Vacancy expired!
Your success is a train ride away.
Amtrak connects businesses and communities across the country and we move America's workforce toward the future. We employ more than 20,000 diverse, energetic professionals in a variety of career fields throughout the United States. The safety of our passengers, our employees, the public and our operating environment is our priority and the success of our railroad is the result of our employees. Are you ready to join our team?Our values of Do the Right Thing, Excel Together and Put Customers First are at the heart of what matters most to us, and our Core Capabilities, Building Trust, Accountability, Effective Communication, Customer Focus, and Proactive Safety & Security are what every employee needs to know and do to be most impactful at Amtrak. SUMMARY OF DUTIES: The Senior Principal Cybersecurity Zero Trust Engineer embodies security-first principles, constantly assesses the threat landscape, and adapt quickly to manage enterprise risk, as well as technology integration and deployment requirements. A rare opportunity to help build a modern cybersecurity program at a legacy company. You will be part of a growing Cyber Engineering team. Our team is responsible for providing cyber defense mitigations amongst three critical infrastructure sectors: Transportation, Energy and Emergency Services. This role will be responsible for championing security operations requirements, transforming design into operational platforms, engineering cyber resilience through cyber defense deployments, integrations, optimization, calibration, and the overall management of the cyber defense ecosystem to support full-spectrum security operations. ESSENTIAL FUNCTIONS: As a Senior Principal Cybersecurity Zero Trust Engineer you will:- Serve as the technical lead for complex cyber engineering projects as established by the service owner.
- Serves as a service offering lead of security technologies in support of the service owner and cybersecurity strategic plan.
- Champion security operations requirements.
- Transform design into functional operational requirements.
- Responsible for the deployment, integration, optimization, calibration, and management of your cyber defense service pillar.
- Remain current on cyber security trends, evaluate new technology, provide recommendations to reduce or mitigate security threats.
- Translate business requirements to technical solutions, identify cyber risk and recommend solutions.
- Provide cross-functional support and advisory to governance, risk, and compliance (GRC), enterprise/solution and cybersecurity architecture, and IT/OT service teams.
- Develop technical product documentation for cyber defense toolsets.
- Develop standard operating procedures for cyber defense toolsets.
- Develop and design process engineering workflows for cyber defense toolsets.
- Bachelor's Degree in Computer Science, Information Systems, Cybersecurity, Engineering, or related field plus 9+ years of relevant experience required.
- 13+ years of relevant work experience required to satisfy education and experience requirements: systems/security engineering, systems administration, network or cloud security, cyber security analyst, penetration testing, security operations center, or incident response.
- 5+ years' experience as technical lead for projects for medium to large enterprises
- 3+ years' experience as technical lead for operational teams
- Professional working experience with at least one or more: Python, PowerShell, Bash/Shell scripting for task automation or tool creation.
- Proven ability to clearly document and communicate security findings, prioritize key risks to the business and recommend solutions to leadership.
- Must possess excellent customer service, strong communication and interpersonal skills, work well with others in an integrated team environment, and must be self-motivated.
- Familiar with Zero Trust (ZT) architectures in addition to zero trust best practices. Familiar and experience with ZT vendor products and solutions such as SOAR, Identity, SIEM. Works with internal stakeholders to plan and implement complex Zero Trust solutions.
- Deep understanding of adversary tactics, techniques, procedures, and tools.
- Deep understanding of one or more: OWASP, CVSS, MITRE ATT&CK, MITRE SHIELD/ENGAGE/D3FEND Frameworks, Security Development Lifecycle (SDL), Threat Modeling/Microsoft STRIDE
- Familiarity with NIST SP 800-160v2 Developing Cyber Resilient Systems
- Experience with managing a security ecosystem consisting of SIEM/SOAR, EDR/AV, CASB, IDS/IPS, DLP, UEBA, FW, IAM/SSO, etc. technologies .
- Experience working with Microsoft Sentinel, Logstash or Security Information Event Management (SIEM) systems (i.e.: Splunk, Elasticsearch, ArcSight, QRadar, SumoLogic, LogRhythm).
- Experience managing cyber defense infrastructure in Cloud environments.
- Experience with terraform or infrastructure as code (IaC).
- Experience with Cloud Platform Security (Azure, AWS, Salesforce), API security, application security, microservices, Kubernetes, Docker or distributed tracing.
- Experience with Microsoft Defender 365 Security.
- Experience with EDR (Endpoint Detection and Response), CASB (Cloud Access Security Broker), Email Security, Data-Loss Protection, Anti-Virus, Identity Management.
- Experience with Microsoft Sentinel Notebooks or Security Orchestration, Automation and Response (SOAR) tools.
- One or more cloud certifications: Microsoft Certified: Security Operations Analyst Associate (SC-200), Microsoft Certified: Identity and Access Administrator Associate (SC-300), Microsoft Certified: Information Protection Administrator Associate (SC-400).
- One or more cloud certifications: Microsoft Certified: Azure Security Engineer Associate (AZ-500), Microsoft Certified: Azure Solutions Architect Expert (AZ-104, AZ-303, AZ-304), AWS Certified Security, AWS Certified Solutions Architect, AWS Certified Advanced Networking.
- Master's degree in Information Technology, Cybersecurity, or equivalent
- 11+ years of experience in cybersecurity engineering specialization.
- Basic knowledge of Operation Technology (OT), SCADA, HVAC and/or IoT
- One or more cybersecurity certifications: GPYC, GRID, GCIH, GCWN, GCDA, GDSA, GDAT, GCED, GCFA, GFCE, GDAT, GCTI, GMON, OSCP, OSCE, OSWP, OSEP, OSWE, CEH, CHFI, etc
- Must have excellent oral and written communication skills.
Vacancy expired!