Cyber Security & Network Administrator

Under the direction of the Director of Information Technology, the Cyber-Security & Network Administration designs, builds, tests, and implements security systems within the MTA/OIG’s IT network. The Cyber-Security & Network Administrator possesses a demonstrated thorough understanding of complex IT systems as well as current and emerging security standards, systems and authentication protocols and best practice security products. The Cyber-Security & Network Administrator also is responsible for the overall planning, direction and oversight of multiple projects, products, services, or functions to ensure the security, integrity and safety of the MTA/OIG IT network. The needs of the MTA/OIG IT Department may require the Cyber-Security & Network Administrator to work at off-site locations within the MTA geographic service area outside of regular business hours, including weeknights, weekends, and holidays.

Responsibilities

• Develops, configures, implements, integrates, administers, manages, and supports the MTA/OIG IT Enterprise monitoring system.
• Ensures that the monitoring system provides the necessary means to monitor all critical components of the MTA/OIG IT Enterprise infrastructure environment.
• Prevents service interruptions, closely works with all IT groups and operational staff, including MTA/IT staff, and confirms that monitoring capabilities are reliable and consistent with operational needs.
• Implements, supports, and monitors across all components of the MTA/OIG IT infrastructure networks, servers, hardware, applications, services, databases.
• Demonstrates a knowledge of the current and future technology architecture, including the inter-operability of technologies to effectively integrate IT systems and support the long-term strategies of the MTA/OIG.
• Analyzes cross-technology/platform issues and addresses problems factoring in an understanding of the current and future architectures to ensure optimal performance and reliability across systems.
• Leads the evaluation of new technologies relative to their domain(s) to determine applicability to and best meet the needs of the MTA/OIG and constituent agencies.
• Proposes technology investments supported by a thorough technical analysis and business case.
• Develops disaster recovery and contingency plans for their domain(s) to provide users with minimal interruptions in service.
• Interacts with major providers at the technical expert level to address mission critical issues, evaluates ongoing vendor service levels and enforces SLAs and penalties.
• Establishes systems to monitor compliance with architectural standards and to ensure technical integrity.
• Serves as an advocate for the acquisition and implementation of appropriate cyber-security products by driving security architecture and the design, implementation, and optimization for Web, API and Mobile backend applications.
• Engages in the initial cyber-security requirements definition, including the analysis of threats and risks and alignment with Visa security, engineering, IT, and architecture standards.
• Conducts and facilitates cyber-security reviews and threat modeling exercises, including deep design reviews throughout the development lifecycle.
• Enables and builds cyber-security safeguards and defenses on various platforms and technologies which protects software applications from attacks.
• Identifies and analyzes system and application-level vulnerabilities to provide recommended counter measures or mitigating controls that reduce cyber-security risk to an acceptable and manageable level.
• Conducts regular system tests and ensures continuous monitoring of systems and network security.
• Reviews current system cyber-security measures and recommends and implements cyber-security enhancements.
• Maintains knowledge of current and emerging cyber-security systems, standards, authentication protocols, and products.
• Ensures compliance with policies, procedures, and regulations to ensure safe and sound business operations.
• Attends meetings, trainings and conferences relating to cyber-security and network administration as directed by the Director of Information Technology or their designee.
• Other duties as assigned by the Director of Information Technology or their designee

Qualifications

• Excellent inter-personal and written and oral communication skills.
• Demonstrated superior knowledge of security protocols, cryptography, authentication, authorization, and security.
• Demonstrated superior knowledge of administrative, physical, and technical controls that can be implemented around networks, systems, and applications to secure them.
• Demonstrated superior experience with application design, penetration testing, application risk and risk categorization.
• Demonstrated superior experience with the vulnerability management lifecycle.
• Demonstrated superior experience in designing security controls for complex web applications with backend services expertise such as API Gateway, Identity and Access Management Services, Data Protection technologies, Security Information Event Management, among others.
• Demonstrated superior experience working on large scale cloud-based services (including SaaS, PaaS, IaaS) and very understanding of security challenges involved in deploying Cloud Applications
• Demonstrated superior technical experience with security technologies including, but not limited to, intrusion detection/prevention, event correlation, firewall, antivirus, anti-spam, policy enforcement, patch/configuration management, usage monitoring, audit, secure application development, etc.
• Ability to interact with a broad cross-section of personnel to explain and enforce security measures.
• Ability to handle multiple projects and responsibilities while maintaining careful attention to detail and accuracy.
• Ability to work in a high-pressure environment and meet deadlines.
• Ability to interact effectively with MTA/OIG Executive and Senior Staff, MTA Headquarters and Agency staffs.
• Ability to explain complex cyber-security, network, and related IT topics to a diverse and lay audience.
• Ability to move and lift up to 25lbs of equipment such as monitors, keyboards, CPUs, printers, laptops, firewalls, among others.
• Must possess a valid NYS or another state-issued driver’s license.
• Travel within the MTA geographic jurisdiction may be required.
• Working outside of regular business hours may be required, including weeknights, weekends, and holidays.
• Pursuant to authorization by the EDIG/Operations & Chief of Staff, this position is eligible for tele-working.
• A two-year commitment is required.

Education and Experience

• A Bachelor’s Degree, from an accredited educational institution, in Computer Science, Information Technology or a related field.
• Eight (8) or more years of experience in information security and/or IT management with five (5) years of progressively responsible experience as a primary cyber-security and network administrator with a focus on maintaining and enhancing the security, reliability and security of IT networks and IT systems.
• CISSP, CEH, GCIH, and similar security certifications required.

How To Apply

Qualified applicants can submit an online application by clicking on the 'APPLY NOW' button from either the CAREERS page or from the JOB DESCRIPTION page.

If you have previously applied on line for other positions, enter your User Name and Password. If it is your first registration, click on the CLICK HERE TO REGISTER hyperlink and enter a User Name and Password; then click on the REGISTER button.

Equal Employment Opportunity

MTA and its subsidiary and affiliated agencies are Equal Opportunity Employers, including with respect to veteran status and individuals with disabilities. The MTA encourages qualified applicants from diverse backgrounds, experiences, and abilities, including military service members, to apply.