Cybersecurity Engineer III

Washington Metropolitan Area Transit Authority - Alexandria, VA

posted 5 months ago

Full-time - Mid Level
Alexandria, VA
Transit and Ground Passenger Transportation

About the position

The Cybersecurity Engineer III (CE III) role at the Washington Metropolitan Area Transit Authority (WMATA) is a pivotal position within the organization, tasked with enhancing the cybersecurity framework that protects critical transit infrastructure in the Washington Metropolitan Area. Reporting directly to the Manager of the Cybersecurity Technology Unit (CTU), the CE III will be responsible for executing a variety of enterprise-wide initiatives focused on perimeter management and application security engineering. This includes the setup, configuration, and maintenance of essential security appliances such as firewalls, load balancers, and VPNs, as well as security applications like Splunk, Varonis, and Crowdstrike. The role also encompasses updating hardware and software, managing user accounts, overseeing backup and recovery tasks, and implementing both operational and technical security controls. The CE III will document processes and ensure compliance with organizational security policies and procedures, thereby playing a crucial role in maintaining a robust security posture. In addition to these responsibilities, the CE III will conduct penetration testing and ethical hacking to assess the security of web-based applications, networks, and other computer systems. Regular security audits will be performed from both logical and technical perspectives, resulting in comprehensive reports and actionable plans. The engineer will also serve as a liaison between the security architect and various stakeholders, ensuring that security controls are effectively designed and implemented across systems and networks. This role requires a deep understanding of security and enterprise architecture, as well as the ability to integrate cybersecurity into the development of new capabilities. The position is hybrid, allowing for a flexible work arrangement that includes both virtual and in-person work, in accordance with WMATA's telework policy. The CE III will be expected to provide senior-level support for processes that ensure stakeholder security requirements are met, and to collaborate with development organizations to create and deploy necessary tools. The role also involves conducting comprehensive technology research to identify potential vulnerabilities and enhance the organization's cybersecurity capabilities. Overall, the Cybersecurity Engineer III will play a critical role in safeguarding WMATA's mission and business processes against evolving cyber threats.

Responsibilities

  • Execute enterprise-wide initiatives in perimeter management and application security engineering.
  • Set up, configure, and maintain security appliances and applications.
  • Update hardware and software as necessary.
  • Establish and manage user accounts and oversee backup and recovery tasks.
  • Implement operational and technical security controls and document processes.
  • Conduct penetration testing and ethical hacking on web-based applications and networks.
  • Perform regular security audits and produce written reports and action plans.
  • Serve as a liaison between the security architect and various stakeholders.
  • Ensure systems and networks are developed and deployed securely according to best practices.
  • Conduct comprehensive technology research to evaluate potential vulnerabilities.
  • Provide senior-level support for documentation processes related to cybersecurity architecture.
  • Analyze internal operational architecture to improve performance and effectiveness.
  • Identify and develop reverse engineering tools to enhance capabilities and detect vulnerabilities.
  • Support incident response functions to mitigate threats and gather evidence.
  • Research, deploy, configure, and maintain network monitoring and cybersecurity tools.

Requirements

  • Bachelor's degree in Computer Engineering, Cybersecurity, Software Engineering, Electrical Engineering, Engineering Management, or a similar technical degree.
  • Four years of experience as a cybersecurity engineer or Information System Security Engineer/Officer (ISSO/ISSE), with a focus on cybersecurity engineering and/or penetration testing.

Nice-to-haves

  • Certifications in cybersecurity (e.g., CISSP, CEH, CISM).
  • Experience with NIST cybersecurity frameworks and standards.
  • Familiarity with cloud security practices and tools.
  • Knowledge of secure coding practices and software development methodologies.

Benefits

  • Health insurance coverage.
  • Dental insurance coverage.
  • Vision insurance coverage.
  • 401k retirement savings plan with matching contributions.
  • Paid holidays and vacation time.
  • Flexible scheduling options for work hours.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service