CyberSecurity Officer Manager Identity and Privileged Access Management
4 weeks ago
JOB TITLE: Cybersecurity Officer Identity and Privileged Access Management
SALARY RANGE: $144,450.00 -$191,000.00
HAY POINTS: 805
DEPT/DIV: Information Technology / Cybersecurity
SUPERVISOR: Cybersecurity Director Identity & Access
LOCATION: Vario 2 Broadway New York, NY 10004
HOURS OF WORK: 9:00 am - 5:30 pm (7.5 hours) or as required
This position is eligible for telework which is currently two day per week. New hires are eligible to apply 30 days after their effective date of hire.
About us:
The MTA transportation network has very large systems and infrastructure for financial, business, automated train, transportation, power, and physical security. The MTA IT Department is centrally responsible for providing a full range of Information and Operational Technology services to the MTA agencies and administrative units through its operating and support units.
The MTA IT Cybersecurity organization, is responsible for identifying, developing, implementing, and integrating cybersecurity-related processes internal and third-party supplier organizations to reduce the operational risks, reputational risks and financial risks. The organization also has robust cybersecurity operations functions designed to protect the MTA in real-time on a 7/24/365 basis.
Summary of Job
The purpose of this position is to lead the Privileged Access Management (PAM) team to ensure the security and compliance of privileged accounts through the development and implementation of advanced PAM strategies. Oversee the deployment of PAM tools, collaborate with Identity and Access Management (IAM) and Identity Governance and Administration (IGA) teams for integrated identity solutions, and stay updated on emerging technologies and industry trends within identity security. Drive the adoption of contextual and continuous zero trust principles across local domains and clouds to enhance security measures.
As part of managing the program, the Cybersecurity Manager will need expertise in managing a complex program with highly skilled staff, contracts, and processes associated with risk management that are essential to maintaining electronic and physical safety for MTA's business in all areas that utilize technology (Corporate, Customer Facing and Informational, Fare Payment/PCI, Operational Technologies, 3 rd Party Managed, Vendors, etc.).
The Cybersecurity Manager will be responsible for managing and developing staff, technology, and processes to reduce risk with the evolved cyber threat landscape and changing technology portfolio. The Manager works across multiple technology and cybersecurity domains to ensure cybersecurity is looked at holistically from user, data and component, and systems perspectives. The Manager also considers all risk assessments, data driven analytics, and actively seeks to develop and maintain standards, reference architectures, and reduce risk of the MTA through emerging technologies and trends in the industry.
The Manager is expected to have a level of expertise in one or more domains of technology effective management. There is a long list of these specialized domains in the cybersecurity field and this list is growing and everchanging as the field evolves and as risks and circumstances change.
Responsibilities
Leadership
- Provide leadership to a strong talent pool of technical professionals
- Lead a team of multi-functional technical staff planning, building, and maintaining cybersecurity tools, configurations and risk mitigation to support Information and Operational Technology applications and/or infrastructure products
- Lead others, as appropriate, and when necessary, that will consist of one or more agile coaches, data analytic researchers and other cybersecurity personnel
- provide leadership in development of inter-team communication and cohesiveness; sustain culture and supporting assigned staff during organizational growth/changes.
- Provide direction on evaluation, selection, implementation, and maintenance of cybersecurity tools, processes, and techniques for their assigned cyber domains and products, ensuring appropriate investment in strategic and operational systems.
- Leads teams to complete projects when a project manager has not been assigned.
- Attain significant achievements managing technical teams, contractors and vendors.
Human Resource Management
- Attract, develop, coach and retain high-performance team members, empowering them to elevate their level of responsibility, span of control and performance in conjunction with the Cybersecurity Management and IT Workforce Planning & Workload Management office.
- Build staff expertise and competence to meet evolving demands within the Enterprise Product Management unit.
Financial Management
- Demonstrate consistent understanding of funding, communications and systems; recommend timelines and resources needed to achieve the program goals.
- Collaborates with IT Business Management Services to identify procurement contracts to support program related activities.
Strategy & Planning
- Assesses and makes recommendations on the improvement and re-engineering within the IT Department and work with the stakeholders at keeping the total cost of ownership down.
- Promote the use of employee self -service and mobile connectivity within products to reduce the reliance of paper.
- Recommends and supports automation of business process creating in-line forms and approvals, reducing the reliance on manual approvals that could be untimely.
- Uses judgment to form conclusions that may challenge conventional wisdom
Acquisition & Deployment
- Coordinates and facilitates consultation with stakeholders to define business and systems requirements for new technology implementations, developing business case and cost justifications for such initiatives.
- Provides direction on evaluation, selection, implementation and maintenance of information systems, ensuring appropriate investment in strategic and operational systems.
- Advises MTA IT management, as information becomes available, in the changing trends and emerging technology and their potential use within the MTA.
- Directs the development of the analysis required to determine if Information Technology projects should follow a "Build" (develop with in-house staff) or "Buy" (cloud or packaged solution) methodology.
- Manages the development and implementation of new modules within assigned products.
- Advises on the selection, prioritization, development and implementation on products as they relate to the selection, acquisition, development, and installation of MTA IT and OT Security, applications and infrastructure.
Management and Oversight
- Participates in overall business planning bringing a current knowledge and future vision of technology and systems as related to the company's goals.
- Responsible for leading and reporting on various product progress and deliverables ensuring that the IT/OT needs of the MTA are met on time and within budget, including identifying weekly, monthly and annual performance targets to show progress on IT product work and OT objectives.
- Ensure continuous delivery of product services through oversight of service level agreements with end users and monitoring of product performance.
- Responsible for the recruitment, development, motivation, training and retention of a diverse and high performing multi-level IT/OT team professionals, conforming to budgetary objectives and Human Resources policy and programs in conjunction with the IT Workforce Planning & Workload Management office.
- Develop business case justifications and cost/benefit analyses for IT spending and initiatives keeping customizations to a minimum and total cost of ownership down.
Cybersecurity Officer-Specific Accountabilities:
Planning
- Manage and plan the future technical architecture, providing insight into the future of their area of technology in order to continually improve effectiveness and efficiency.
- Manage and plan the development of roadmaps related to their area(s) of expertise to manage and meet identified technology needs.
- Manage and plan the evaluation of new technologies relative to their domain(s) to determine applicability to and best meet the needs of MTA and constituent agencies.
- Manage and ensure disaster recovery and contingency plans for their domain(s) to provide users with minimal interruptions in service.
Architecture
- Oversees architectural direction for domains under management to meet senior management and cybersecurity goals.
- Understand, review, and approve Cybersecurity Reference Architectures and Solutions for applying them.
- Revalidates systems to most recent reference architectures to determine gaps, develop and manage programs to align systems to newest standards and reference architectures.
- Must possess a deep understanding of PAM principles, technologies, and best practices
- Understanding of Operating Systems, Cloud, Mobile, and Applications
- Proven ability to manage PAM, IAM, IGA projects and initiatives effectively, ensuring timely and successful delivery.
- Some Scripting or programming skills (PERL, Python, PowerShell, etc.) preferred as needed.
- Proficient in Productivity Tools (ie. Office 365, Gsuite)
- Experience with Spreadsheets and Data Analysis
- Successful track record in design of software systems to meet the current and future needs of a complex organization OR successful track record in design and implementation of IT Infrastructure and related hardware and software technologies to meet the current and future needs of a complex transportation organization.
- Strong Verbal/written communications skills
- Financial/budgeting planning and management experience a plus.
- Ability to fit in with the constant shifting needs and demands of the business Departments
Contracts/Vendor Management
- Contribute and own technical elements of RFPs and RFIs and negotiates with vendors on technical issues to ensure results are delivered in line with user and organization requirements.
- Manages contracts and expenses to ensure SLAs and contract renewals are processed timely
- Provide contract management support to ensure vendor deliverables are met
- Manage and lead major projects and assigned service providers with technical expertise to address mission critical issues, evaluates ongoing vendor service level and enforces SLAs and penalties.
Documentation
- Ensure detailed and updated documentation is in place for cybersecurity systems and user processes.
- Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the IT Security Manager, where appropriate.
Guidance, Communications and Training Support
- Provides timely and relevant updates to appropriate stakeholders and decision makers
- Communicates investigation findings to relevant business units to help improve the information security posture
- Provides technical guidance to project managers and senior leadership on cybersecurity and technology strategies
- Ensure quality and review and guidance on tests of new systems and manage cybersecurity risks and remediation system testing, baseline, and best practices
- Provide escalation support to project teams in their area of expertise to promote technical understanding and talent development
- Provide guidance and take input from Analysts, Engineers, Architects and Technology Subject Matter Experts on cybersecurity and technology best practices, current threat landscape, and a risk management approach for optimal alignment
- Provides sound cybersecurity recommendations
Operations
- Provide leadership and advisement when necessary during incident response and provide continuous improvement updates to threat model for risks to the business and systems
- Ensure specific monitoring points are continually updated to assess performance of technologies in their domain(s). Identify and manage the necessary actions to ensure optimal performance and reliability.
Research & Analysis
- Validates and maintains incident response plans and processes to address potential threats
- Compiles and analyzes data for management reporting and metrics
- Research emerging technologies and process improvements to stay current and plan for evolving threat landscape to ensure strategy meetings current threats
- Monitors relevant information sources to stay up to date on current attacks and trends
- Ensure cybersecurity technology solutions meet strategy meets security framework objectives and business objectives
- Hypothesizes new threats and indicators of compromise
- Performs other duties and tasks
- Observing the work performed by the contractor
- Reviewing invoices and approving them if the work had contractual standards
- Addressing performance issues with the contractor when possible
- Escalating issues to other parties as needed
Qualifications:
Education and experience:
Experience
- Bachelor's Degree in Computer Science or related fields or equivalent experience. An equivalent combination of education and experience may be considered in lieu of degree.
- CISSP, CISM, or other advanced security-related certification preferred
- Certifications in technology subdomains preferred (ie. Cloud, Applications, Infrastructure, Security Technology, etc.).
- A minimum of 4 plus years of relevant experience.
- Requires prior experience with installing, maintaining and troubleshooting technology systems.
- Experience in Project Management Principles (Waterfall and Agile) preferred.
Competencies
- Must possess a deep understanding of technology and cybersecurity domain principles.
- Proven ability to manage projects and initiatives.
- Proven ability to manage people.
- Proven ability to add value to a team.
- Understanding of Operating Systems, Cloud, Mobile, and Applications.
- Understanding of TCP/IP (OSI Layers 1- 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.
- Some Scripting or programming skills (PERL, Python, PowerShell, etc.) preferred as needed.
- Proficient in Productivity Tools (ie. Office 365, Gsuite).
- Experience with Spreadsheets and Data Analysis.
- Successful track record in design of software systems to meet the current and future needs of a complex organization OR successful track record in design and implementation of IT Infrastructure and related hardware and software technologies to meet the current and future needs of a complex transportation organization.
- Strong Verbal/written communications skills.
- Financial/budgeting planning and management experience a plus.
- Ability to fit in with the constant shifting needs and demands of the business Departments.
GENERAL :
- May need to work outside of normal work hours (i.e., evenings and weekends)
- Travel may be required to other MTA locations or other external sites
Pursuant to the New York State Public Officers Law & the MTA Code of Ethics, all employees who hold a policymaking position must file an Annual Statement of Financial Disclosure (FDS) with the NYS Commission on Ethics and Lobbying in Government (the "Commission").
CyberSecurity Officer Manager Identity and Privileged Access Management
-
Manager, Identity
4 weeks ago
New York, United States Capital One Full timeCenter 3 (19075), United States of America, McLean, VirginiaManager, Identity & Access ManagementCapital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of...
-
Director of Privileged Access Management
1 month ago
New York, New York, United States MatchPoint Full timeDirector of Privileged Access ServicesWe're seeking a seasoned leader to spearhead our Privileged Access Services (PAM) strategy, driving innovation and security across our digital landscape.Key Responsibilities:Develop and execute a comprehensive PAM strategy, incorporating scan/discovery, remediation, password management, automation, and resiliency.Design...
-
Identity and Access Management Specialist
7 days ago
New York, New York, United States CyberTec Full timeJob Title: IAM EngineerJob Summary:CyberTec is seeking a highly skilled Identity and Access Management (IAM) engineer to join our team. As a senior IAM engineer, you will be responsible for providing subject matter expertise for comprehensive Privileged Access Management (PAM) deployments in a large, distributed environment.Key Responsibilities:1. Deploy PAM...
-
Cybersecurity Engineer
2 weeks ago
New York, New York, United States rag & bone Full timeJob Title: Cybersecurity EngineerAt rag & bone, we're seeking a highly skilled Cybersecurity Engineer to join our team. As a key member of our security team, you'll play a crucial role in fortifying our organization against cyber threats.Key Responsibilities:Design, implement, and oversee a comprehensive cybersecurity framework to protect our infrastructure,...
-
New York, New York, United States DTG Consulting Solutions, Inc. Full timeJob SummaryWe are seeking a highly skilled Cybersecurity Engineer, Identity and Access Management to join our team at DTG Consulting Solutions, Inc. As a key member of our security team, you will be responsible for designing and implementing secure systems and processes to protect our organization's assets.Key ResponsibilitiesSecurity Engineering:...
-
New York, New York, United States Vantage Point Consulting Inc. Full timeJob DescriptionVantage Point Consulting Inc. is seeking a highly skilled Senior Manager, Cybersecurity Identity and Access Management to join our team. The successful candidate will be responsible for integrating Okta with other systems, applications, and services used within the Client environment.Key Responsibilities:Design, implement, and maintain the...
-
Cybersecurity Account Manager
2 weeks ago
New York, New York, United States Cybersecurity company Full timeJob OverviewWe are seeking a highly motivated and experienced Cybersecurity Account Manager to join our team. The successful candidate will be responsible for selling our Network Performance Monitoring and Application Performance Monitoring software products to Enterprise customers in the Tri-State territory.The ideal candidate will have a stable background,...
-
New York, New York, United States Five Cubes, Inc. Full timeJob Title: S enior Identity & Access Management EngineerJob Summary:The Five Cubes, Inc. team is seeking a seasoned Senior Identity & Access Management Engineer to provide subject matter expertise for comprehensive PAM deployments in a large, distributed environment.Key Responsibilities:Deploy the PAM solution to Windows and Linux servers, install session...
-
Director of Privileged Access Services
1 month ago
New York, United States MatchPoint Full timeWe’re Hiring! Director of Privileged Access Services (PAM) Location: HYBRID (2 days onsite required – must live within 50 miles of one of these locations):- Collegeville, PA- Bothell, WA- New York City, NY- Tampa, FL- Groton, CTRate: $100-$110/ hr⏳ Duration: 3-Month Contract to HireLooking for indvidulas whom are in Director and VP roles. Role...
-
Identity and Access Manager
1 month ago
New York, New York, United States Park National Bank Full timeJob SummaryWe are seeking a highly skilled Identity and Access Manager to join our team at Park National Bank. As a key member of our security team, you will be responsible for developing, implementing, and maintaining our Identity and Access Management (IAM) program.Key ResponsibilitiesDevelop and maintain an IAM program that aligns with the bank's strategy...
-
Senior Identity and Access Management Specialist
2 weeks ago
New York, New York, United States Hudson River Trading Full timeJob SummaryHudson River Trading (HRT) is seeking a highly skilled Senior Identity and Access Management (IAM) Specialist to join our Identity & Access Management (IAM) team. In this role, you will design and implement secure identity, authentication, and access control solutions that strategically impact HRT's global cyber security systems.Key...
-
New York, New York, United States TEPHRA Full timeJob DescriptionThe Director of Identity and Access Management Practice will be responsible for leading our Identity and Access Management (IAM) practice in North America. This role requires a strong leader with exceptional understanding and subject matter expertise in identity management strategies, including Single Sign On, Multifactor Authentication,...
-
Cybersecurity Engineer
2 weeks ago
New Bedford, Massachusetts, United States MITRE Full timeWhy choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges—and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work...
-
Cybersecurity Architect Position
7 days ago
New York, New York, United States Solomon Page Full timeWe are seeking a Cybersecurity Architect to join our Global Cybersecurity Architecture Center of Excellence. This role will involve developing and maintaining security frameworks and architectures, technical standards and guidelines across the security domains of identity, network infrastructure and endpoints.The successful candidate will work closely with...
-
Cybersecurity Manager
3 months ago
New York, United States Insero Talent Solutions Full timeInsero Talent Solutions is recruiting a Cybersecurity Manager for a manufacturing company in Rochester, NY.General ResponsibilitiesSafeguards information system assets by identifying and solving potential and actual security problems.Specific DutiesProtects system by defining access privileges, control structures, and resources.Recognizes problems by...
-
Enterprise Account Executive
2 weeks ago
New York, New York, United States Simeio Full timeJob Title: Enterprise Account ExecutiveWe are seeking a highly skilled Enterprise Account Executive to join our team at Simeio. As a key member of our sales team, you will be responsible for establishing and nurturing trusted relationships with enterprise accounts in the New York area.Key Responsibilities:Identify specific sales opportunities by engaging...
-
Cyber Security
4 weeks ago
New Bremen, OH, United States Crown Equipment Corporation Full time*Company Description:*Crown Equipment Corporation is a leading innovator in world-class forklift and material handling equipment and technology. As one of the world’s largest lift truck manufacturers, we are committed to providing the customer with the safest, most efficient and ergonomic lift truck possible to lower their total cost of ownership.*Primary...
-
Identity Management Director
7 days ago
New York, New York, United States Aegistech Full timeAegistech is seeking a highly skilled Identity Management Director to lead our Identity and Access Management (IAM) initiatives. As a key member of our team, you will be responsible for designing, implementing, and maintaining our IAM solutions to ensure the security and integrity of our systems and data.Key Responsibilities:Develop and implement IAM...
-
Cybersecurity Architect
2 weeks ago
New York, New York, United States Solomon Page Full timeCybersecurity ArchitectSolomon Page is seeking a highly skilled Cybersecurity Architect to join our team. As a key member of our Global Cybersecurity Architecture Center of Excellence, you will be responsible for developing and maintaining security frameworks and architectures, technical standards and guidelines across the security domains of identity,...
-
Cybersecurity Architect
6 days ago
New York, New York, United States Solomon Page Full timeWe are seeking a highly skilled Cybersecurity Architect to join our Global Cybersecurity Architecture Center of Excellence. In this role, you will develop and maintain security frameworks and architectures, technical standards and guidelines across the security domains of identity, network infrastructure and endpoints.This position requires a deep...
