Information Security and Intelligence Engineer

Maintaining efficiency and economy in operations management requires flexibility in job assignments. While each employee shall have a primary responsibility for the job in which that employee has been hired or later promoted to, each employee may be expected to perform other jobs from time to time.

SUMMARY:

The Information Security and Intelligence Engineer (ISE) is responsible for safeguarding MTS’s digital assets, ensuring the confidentiality, integrity, and availability of critical system and sensitive information. This role will assist the Information Security Manager in designing, implementing, and maintaining security measures to protect the MTS systems, networks, and data from potential cyber threats. ISE expertise will contribute to maintaining a secure and compliant environment that aligns with industry standards and best practices.

Application Review: Priority will be given to applications received by June 16, 2025.
The position will remain open until filled.

EXAMPLES OF DUTIES:

Essential Functions

Security Infrastructure Management

• Designs, implements, and manages security systems and tools, such as firewalls, intrusion detection systems, intrusion prevention systems, anti-malware solutions, and encryption mechanisms.
• Regularly assesses the effectiveness of security controls and adjust as necessary to address emerging threats.

Vulnerability Management

• Conducts regular vulnerability assessments and penetration tests to identify and address potential weaknesses in SDMTS systems and networks.
• Collaborates with system administrators and developers to remediate vulnerabilities and track progress.

Incident Response

• Develops and maintains an incident response plan to effectively handle security breaches and incidents.
• Leads incident response efforts, including containment, analysis, and recovery, to minimize damage and prevent future occurrences.

Security Auditing and Compliance

• Monitors and enforces compliance with relevant security standards, regulations, and best practices (e.g., NIST,HIPAA and PCI DSS).
• Conducts regular security audits and assessments to ensure adherence to policies and procedures.

Security Awareness and Training

• Provides training and awareness programs to educate employees about security best practices and the importance of maintaining a secure computing environment.

Security Architecture Design

• Collaborates with IT teams to integrate security requirements into the design and architecture of new systems, applications, and infrastructure.

Security Documentation

• Maintains accurate and up-to-date documentation related to security policies, procedures, configurations, and incidents.

Threat Intelligence

• Stays informed about the latest security threats, vulnerabilities, and attack techniques, and applies this knowledge to enhance security strategies.

Continuous Improvement

• Stays up-to-date with industry trends, emerging technologies, and security best practices, and proposes enhancements to the security posture based on these insights.

Duties May Include, But Are Not Limited To, The Following:

• Uses technical language to write documentation, such as design documents, process guides, procedure manuals, work flow diagrams, screen mock-ups, end-user communications and regular project status reports.
• Effectively manages projects and lead project teams.

• Performs other duties as assigned.

Knowledge, Skills and Abilities:

The role of a professional Information Security Engineer encompasses a wide array of knowledge, skills, and abilities to safeguard MTS’s digital assets. This individual must possess an in-depth understanding of security systems and tools, including firewalls, intrusion detection systems, anti-malware solutions, and encryption mechanisms, coupled with the ability to design, implement, and manage these technologies effectively. Regular assessment of security controls and adaptability to emerging threats requires a keen awareness of the threat landscape and the skill to fine-tune defenses accordingly.

Vulnerability Management demands expertise in conducting comprehensive vulnerability assessments and penetration tests, identifying weaknesses within MTS systems and networks, and collaborating with cross-functional teams to remediate these vulnerabilities promptly. Effective communication and project management skills are essential to track progress and ensure vulnerabilities are efficiently addressed.

In the realm of Incident Response, proficiency in creating and maintaining incident response plans is crucial. This role requires the capability to lead teams during security breaches and incidents, managing containment, analysis, and recovery efforts to minimize damage and prevent future occurrences. A composed demeanor under pressure, technical aptitude, and decision-making skills are pivotal.

Security Auditing and Compliance expertise involves monitoring and enforcing adherence to security standards such as NIST, HIPAA, and PCI DSS. This professional should excel in conducting rigorous security audits, ensuring alignment with policies and procedures, and navigating complex regulatory environments.

The ability to impart Security Awareness and Training programs necessitates excellent communication skills to educate employees about security best practices and foster a culture of cybersecurity vigilance within the organization.

Collaborating on Security Architecture Design mandates a comprehensive understanding of IT systems and a knack for integrating security requirements seamlessly. Effective documentation skills are essential to maintain accurate records of security policies, procedures, configurations, and incidents, ensuring a solid knowledge base for reference and analysis.

Staying updated with the latest Threat Intelligence requires continuous learning about evolving security threats, vulnerabilities, and attack techniques. The application of this knowledge to enhance security strategies and propose proactive measures hinges on analytical thinking and adaptability.

Lastly, a commitment to Continuous Improvement is imperative. Remaining informed about industry trends, emerging technologies, and security best practices empowers this professional to make informed recommendations for bolstering the organization's security posture.

Special Skills/Knowledge

Special Skills:

• Industrial Control Systems (ICS) Security: Proficiency in safeguarding SCADA systems managing rail and bus operations.
• Threat Modeling: Analyzing potential physical and cyber threats to transportation operations.
• Transportation Regulations: Understanding regulations governing critical infrastructure and passenger safety.
• Physical Security Measures: Implementing tailored physical security systems.
• Incident Response: Developing specialized response plans for transportation disruptions and emergencies.
• Emergency Management: Coordinating responses with authorities and emergency services.
• Public-Private Partnerships: Collaborating with partners for shared security insights.

 Special Knowledge:

• Transportation Operations: Grasping rail and bus operations and schedules.
• Network Segmentation: Implementing isolated networks for critical systems.
• Secure Communication: Ensuring secure data transmission between facilities.
• Vulnerability Assessment: Identifying weak points in transportation infrastructure.
• Physical Access Control: Applying access systems for facility security.
• Regulatory Compliance: Adhering to transportation security standards.
• Cybersecurity Training: Educating staff for a security-aware culture.
• Transportation Systems (TS): Managing integrated technologies securely.
• Disaster Recovery Planning: Creating comprehensive recovery strategies.
• Regulatory Reporting: Following incident reporting requirements.

Physical Requirements

The successful candidate must be able to fulfill the physical demands of the job such as walking, stooping, sitting, bending, reaching for overhead files and occasional lifting (must be able to lift up to 15 pounds). Must be able to operate a motor vehicle and perform tasks involving manual dexterity, such as use of a computer and 10-key. Work will at times require more than 8 hours per day or an irregular work week to perform the essential duties of the position. Duties will be performed primarily in an office type environment and may require travel to external locations and agencies.

Experience/Education/Certificates/License(s)

Possess a bachelor's degree in computer science, information technology, or a related field, with a master's degree being a preferred qualification. Professional certifications such as CISM, CISA or CompTIA Security+ are advantageous and reflect a commitment to maintaining a high level of expertise in the field. A proven track record in information security roles is crucial, demonstrating practical experience in security infrastructure management, vulnerability assessment, incident response, and compliance. A strong understanding of network protocols, firewall configurations, and intrusion detection/prevention systems is essential. Proficiency in scripting languages like Python and PowerShell is a valuable asset, showcasing technical versatility. A combination of education, certifications, and hands-on experience would be considered. Must possess a valid California driver’s license.

GENERAL:

Must satisfactorily pass all applicable examinations including, but not limited to, a pre-employment physical, drug screen and background check.

SALARY GRADE:

The anticipated starting pay for this position is between $98,000 and $105,000. This range represents the expected starting salaries for new hires, typically within the lower to mid-portion of the overall salary range, which encompasses the full potential earnings for the role. Candidates with salary expectations outside the anticipated hiring range may reach out to the Talent Acquisition Specialist facilitating this recruitment for more information.

Salary offers are based on factors such as the knowledge, skills, abilities, and relevant experience of the successful candidate, while taking into account internal equity, budget constraints, and other market factors. This position is in salary grade #12, which has a minimum of $97,103 and a maximum of $137,886. Salary grades are typically adjusted annually to ensure they remain market competitive

DISCLAIMER: The above described job elements are intended to indicate the general nature and levels of work being performed by employees assigned to the job. They are not intended to be an exhaustive list of duties, responsibilities and skills required of employees so classified. Management retains the discretion to add to or change the duties of the position at any time.

EEO is The Law - Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled 

MTS is an Equal Opportunity Employer with an ongoing commitment to treat all people, including customers, co-workers and the public at large, with dignity and respect. As a public transportation agency, MTS is committed to providing an inclusive workplace that reflects the diverse communities in which we work and live.

MTS supports and promotes an environment that is free of discrimination and harassment. MTS recruits, hires, trains and promotes individuals without regard to race, color, sex, religion, ancestry, national origin, age, gender, marital status, medical condition, pregnancy, physical or mental disability, genetic information, gender identity, gender expression, sexual orientation and military status, veteran status or any other status protected by federal, state or local law.

MTS encourages veterans, military spouses and people from different backgrounds to apply for open positions for which they are interested. Additionally, MTS employees are encouraged to refer qualified candidates from all backgrounds and age groups. At MTS, we are committed to a fair and equitable workplace where everyone is a respected and valued member of the team.