Washington Metropolitan Area Transit Authority - Alexandria, VA
posted 27 days ago
The Washington Metropolitan Area Transit Authority (WMATA) is seeking a Cybersecurity Analyst III (Metrics) to lead the Cybersecurity Metrics program. This role is pivotal in developing and managing the overall scorecarding and performance measurement of cybersecurity program activities. The successful candidate will report to the Governance, Risk and Compliance Manager and will be responsible for preparing and presenting governance and compliance management reports, key performance metrics, scorecards, and KPI briefings to the Chief Information Security Officer (CISO) and executive management. The position requires the development, refinement, and production of enterprise cybersecurity scorecards that provide a comprehensive view of the organization's health, including system-level health categorized by business units, operational defensive effectiveness, and employee training effectiveness regarding cybersecurity threats such as phishing and social engineering. In addition to scorecarding, the Cybersecurity Analyst III will provide senior-level support in identifying and remediating security threats. This includes designing defensive measures and monitoring information from various sources to identify, analyze, and report events that may occur within the network. The analyst will ensure that threats and vulnerabilities are identified and mitigated as early as possible. The role also involves analyzing threat information from multiple sources and synthesizing intelligence to draw insights about potential implications for the organization. The analyst will be responsible for developing cyber threat indicators and maintaining awareness of the dynamic operating environment. This includes coordinating the collection, processing, analysis, and dissemination of cyber threat assessments. The position requires a strong understanding of cyber defense tools and the ability to analyze events within WMATA's environments, both on-premises and in the cloud. The analyst will also conduct strategic and operational effectiveness assessments for cyber events, ensuring that systems perform as expected and providing input for operational effectiveness determinations. Furthermore, the Cybersecurity Analyst III will create dashboards to inform senior leaders about the organization's security posture and generate reports and action plans to enhance security procedures. The role requires a proactive approach to incident response, including real-time cyber defense incident handling and collaboration with internal and external stakeholders to mitigate threats. The analyst will also be involved in producing timely intelligence products and ensuring that all cyber events are reported in a timely and actionable manner. This position is essential for maintaining the security and integrity of WMATA's information systems and networks.