Job Title: Security Manager - Expert Task ID: HBITS-08-14870 Position Duration: 24 Months Client: State of NY Agency: Information Technology Services
Please call
(703) 466-0951 | (571) 351-1868 | (703) 348-3018 or email at
nysreqs@ilinksolutions.com
Description
Responsibilities include but not limited to the following: Develop and Implement
Security Strategy: Design, implement, and maintain a comprehensive cybersecurity strategy specifically tailored for IT/OT convergence in transportation systems. This includes risk assessments, vulnerability management, and incident response planning.
IT/OT Security Architecture: Oversee the design and implementation of secure IT/OT architectures, ensuring that security controls are integrated at all levels, from enterprise networks to industrial control systems (ICS) and SCADA environments.
Risk Management and Compliance: Conduct regular risk assessments of IT and OT systems, identify potential vulnerabilities, and develop mitigation strategies. Ensure compliance with relevant industry standards, regulations (e.g., TSA directives, NERC CIP if applicable, NIST frameworks), and best practices.
Threat Intelligence and Monitoring: Establish and manage a robust threat intelligence program to proactively identify and respond to emerging cyber threats targeting transportation infrastructure. Implement and oversee security monitoring tools and processes for both IT and OT environments.
Incident Response and Forensics: Develop and lead the incident response plan for cybersecurity events affecting IT/OT systems. Coordinate response efforts, conduct forensic investigations, and implement corrective actions to prevent recurrence.
Vulnerability Management: Implement and manage a comprehensive vulnerability management program for all IT and OT assets, including regular scanning, penetration testing, and patch management.
Security Awareness and Training: Develop and deliver cybersecurity awareness training programs for IT, OT, and operational staff, emphasizing the unique risks associated with IT/OT convergence.
Vendor and Third-Party Risk Management: Assess and manage the cybersecurity risks associated with third-party vendors and service providers who have access to or interact with IT/OT systems.
Collaboration and Stakeholder Management: Collaborate closely with IT, OT engineering, operations, and other relevant departments to ensure security is a core consideration in all system design, development, and operational activities. Communicate security risks and strategies effectively to senior management and stakeholders.
Budget Management: Develop and manage the cybersecurity budget for IT/OT convergence initiatives.
Stay Current: Continuously research and stay abreast of the latest cybersecurity threats, vulnerabilities, technologies, and best practices relevant to transportation and critical infrastructure.
Mandatory Qualifications| 1 | 84 months of experience in cybersecurity, with at least 3-5 years in a management or leadership role. |
| 2 | 84 months of experience in securing IT and OT environments, IT/OT convergence challenges and solutions specifically in the Transportation Systems Management and Operations. |
| 3 | 72 months of experience in developing and implementing cybersecurity strategies, policies, and procedures in IT and OT environments specifically in the Transportation Systems Management and Operations. |
| 4 | 60 months of experience with risk assessment methodologies and frameworks (e.g., NIST RMF, ISO 27001). |
| 5 | 60 months of experience with incident response, threat hunting, and digital forensics. |
| 6 | 60 months of experience with vulnerability management tools and processes. |
| 7 | 60 months of experience collaboration with cross-functional teams; and producing both written and verbal communication articulating security concepts to both technical and non-technical audiences |
| 8 | MUST hold at least one of these Certifications: **CISSP **CISM **GIAC **GICSP |
| Required Documentation | " Re sume
" Copy of Candidate Identification
(i.e., Driver's License/Green Card/Visa and Passport if applicable)
" Any documents referenced in the above Requested Qualifications
(i.e., professional certifications, degrees, etc.) |
Disclaimer: i-Link Solutions Inc. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. We especially invite women, minorities, veterans, and individuals with disabilities to apply. EEO/AA/M/F/Vet/Disability