Senior Cybersecurity Analyst - Portland, United States - Urban League of Portland

Description

Join us and apply your cybersecurity talents to support the growing need in critical infrastructure

TriMet is looking for an experienced cybersecurity professional with combined knowledge and experience in security operations including areas such as detection and incident response.

The ideal candidate must have experience and/or a desire to apply their cybersecurity expertise to protecting TriMet's operational technology (OT).

The Senior Cybersecurity Analyst monitors measures designed to protect and defend TriMet's information systems, ensuring their availability, integrity, authentication, confidentiality, and non-repudiation.

This role will interact closely with customers both internal and external, software developers, IT administrators and technicians, compliance officers, and other key stakeholders to build and advance the information and network security strategies and programs, develop and implement enterprise-level information security policies and standards, lead information security awareness activities, and identify and remediate information security issues.

The Senior Analyst serves as a subject matter expert for IT security architecture, IT security operations, and IT risk management.

This position requires a minimum of two (2) days in-person per week.

Ensure a commitment to safety through consistent and professional behaviors in performance of job requirements that demonstrate safety is a fundamental value that guides all aspects of our work.

Perform related duties as required.

Serve as a good steward of TriMet by regularly utilizing our transit system to maintain a strong and current understanding of customers' experiences and of TriMet's product and service offerings.

Essential Functions

• Serves as the Subject Matter Expert (SME) for security tools, trends, methodologies, and best practices for securing platforms and operating systems at the network, server, and endpoint level.
• Determines security trends and threats, identifies risks and vulnerabilities to the organization, researches security breaches, and recommends corrective actions and remediation strategies. Review system design and architectures, and current and emerging technology, to make security-related recommendations.
• Acts as an IT incident responder. Lead incident response efforts and investigations of suspected information security events, misuse, or compliance reviews.
• Defines requirements to create IT controls policies, procedures and documentation and review, update and publish on a quarterly basis. Assists in the development and implementation of information security policy, standards, guidelines and procedures to ensure ongoing maintenance of security and define any changes that are required. Enhances existing information security policy and facilitates the training for all associates identified in the policy as well as provides guidance to TriMet staff.
• Analyzes IT risks and controls testing and validation activities in support of the Change Advisory Board process or Internal and External Audits. Assist in responses to internal and external compliance audits, data collection, penetration tests, and vulnerability assessments.
• Manage multiple information security projects simultaneously.
• Maintain hardware and software tools used to support Information and Network Security Operations functions. Coordinate maintenance of security related systems (anti-virus, intrusion detection and prevention, logging, content filtering, etc.).
• Participates in change management and incident review as needed. Document changes and actions in change management system and ticketing system.
• Monitors, reports, attests to IT policy compliance to PCI, HIPAA, and other compliance frameworks.

Position Requirements

A Bachelor's Degree is is required.

A Bachelor's Degree in Computer Science, CIT, Information Systems, or Business Administration is preferred.

A minimum of four (4) years total credited experience.

Two (2) years of experience in a hands-on technical role working in an Information Security Department are required.

Two (2) years of experience in complex IT development environments are preferred.

An ITIL Foundation certification (ITILCA, ITILCH, ITITLCO, ITILF, ITILR) is preferred.

A certification in CISSP and/or CCNA (or equivalent) is preferred.

Including but not limited to SC2:
CISSP, CSSLP, CCSP
SANS/


GIAC:
GSE, GSEC, GCIH, GPEN, GCIA

Offensive Security:

OCSP

EC Council:

CEH

ISACA:
CRISC, CISA, CISM

Or any equivalent of training and experience.

*The amount of credit a candidate receives for prior years of experience is based on the relevancy of that experience to the required or preferred prerequisites of the job description. Experience is prorated based on hours worked. LRHR assigns and validates the "credited experience".

Selection Criteria


Type of Position / Grade / FLSA
Grade 17, Exempt, Non-Union, Full-Time


Salary Range

Minimum:
$105,613.00


Maximum:
$158,418.00


Selection Process
Candidates will be selected based at a minimum on the result of:

Application Review (please include:
Cover Letter and Resume)

• Panel Interviews
• Reference Check

Salary offers will be determined by a candidate's education, training and relevant experience. Any final offer of employment will fall within the range stated above.

For transparency, we choose to list the full available grade range, however, TriMet's salary administration process will ultimately determine the final salary offered.

Supplemental Information
Make sure you describe in detail how your education, training and work experience fit with this role. You are encouraged to attach a resume, cover letter, training certificates and/or letters of recommendation with your application. You are permitted five attachments of less than 5MB each.


Internal applicants:
Information in your personnel file will not be used in lieu of information requested on your application. Incomplete applications will not be considered.

If you are a qualified veteran and would like to apply for veterans' preference points, you will need to reflect your status on the application and attach supporting documentation at the time of application submission.

If you need accommodation under the Americans with Disabilities Act for any part of the application process, contact our Human Resources staff at , or the TTY line at Note that we require a minimum of two workdays' notice prior to the need for accommodation.

TriMet is an equal opportunity employer, committed to developing an organization that is reflective of and sensitive to the needs of the diverse community we serve, including veterans, the elderly, and individuals with disabilities.

ADA Statement

As applied to the workplace, applicants and employees must be qualified to perform the essential functions of the job with or without reasonable accommodation.

Essential functions may include required job functions performed infrequently as well as production standards related to the quality and quantity of work.

If a person with a disability could meet job qualifications with a reasonable accommodation, TriMet will work with the employee to accommodate the need.

If TriMet's accommodation is effective in allowing the employee to perform the essential functions of the job, it need not be the employee's preferred accommodation.