Washington Metropolitan Area Transit Authority - Alexandria, VA
posted about 2 months ago
The Washington Metropolitan Area Transit Authority (WMATA) is seeking a highly skilled Cybersecurity Analyst - Lead to spearhead its cybersecurity initiatives, particularly focusing on offensive security operations. This role is pivotal in building a state-of-the-art cybersecurity program aimed at protecting the critical transit infrastructure of the nation's capital. The Lead will leverage advanced expertise in threat hunting, gap analysis, and realistic threat simulation exercises, integrating red and blue team operations to enhance the Authority's security posture against emerging threats. The primary responsibility of the Cybersecurity Analyst - Lead is to lead a comprehensive penetration testing program that identifies and exploits vulnerabilities within enterprise systems. This involves a deep understanding of adversarial tactics, techniques, and procedures (TTPs) and the execution of real-world scenario-based exercises. The Lead will work closely with the Cyber Fusion Center (CFC) and other security teams to optimize threat intelligence sharing and enhance detection and response capabilities. This role also requires the documentation of findings, generation of detailed technical reports, and presentation of executive summaries to senior leadership, ensuring that actionable insights drive improvements in threat detection capabilities. In addition to leading penetration testing efforts, the Analyst will oversee the data analytics strategy based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework. This includes analyzing threat information from various sources and ensuring that vulnerabilities are identified and mitigated promptly. The Lead will coordinate the collection and dissemination of cyber threat assessments, oversee the development of cyber threat indicators, and ensure that the organization maintains a robust cyber threat intelligence awareness program. The role also involves responding to cybersecurity incidents, conducting forensic analysis, and collaborating with internal and external stakeholders to mitigate threats effectively. Overall, this position is critical in ensuring that WMATA's cybersecurity measures are proactive, effective, and aligned with industry best practices.