USNLX Ability Jobs

USNLX Ability Careers

Home View All Jobs (1,877,058)

Job Information

MTA Deputy Director Operational Technology Systems Security and Compliance in Various, United States

Deputy Director Operational Technology Systems Security and Compliance

Job ID: 10397

Business Unit: Metro-North Railroad

Location: Various, United States

Regular/Temporary: Regular

Department: Deputy Chief Engr C&S

Date Posted: Jan 29, 2025

Description

POSTING NO.

10397

JOB TITLE:

Deputy Director Operational Technology Systems Security and Compliance

DEPT/DIV:

M of W - Engineering

WORK LOCATION:

Various

FULL/PART-TIME

FULL

SALARY RANGE:

$ 189,990 .00

DEADLINE:

Until Filled

This position is eligible for teleworking which is currently one day per week. New hires are eligible to apply 30 days after their effective date of hire.

Metro-North Railroad reserves the right to remove this posting before the Application Deadline.

Opening:

MTA Metro-North Railroad is a dynamic organization, operating out of the jewel of New York City, Grand Central Terminal. We provide service to over 86.5 million customers, traveling in and out of New York and Connecticut. A subsidiary of the Metropolitan Transportation Authority, Metro-North Railroad is one of the busiest commuter railroads in the nation. MTA Metro-North Railroad strives to provide a safe and reliable commute, excellent customer service, and rewarding opportunities to its employees.

Position Objective:

The purpose of the MNR Deputy Director Operational Technology (OT) Systems Security and Compliance position is to support the railroad Cyber Security program led by the MTA IT Cyber Security (CS) group. This position will have a direct reporting relationship with Metro-North Maintenance of Way C&S/PTC organization with a solid line reporting structure to the MTA IT Cyber Security group. At the direction of MTA IT Cyber Security, this position will support the implementation of the MTA IT Cyber Security program for Metro-North in reducing security risks and to provide technical expertise in managing and analyzing control system risks with Metro-North critical infrastructure, which includes the Centralized Traffic Control (CTC), Supervisory Control and Data Acquisition (SCADA), Positive Train Control (PTC), ground-based Communications fiber network, radio and voice/data radio mission-critical and safety-critical systems at the Primary Control and Backup Control centers.

Responsibilities:

  • Coordinate, liaise and work in close alignment with MTA IT Cyber Security Office and their partners to satisfy and ensure the adaptation of the MTA’s application of NIST Cyber Security Framework, IEC 62443 standard, MTA IT, New York State, TSA, FTA, and FRA Cyber related mandates and MTA IT Cyber Security initiatives.

  • Maintain infrastructure, and applications technology for MNR OT Systems to support a secure Cyber Security posture by hardening OT infrastructure and applications technology, guiding, responding , and analyzing MNR systems in the reduction and containment of Cyber Security risk identified by MTA IT.

  • Partner with MTA IT Cyber Security to research and evaluate new technologies with direction from MTA IT Cyber Security to secure and manage risks in OT environments.

  • Build and maintain effective working relationships with MTA IT Cyber Security Stakeholders. Lead and participate in cyber operational investigations in accordance with MTA IT and Cybersecurity Office and communicate findings to relevant business units to help improve the Cyber Security posture. Conduct, validate, and maintain risk assessments and processes to address potential threats.

  • Compile and analyze data for management reporting and metrics. Monitor relevant information sources to stay up to date on current attacks and trends which may affect Metro- North operations . Identify and determine the potential impact of threats and vulnerabilities in operational technology areas and processes while documenting and communicating risks to MTA IT Cybersecurity Office.

  • Develop documents and track recommendations to remediate process issues, threats, and vulnerabilities in accordance with MTA IT Cybersecurity Office. Participate in creating and updating enterprise Cyber Security documents (IRPs, policies, standards, baselines, guidelines, and procedures) under the direction of the MNR senior management and MTA IT Cyber Security groups.

  • Remain current with Transportation and ICS/SCADA Operational Technology protection models for existing applications and new system implementations. Participate in the evaluation of new technologies to determine applicability to and best meet the needs of Metro-North and constituent agencies. Provide a proactive approach to Cyber Security by anticipating needs and performing investigations of security incidents related to Metro-North operations and coordinate efforts with the MTA IT Cyber Security. Remain current on latest Cyber Security industry trends and best practices in coordination with MTA IT Cybersecurity direction.

  • Execute the defined product lifecycle, manage the product lifecycle for the operational technology infrastructure components, recommend changes for implementation, gather data, and analyze capacity and performance to assure operational availability.

  • Analyze the current state of the operational technology infrastructure and identify opportunities for improvement to ensure systems meet business needs of the operational technology. Contribute to changes to establish roadmaps, document them effectively, and execute the implementation of changes in the area(s) of responsibility.

  • Act as a technical resource for multiple technologies, with vast knowledge of the OT capabilities and constraints, supported to continually improve system security, effectiveness, and efficiency. Promote security standards and support efforts to expand and migrate to future security architecture to improve security and share learning.

  • Provide technical leadership to project teams in the area of expertise and/or lead teams to complete projects specific to the area(s) of expertise to maximize and share learning. Provide guidance and technical coaching to less experienced staff to support effective workflow and develop technical talent. Build and oversee a resilient technical team, mentoring, and training junior staff, making recommendations based on emerging technologies, performing annual revisions to OT policies and procedures, and updating operating methods to comply with NYS, CFR, and TSA standards, in accordance with MTA IT and Cybersecurity practices and standards.

  • Analyze cross-technology/platform issues within the Metro North Operating Technology infrastructure and address problems factoring in an understanding of the current and future architectures in accordance with MTA IT architectural standards to ensure optimal performance and reliability across systems. Interact with major providers at the technical expert level to address mission-critical issues, evaluate ongoing vendor service levels, and enforce SLAs and penalties.

  • Support and follow directions by the office MTA IT Cyber Security risk assessments, data analytic tools, operational process reviews, and collaboration with security engineers, architects, developers, vendors, and business units to constantly improve the overall security of the Metro- North railroad infrastructure.

  • Coordinate efforts with the MTA IT Cyber Security group to develop disaster recovery and contingency plans for their domain(s) to provide MNR with minimal interruptions in service. Establish systems to monitor compliance with MTA IT architectural standards and ensure technical integrity. Develop and implement action plans to improve security in their security domain(s) and related technology as requested.

  • Support the entire Metro-North territory and OT’s real-time head-end systems in day-to-day operation and perform other related duties as assigned.

    Required Qualifications:

    Required Knowledge/Skills/Abilities:

  • Knowledge of 49 CFR Part 220, 236 Subparts H & I, and 246 requirements .

  • Knowledge of AREMA Guidelines and practices .

  • Experience working with real-time mission-critical operations control systems .

  • Project management skills with strict adherence to budget and deadlines .

  • Strong verbal and written communication and presentation skills .

  • Knowledge of Office Control Systems as it relates to CTC, SCADA, and PTC installation, testing, and commissioning.

  • Knowledge of Telecommunication copper, fiber plants, PA VIS, VHF voice data radio, SONET, CCTV/access control, PBX and DWDM .

  • Strong knowledge of Operational Technology Hardware and Software configuration management and processes .

  • Strong working knowledge of Microsoft Office, PowerPoint and/or comparable applications .

  • Strong knowledge of Metro-North Operational Technology networks, Communication networks, and server applications .

  • Strong knowledge of application server, network monitoring, operating systems and security .

  • Strong analytical skills in order to analyze new and existing products, equipment and/or procedures.

  • Must be able to recommend improvements or replacements to better support the Operational Technology Systems

  • Must be able to work in a high-profile/high-pressure environment.

  • Strong interpersonal skills with the ability to interact with internal departments and outside agencies, including MTA-IT Cyber Security and their partners.

  • Ability to work in a matrixed environment.

    Required Education and Experience:

  • Bachelor’s degree in Computer Engineering, Electrical Engineering, Computer Science, or related discipline. An equivalent combination of education, certifications and/or experience may be considered in lieu of a degree.

  • Minimum eight (8) years of blended experience with Signal, Power, PTC, and other Industrial control systems, Office and Field Communications, System logics, Cyber Security and Applications.

  • Minimum ten (10) years of relevant technology based or Operational Technology experience to include Networking and Security.

  • Minimum seven (7) years of blended experience performing Operational Technology Security- Application Security, Risk Assessment, Incident Response, and Disaster Recovery.

  • Minimum five (5) years of Project management skills with strict adherence to budget and deadlines.

  • Minimum five (5) years of experience with LAN/WAN networks.

    The Following is/are preferred:

  • Master’s degree in Computer Engineering, Computer Science, or related discipline .

  • Advanced professional and technical security-related certifications .

  • Scripting or programming skills (PERL, Python, PowerShell, etc.). Familiarity with Metro-North Policies and Procedures.

  • Familiarity with Metro-North collective bargaining agreements.

    Other Information

    This position is safety-sensitive and subject to toxicological testing.

    According to the New York State Public Officers Law & the MTA Code of Ethics, all employees who hold a policymaking position must file an Annual Statement of Financial Disclosure (FDS) with the NYS Commission on Ethics and Lobbying in Government (the “Commission”).

    Employees driving company vehicles must complete defensive driver training once every three years for current MNR drivers; or within 180 days of hire or transfer for an employee entering an authorized driving position.

    Equal Employment Opportunity

    MTA and its subsidiary and affiliated agencies are Equal Opportunity Employers, including those concerning veteran status and individuals with disabilities.

    The MTA encourages qualified applicants from diverse backgrounds, experiences, and abilities, including military service members, to apply.

DirectEmployers