Sr. Cybersecurity Administrator

As infrastructure critical to the region’s growth and prosperity, BNA is a vital asset for Middle Tennessee and serves as a gateway to Music City and beyond. According to a recent State of Tennessee study, in 2019 alone, BNA generated more than $9.9 billion in total economic impact. BNA supported more than 76,000 jobs in the region and produced more than $443 million in state, local and federal taxes. BNA receives no local tax dollars. For more information, visit flynashville.com. Follow us on Facebook: @NashvilleInternationalAirport, Twitter: @Fly_Nashville and Instagram: @FlyNashville. Learn more about BNA® Vision, our growth and expansion plan for the airport, at BNAVision.com.

  Hiring Process:

• Apply online
• Interview
• Offer
• Ten (10) year background check, including criminal history check, motor vehicle check, pre-employment drug screen, credit check, and breath alcohol test
• Onboarding

 Benefits:  

• Deferred compensation plans
• Educational Assistance
• Health, Dental, Vision, Life, Disability Insurance
• Health Screenings
• Paid Holidays
• Annual/Bereavement/Military Leave

Accepting Applications Until Filled 

Starting Salary Range: $84,911- $115,526

Job Summary: The Senior Cybersecurity Administrator is responsible for leading multiple enterprise security services while ensuring technical solutions adhere to various compliance frameworks and regulations such as Payment Card Industry-Data Security Standard (PCI-DSS), National Institute of Standards and Technology (NIST), etc. This includes assessing, planning, and implementing security measures to help protect from security breaches and attacks on the Metropolitan Nashville Airport Authority's (MNAA) computer networks and systems. Other responsibilities include but are not limited to vulnerability management, intrusion detection/prevention, firewalls, and security information and event management. Potential for on-call availability under some circumstances is required.

Essential Responsibilities:

• Plays a lead role in prompt and effective response to information security incidents.
• Performs analysis and response to tier II and III security relevant alerts and events.
• Successfully manages PCI compliance, which should include but not limited to, knowledge in complying with PCI standards.
• Gathers PCI related requirements and information regarding continuous compliance assurance; analyzes and evaluates needs and provides recommendations; provides documentation of requirements.
• Collects, assesses, and reports upon relevant threat intelligence / actionable security information and appropriately modifies tactical operations accordingly.
• Meets network firewall security work standards by following production, productivity, quality, customer-service, safety, security, and health standards; resolving operational problems; identifying work process improvements.
• Diagnoses and resolves issues with firewalls, virtual private network (VPN) gateways, wireless networks, and virtual local area network (VLANS).
• Analyzes firewall security requirements by studying user requirements; conducting system security and vulnerability analyses and risk assessments.
• Assesses network traffic patterns and session data for indicators of malicious activity; takes initiative to drive procedural or technical change within the enterprise environment.
• Identifies business risk and advises appropriate business contacts as required to treat such risk.
• Supports the automation and improvement of the overall Information Security posture at MNAA.
• Assists with executing remediation plans for any gaps reported in audits or recommended process improvements that effect core information security services.
• Serves as a leader in technical space, which proactively seeks out new technical solutions, identifying gaps, understanding risk-based prioritization within the greater security and risk function, etc.
• Working knowledge of Unix, Linux and Windows operating systems.
• Confirms administrative information systems by developing and conducting tests; auditing system performance.
• Supports other Security & Risk program efforts within MNAA.
• Follows all safety regulations.
• Maintains regular and on-time attendance.
• Supports MNAA’s commitment to its culture and values, including Respect, Integrity, Service and Excellence (RISE).
• Performs other duties as assigned.

Knowledge, Skills, Abilities and Other Characteristics:

• Computer Systems: Knowledge of computer systems, technology, software, and applications.
• Information Systems: Knowledge of information systems and their applications.
• Data Security: Knowledge of federal, state, and local laws related to data security and retention requirements.
• Servers and Networks: Knowledge of LAN/WAN systems configuration, implementation, and administration.
• Cisco: Skill in managing Cisco network hardware.
• Microsoft Exchange/Office 365: Skill in managing the Microsoft Exchange/Office 365 environment.
• Microsoft Windows: Skill in using the Microsoft Windows operating system.
• Problem Solving: Skill in identifying problems and reviewing related information to develop and evaluate options and implement solutions.
• Virtual Environment: Skill in managing virtual and cloud-based environments.
• IP Networks: Skill in sub-netting and managing internet protocol (IP) networks.
• Computer Use: Skill in using a personal computer, the internet, and other software to perform job-related functions.
• Leadership: Skill in mentoring, taking charge, and offering opinions and direction.
• Relationship Building: Skill in establishing and maintaining effective and professional working relationships with others.
• Communication: Skill in communicating effectively at all levels of the organization and with stakeholders, both orally and in writing.
• Network Infrastructures: Skill in configuring hierarchical network infrastructures.
• Microsoft Office: Skill in using Microsoft Office applications such as Outlook, Word, Excel, and PowerPoint.
• Office Equipment: Skill in using standard office equipment such as telephones, copy machines, scanners, multi-functional printers, and fax machines.
• Deductive Reasoning: Ability to apply general rules to specific problems to come up with logical answers.
• Written Comprehension: Ability to read and understand information and ideas presented in writing.
• Inductive Reasoning: Ability to combine pieces of information to form general rules or conclusions (includes finding a relationship among seemingly unrelated events).
• Dependability: Acts reliably and responsibly with others.
• Learning: Displays a willingness to quickly acquire knowledge relevant to the job.
• Professionalism: Demonstrates professional behavior and appearance in all situations.
• Ability to obtain and maintain a Security Identification Display Area (SIDA) badge.

Qualifications: 

Required: 

• Bachelors degree in Computer Science, Management Information Systems, or relevant field of study. 7-10 years of relevant work experience with minimum of a high school diploma may be considered in lieu of educational requirement
• 2-4 years of progressive experience in computing and information security, including experience with Internet technology, security technology, issue resolution and leading teams in a cross functional,
  global setting
• Valid Class D drivers license 

Preferred:

• Masters degree in Computer Science, Information Systems, or a related field
• CISSP, GSEC, GCIA, GCIH, GCFA, or other security related certifications