Security Administrator 3-5

Description

Job Title: Security Administrator - Level 3 -5
Salary Range Level 3 - Min.: $69,092 Max.: $98,703
Level 4 - Min.: $76,001 Max.: $108,573
Level 5 - Min.: $86,703 Max.: $123,862
Dept/Div: MTA Information Technology/ IT Security
Supervisor: Cybersecurity Officer IT Endpoint Security
Location: 2 Broadway and other locations as required
Hours of Work: 9:00 AM -5:30 PM (8 hours/day) or as required.

This position is responsible for the administration of access to the railroad's computer systems on all computing platforms, administration of the various firewall and network technologies utilized to protect the perimeter of the network from intrusion. This includes resolving complex security problems, researching and implementing new security technology, providing firewall and network security solutions for large-scale initiatives, recommending policy changes to management and developing security procedures, policies and documentation for the IT Department and the end user community.

Level 3

• Provide first level security support for all IT related technical problems and services to ensure that all MTA application and systems availability targets are met.
• The implementation, administration and monitoring of data security procedures on all computing platforms, ensuring appropriate documentation.
• Work with IT staff and customers to ensure awareness of security concerns, mitigation techniques and assist in following procedures or implementing controls as necessary.
• Implementation, administration, and monitoring of physical security procedures within the IT Department and the associated documentation.
• Install, configure and troubleshoot complex hardware and/or software solutions supporting critical business functions and customer facing services.
• Maintain compliance with PCI-DSS Controls.
• Participate in the evaluation of new security products and security related technologies.
• Assist and back up other Security Administrators.
• Recommend solutions for security problems to management.
• Recommend and draft security policies and procedures for MTA computing platforms and coordinating with other MTA agencies as necessary.
• Implement and maintain compliance with PCI-DSS Controls.
• Perform and coordinate electronic data discoveries, maintaining confidentiality and meeting required deliverable time frames.
• Identify security problems and review them with other Security Administrators.

Level4

Same as Level 3 with the following additional responsibilities:

• Identify security problems and recommend solutions to management.
• Plan, design and engineer solutions and projects to be implemented within the security section.
• Perform security related project management tasks.
• Guide less senior technicians and staff in the performance of their tasks.

Level 5

Same as Level 4 with the following additional responsibilities:

• Lead the planning and coordination of security tasks and activities in support of IT related projects and initiatives.
• Assume complete ownership of the firewall and network security elements of a project or the implementation of any large-scale system.
• Lead and participate in all technical and non-technical tasks, such as procurement, while ensuring that milestones are met according to plan and that quality of the final product is high.
• Design, implement and maintain compliance with PCI-DSS controls. Communicate importance of controls to less senior Security Administrators and other IT personnel.

Qualifications

Level 3

• Basic Knowledge of Endpoint Detection and Response Technologies
• Basis Knowledge of Antivirus, Data Loss Prevention (DLP), Encryption and USB Protection.
• Basic knowledge and familiarity with installing and maintaining various components of an information security system, including firewalls, authentication protocols, encryption software, remote access systems, and commercial off the shelf security products.
• Basic knowledge of troubleshooting methodologies appropriate to the implementation platform, e.g., servers, desktops, laptops, or mobile devices on a large scale.
• Basic knowledge and familiarity with internet technologies and computer networking.
• Ability to Plan and schedule the installation of new or modified hardware, operating systems, and applications software on various endpoint platforms.
• Ability to plan, schedule and maintain and deploy endpoint security software to systems on a large scale.
• Ability to troubleshoot and support technical issues both remotely and on-site using standard MTA tools and techniques.
• Ability to read and understand schematic diagrams, technical manuals and documentation such that supported equipment and software can be maintained with minimal training.
• Strong oral and written communications skills.
• Strong analytical skills.
• Strong people skills.
• Must be able to move 25lbs of equipment such as monitors, keyboards, CPUs, laptops, firewalls, etc.
• Must possess a valid driver's license.
• Proven knowledge and familiarity with installing, maintaining and troubleshooting security resources including, but not limited to MS Active Directory, Checkpoint security software, Encryption software, remote access solutions, commercial off the shelf security software, with the ability to support this software on servers, desktops, laptops, and mobile devices.
• Proven knowledge of and familiarity with installing and maintaining various components of an information security system, including firewalls, authentication protocols, encryption software, remote access systems, and commercial-off-the-shelf security products.
• Research, identify, and drive the implementation of innovative approaches to system administration tasks with a focus on automation, error reduction and service improvement.
• Knowledge of troubleshooting methodologies appropriate to the implementation platform, e.g., servers, desktops, laptops, or mobile devices on a large scale.
• Demonstrated knowledge of and familiarity with internet technologies and computer networking.
• Strong critical thinking skills.
• Ability to guide less senior staff in the performance of their tasks.
• Strong knowledge of and familiarity with installing and maintaining various components of an information security system, including firewalls, authentication protocols, encryption software, remote access systems, and commercial-off-the-shelf security products.
• Strong knowledge of and familiarity with internet technologies and computer networking.
• Ability to provide technical direction to less senior staff members, and to guide new lower level staff members that enter the security team.
• Ability to perform electronic data recovery and computer forensics efficiently utilizing industry standard tools.
• Ability to recommend and draft effective security policies and procedures.
• Ability to perform research and recommend solutions for security problems to management.

Level4

Same as level 4 with the following additional qualifications:

• Advanced knowledge of and familiarity with installing and maintaining various components of an information security system, including firewalls, authentication protocols, encryption software, remote access systems, and commercial-off-the-shelf security products. Knowledge of troubleshooting methodologies appropriate to the implementation platform, e.g., servers, desktops, laptops, or mobile devices.
• Advanced knowledge of and familiarity with internet technologies and computer networking.
• Ability to plan, design and engineer solutions and projects for the security team.
• Ability to perform project management tasks related to solutions and projects for the security team.

Level 5:

Same as level 4 with the following additional qualifications:

• Expert knowledge of and familiarity with installing and maintaining various components of an information security system, including firewalls, authentication protocols, encryption software, remote access systems, and commercial-off-the-shelf security products. Knowledge of troubleshooting methodologies appropriate to the implementation platform, e.g., servers, desktops, laptops, or mobile devices.
• Expert knowledge of and familiarity with internet technologies and computer networking.
• Demonstrated ability to troubleshoot and support technical issues both remotely and on-site using standard MTA tools and techniques.
• Demonstrated ability to read, understand and develop schematic diagrams, technical manuals and documentation such that supported equipment and software can be maintained with minimal training.
• Demonstrated leadership and people skills.
• Demonstrated ability to provide technical direction to less senior staff members, and to train new lower level staff members that enter the security team.
• Ability to perform electronic data recovery and computer forensics efficiently utilizing industry standard tools.
• Demonstrated ability to recommend and draft security policies and procedures.
• Demonstrated ability to perform research and recommend solutions for security problems to management.
• Demonstrated ability to plan, design and engineer solutions and projects for the security team.
• Demonstrated ability to perform project management tasks related to solutions and projects for the security team.
• Demonstrated ability to be able to lead the planning and coordination of security tasks and activities within the security team.
• Demonstrated ability to perform all technical and non-technical tasks, such as procurement, while ensuring that security tasks are completed on time and within budget.
• Must demonstrate highly developed knowledge of current industry standard information security and market trends.
• Demonstrated ability to plan, present and apply complex technology solutions to solve critical business requirements effectively and efficiently.
• Proven experience working with senior level staff contributing to both short- and long-term technology related planning strategies.
• Monitor security devices and applications for performance problems.
• Write and maintain documentation on process procedures, device statuses, firewall block lists, and other important technical areas.
• Manage projects related to implementing Cyber Security tools and products
• Create diagrams of network topologies and record details of troubleshooting processes.
• Follow policies and standards to support network security and regulatory requirements. As well as recommend changes to policies and standards as technology develops.
• Support and provide evidence and services to audit teams in a timely manner.
• Enforce quality control and ensure output meets project requirements.

Level 3

• Bachelor's degree in Computer Science, Information Technology or related discipline; or a minimum of 7 years' experience installing, maintaining and supporting security technologies in an office environment.
• Must possess a minimum of 5 years' experience maintaining and supporting security hardware, software, network resources and protocols

Level 4

• Bachelor's degree in Computer Science, Information Technology or related discipline; or a minimum of 10 years' experience installing, maintaining and supporting security technologies in an office environment.
• Must possess a minimum of 8 years of experience maintaining and supporting security hardware, software, network resources and protocols.

Level 5

• Bachelor's degree in Computer Science, Information Technology or related discipline; or a minimum of 12 years' experience installing, maintaining and supporting security technologies in an office environment.
• Must possess a minimum of 10 years' experience maintaining and supporting security hardware, software, network resources and protocols.

Other Information:

This is a resume-based position in the collective bargaining unit represented by the Transportation Communications Union (TCU) and will be governed by the terms of the associated TCU collective bargaining agreement for IT employees. As such, candidates selected for this position will be represented by TCU and be on MTA payroll. In addition, candidates selected may be required to work at any MTA Agency location.

Pursuant to the New York State Public Officers Law & the MTA Code of Ethics, all employees who hold a policymaking position must file an Annual Statement of Financial Disclosure (FDS) with the NYS Commission on Ethics and Lobbying in Government (the "Commission").

Equal Employment Opportunity:
MTA and its subsidiary and affiliated agencies are Equal Opportunity Employers, including with respect to veteran status and individuals with disabilities.

The MTA encourages qualified applicants from diverse backgrounds, experiences, and abilities, including military service members, to apply.