Security Administrator 4 - 5

Description

Job Title: Security Administrator - Level 4 -5
Salary Range: Level 4 - Min.: $76,001 Max.: $108,573
Level 5 - Min.: $86,703 Max.: $123,862
Dept/Div: MTA Information Technology/ IT Security
Supervisor: Cybersecurity Officer/Manager
Location: 2 Broadway and other locations as required
Hours of Work: 9:00 AM -5:30 PM (8 hours/day) or as required

This position is responsible for the administration of access to the railroad's computer systems on all computing platforms, administration of the various firewall and network technologies utilized to protect the perimeter of the network from intrusion. This includes resolving complex security problems, researching and implementing new security technology, providing firewall and network security solutions for large-scale initiatives, recommending policy changes to management and developing security procedures, policies and documentation for the IT Department and the end user community.

Level 4

• Provide first level security support for all IT related technical problems and services to ensure that all MTA application and systems availability targets are met.
• The implementation, administration and monitoring of data security procedures on all computing platforms, ensuring appropriate documentation.
• Work with IT staff and customers to ensure awareness of security concerns, mitigation techniques and assist in following procedures or implementing controls as necessary.
• Implementation, administration, and monitoring of physical security procedures within the IT Department and the associated documentation.
• Install, configure and troubleshoot complex hardware and/or software solutions supporting critical business functions and customer facing services.
• Maintain compliance with PCI-DSS Controls.
• Participate in the evaluation of new security products and security related technologies.
• Assist and back up other Security Administrators.
• Recommend solutions for security problems to management.
• Recommend and draft security policies and procedures for MTA computing platforms, and coordinating with other MTA agencies as necessary.
• Implement and maintain compliance with PCI-DSS Controls.
• Perform and coordinate electronic data discoveries, maintaining confidentiality and meeting required deliverable time frames.
• Identify security problems and review them with other Security Administrators.
• Identify security problems and recommend solutions to management.

• Participate in the evaluation of new security products and security related technologies.
• Plan, design and engineer solutions and projects to be implemented within the security section.
• Perform security related project management tasks.
• Assist and back up other Security Administrators.
• Guide less senior technicians and staff in the performance of their tasks.

Level 5

Same as Level 4 with the following additional responsibilities:

• Lead the planning and coordination of security tasks and activities in support of IT related projects and initiatives.
• Assume complete ownership of the firewall and network security elements of a project or the implementation of any large-scale system.
• Lead and participate in all technical and non-technical tasks, such as procurement, while ensuring that milestones are met according to plan and that quality of the final product is high.
• Design, implement and maintain compliance with PCI-DSS controls. Communicate importance of controls to less senior Security Administrators and other IT personnel.

Qualifications:

Level 4

• Knowledgeable and experienced with the administration of information security systems including but not limited to:
  • Firewalls (E.g., Palo Alto),
    • Using centralized management solutions (E.g., Panorama)
    • Creation of firewall rules
    • Building site-to-site VPN tunnels
    • Applying IPS/IDS signatures (E.g., WildFire)
  • Proxy Servers
  • NAC Solutions
  • Remote Access Solutions
  • Micro segmentation and related system technologies
• Knowledge, experience and or certification on industry leading security tools / technology products such as Palo Alto, Zscaler, Forescout, Skybox, Cisco, Gigamon, etc. is a must.
• Ability to troubleshoot network problems, examine firewall logs, understand how analyze network traffic packets. Familiar with tools like Wireshark. Understanding of routing protocols.
• Ability to read and understand schematic diagrams, technical manuals, and documentation such that supported equipment and software can be maintained with minimal training.
  • Know how to create network diagrams using Microsoft Visio
• Knowledgeable and familiar with Web-based and cloud technologies
• Ability to troubleshoot and track technical support issues both remotely and on-site using standard MTA tools and techniques.
• Ability and experience with maintaining and updating existing security systems support documentation
• Strong oral and written communications skills.
• Strong analytical skills.
• Strong people skills.
• Must be able to move and lift up to 25lbs of equipment such as monitors, keyboards, CPUs, laptops, firewalls, etc.
• Must possess a valid driver's license.
• Proven knowledge and experience with building, configuration, and implementation of Cyber Security system solutions from QA/Test into the production environment.
  • This includes but not limited to Firewall, Proxy, NAC, and Remote Access Solutions

• Ability to take lead during troubleshooting of incidents such as network routing, firewall, remote access problems, E.g., Application and connectivity issues.
• Strong ability to track open Service Ticket System requests from MTA clients and follow through to resolution
• Strong knowledge on all aspects of security system administration.
• Strong knowledge of Web-based and cloud technologies
• Ability to collaborate during planning and system architecture sessions with other teams
• Strong critical thinking skills.
• Ability and experience in planning and coordination of security tasks and activities in support of IT related projects and initiatives involving security systems
• Knowledgeable and ability to integrate various Cyber Security systems and technologies such as SIEM, EDR, other Firewalls, and Internet-based Proxies
• Strong administrative ability to track system inventories of hardware, licensing for product features and assist with gathering information for procurements.
• Ability to recommend and draft effective security policies and procedures.
• Ability to perform research and recommend solutions for security problems to management.
• Ability to design Cyber Security Tool solutions (including but not limited to Palo Alto) and features to support MTA business functions
• Ability to perform auditing functions and recertification of firewall rules
• Experience with auditing and monitoring daily firewall and other security tool activities
• Advanced knowledge of Firewall products and features
• Strong ability to coordinate across MTA, including various departments and Cyber Security Operations Center, in operations and the revision of processes and technology.
• Strong ability to coordinate on project management tasks (in situations where a PM is not assigned)
• Ability to guide and train Level 3 and below staff in the performance of their tasks

Level 5:

Same as level 4 and below with the following additional qualifications:

• SME with In-depth knowledge and integration experience with firewall solutions and other security, Information, and Operational Security Technologies
• Ability to exhibit a superior collaborate presence in MTA engineering and technical sessions
• Strong knowledge of and experience with evaluating Security system software revisions and system patching
• Strong presentation skills and the ability to articulately provide information to management
• A high-level Security Tool expertise in design, configuration, migrations, tuning and customization of features.
• Ability to guide Level 4 and below staff in the performance of their tasks

Education and Experience:



Level 4

• Bachelor's degree in Computer Science, Information Technology or related discipline; or a minimum of 10 years' experience installing, maintaining and supporting security technologies in an office environment.
• Must possess a minimum of 8 years of experience maintaining and supporting security hardware, software, network resources and protocols

Level 5

• Bachelor's degree in Computer Science, Information Technology or related discipline; or a minimum of 12 years' experience installing, maintaining and supporting security technologies in an office environment.
• Must possess a minimum of 10 years' experience maintaining and supporting security hardware, software, network resources and protocols

This is a resume based position in the collective bargaining unit represented by the Transportation Communications Union (TCU) and will be governed by the terms of the associated TCU collective bargaining agreement for IT employees. As such, candidates selected for this position will be represented by TCU and be on MTA payroll. In addition, candidates selected may be required to work at any MTA Agency location.

Pursuant to the New York State Public Officers Law & the MTA Code of Ethics, all employees who hold a policymaking position must file an Annual Statement of Financial Disclosure (FDS) with the NYS Commission on Ethics and Lobbying in Government (the "Commission").

MTA and its subsidiary and affiliated agencies are Equal Opportunity Employers, including with respect to veteran status and individuals with disabilities.

The MTA encourages qualified applicants from diverse backgrounds, experiences, and abilities, including military service members, to apply.