohol test
• Onboarding

 Benefits:  

• Deferred compensation plans
• Educational Assistance
• Health, Dental, Vision, Life, Disability Insurance
• Health Screenings
• Paid Holidays
• Annual/Bereavement/Military Leave

Accepting Applications Until Filled

Job Summary: The Manager, Cybersecurity will report to the Director, IT Governance & Business Applications and is responsible for the establishment and maintenance of the Metropolitan Nashville Airport Authority's information security management program and requires in-depth understanding of data breach reporting laws, generally accepted information security principles, and related information technology security best practices. Requires familiarization with security tools, auditing and compliance practices (PCI, NIST), and Information Technology Infrastructure Library (ITIL) best practices including the selection, planning, delivery, maintenance, and overall lifecycle of IT services within the Authority. Familiarity with Cisco networking solutions. 

Starting Salary Range: $102,744- $139,788

Essential Responsibilities: 

• One of two designated Cybersecurity point of contacts and on-call 24-7-365 for Transportation Security Administration in the event of a cybersecurity incident.
• Maintains and enforces network security policies, standards, and processes to be compliant with Transportation Security Administration (TSA) cybersecurity requirements.
• Leads information security staff. Evaluates performance, provides feedback for training and development purposes. Presents ideas to upskill staff for future growth. Issues corrective action when appropriate and according to policy.
• Presents ideas to control costs in IT and other functional areas.
• Develops and maintains IT security governance structure to reduce risks in business processes, enhances information security, and complies with regulatory requirements.
• Establishes the methodology for the control, security, and integrity of data.
• Establishes, maintains and enforces network security policies, standards and processes while aligning with defined industry standards (e.g. NIST, PCI).
• Ensures that security programs comply with relevant laws, regulations and policies to minimize or eliminate risk and audit findings.
• Works with business units to identify perceived threats to the integrity, availability and confidentiality of information assets.
• Collaborates with the IT Infrastructure team to ensure alignment between the security and enterprise architectures.
• Evaluates and recommends products and procedures for sustainment of IT security infrastructure systems.
• Deploys Security Awareness Program, Computer Incident Response Plan and Disaster Recovery / Business Continuity Plans to safeguard the Authority.
• Plays a key role in end-user awareness, education and communications related to information security. Deploys methodologies to perform risk assessment, business impact analysis and security assurance to improve systems and operational security.
• Leads and oversees information security audits to identify potential threats, vulnerabilities and associative risks.
• Provides information security expertise, risk assessment and consulting for internal projects.
• Creates a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection.
• Develops and periodically reviews information security metrics to ensure compliance. Assists with related risk mitigation efforts.
• Supports decision-making and planning regarding resourcing/staffing of IT-related projects and needs, internal and third party.
• Supports business case development and benefits realization plans for IT-related projects.
• Keeps abreast of emerging technology trends and their potential impact on airport operations. Assists with disseminating knowledge on emerging technology trends to IT and functional stakeholders.
• Maintains regular and on-time attendance.
• Follows all safety regulations.
• Supports MNAA's commitment to its culture and values, including Respect, Integrity, Service and Excellence (RISE).
• Performs other duties as assigned.

Knowledge, Skills, Abilities and Other Characteristics: 

• Ability to obtain a secret security clearance to attend classified briefings.
• Policy: Establishes, maintains and enforces policies, standards and processes while aligning with defined industry standards.
• Leadership: Skill in leading, taking charge, and offering opinions and direction.
• Managing Workload: Skill in organizing and prioritizing work, handling multiple responsibilities, and meeting deadlines.
• Relationship Building: Skill in establishing and maintaining effective and professional working relationships with others.
• Supervision of Personnel: Skill in supervising and managing others, including planning work, providing direction, motivating workers, and identifying the best workers for the job.
• Teamwork: Skill in working with others as a team while taking responsibility for outcomes.
• Presenting: Skill in developing and delivering presentations, both oral and written to groups of varying size.
• Reporting: Skill in preparing and producing timely and accurate oral and written reports.
• Communication: Skill in communicating effectively at all levels of the organization and with stakeholders, both orally and in writing.
• Written Comprehension: Ability to read and understand information and ideas presented in writing.
• Written Expression: Ability to use words and sentences in writing so others will understand.
• Independence: Develops one's own ways of doing things, guides oneself with little or no supervision, makes independent decisions, and depends on oneself to get things done.
• Professionalism: Demonstrates professional behavior and appearance in all situations.
• Ethical Behavior: Consistently displays ethical behavior.
• Ability to operate a company vehicle to travel the airport premises.
• Information Systems: Knowledge of information systems and their applications.
• Computer Use: Skill in using a personal computer, the internet, and other software to perform job-related functions.
• Word Processing: Skill in computerized word processing quickly and accurately.
• Ability to obtain and maintain a Secure Identification Display Area (SIDA) badge.

Qualifications: 

Required: 

• Bachelors degree in relevant field of study or 5-7 years of relevant work experience with minimum of a high school diploma or equivalent may be considered in lieu of educational requirement. 
• 2-4 years in leadership role in Information Security
• 2-4 years of Compliance & Auditing Frameworks (PCI, NIST, etc.)
• Valid Class D drivers license 

Preferred: 

• Certified Information Systems Security Professional or Certified Information Security Manager