Cybersecurity Architect Levels 1-7 (Application Development & Security Tools)

Cybersecurity Architect Levels 1-7 (Application Development & Security Tools) Job ID: 1150Business Unit: MTA HeadquartersLocation: New York, NY, United StatesRegular/Temporary:Department: IT Cyber SecurityDate Posted: May 15, 2023Description Job Title: Cybersecurity Architect Levels 1-7 (Application Development & Security Tools) Salary Range: Level 1: $82,857 - $105,000 Level 2: $87,685 - $115,500

Level 3: $95,929 - $127,050

Level 4: $102,760 - $139,755

Level 5: $114,537 - $153,731

Level 6: $124,311 - $169,104

Level 7: $140,917 - $186,014HAS POINTS: Level 1 - 282 Level 2 - 323

Level 3 - 393

Level 4 - 451

Level 5 – 551

Level 6 – 634

Level 7 – 775Dept/Div: Office of IT Cyber Security Services Supervisor: Director Application SecurityLocation: 2 Broadway and other locations as requiredHours of Work: 9:00 AM -5:30 PM (7.5 hours/day) or as requiredIn order to protect our employees and continue to provide safe and reliable service to our communities, as of November 14, 2021 we are requiring all new MTA hires to be fully vaccinated against COVID-19 prior to their start date. MTA will consider exceptions for religious and medical reasons, where appropriate. “Fully vaccinated” means you must have both doses of a 2-dose vaccine and two weeks have elapsed since the second dose or have received 1 dose of a 1-dose vaccine and two weeks have elapsed since the dose. Proof of your vaccination status in the form of a CDC vaccine card must be submitted prior to your start date.The purpose of this position is to provide technical expertise in managing and analyzing cybersecurity risks. Cybersecurity Architect will be responsible for complex architecture of solutions to support Information and Operational Technology in a Cybersecurity context. This position works across multiple technology and cybersecurity domains to ensure cybersecurity is looked at holistically from user, data and component, and systems perspectives. This position considers all the security analyst and engineering disciplines for all technologies to ensure solutions meet strong standards when procured, built or configured. The position also considers all risk assessments, data driven analytics, and actively seeks to develop and maintain standards, reference architectures, and reduce risk of the MTA through emerging technologies and trends in the industry. The position will have seven (7) levels (including an internship level) which will require a combination of progressive experience, accomplishments, responsibilities, and/or education and may perform all or some of the responsibilities listed below depending on level.Levels 1 - 5 are Non-exemptLevels 6 – 7 are Administrative

Being a subject matter expert on several security domains related to information and operational technology with primary focus of meeting and improving cybersecurity standards and implementations

Research emerging technologies to stay current and plan for evolving threat landscape to ensure strategy meetings current threats

Ensure cybersecurity technology solutions meet strategy meets security framework objectives and business objectives

Provide guidance and take input from Analysts, Engineers, and Technology Subject Matter Experts on cybersecurity and technology best practices, current threat landscape, and a risk management approach for optimal alignment

Knowledge and practical implementation of secure system configuration and hardening standards

Provide leadership and advisement when necessary during incident response and provide continuous improvement updates to threat model for risks to the business and systems

Provides technology and security domain leadership in various technology areas

Provide review and guidance on tests of new systems and manage cybersecurity risks and remediation system testing, baseline, and best practices

Provides technical guidance to engineers, analysts, project managers and senior leadership on cybersecurity and technology strategies

Provides timely and relevant updates to appropriate stakeholders and decision makers

Communicates investigation findings to relevant business units to help improve the information security posture

Validates and maintains incident response plans and processes to address potential threats

Compiles and analyzes data for management reporting and metrics

Monitors relevant information sources to stay up to date on current attacks and trends

Analyzes potential impact of new threats and communicates risks back to detection analyst, architect, technology SME, and management functions

Uses judgment to form conclusions that may challenge conventional wisdom

Hypothesizes new threats and indicators of compromise

Monitors threat intelligence feeds to identify a range of threats, including indicators of compromise and advanced persistent threats (APTs)

Identifies the tactics, techniques and procedures (TTPs) of potential threats through the MITRE ATT&CK or similar frameworks

Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the IT Security Manager, where appropriate.

Maintains Cybersecurity Reference Architectures and Solutions for applying them

Maintains architectures and develop compensating controls for exceptions when needed

Revalidates systems to most recent reference architectures to determine gaps, develop and manage programs to align systems to newest standards and reference architectures

Level 1

Performs basic analysis while following established procedures to ensure security of systems, contractor, and/or process.

Assists in executing tests and reporting on system security parameters to support security of system, contractor, and/or vendor.

Performs basic troubleshooting and escalates issues as appropriate to ensure effective resolution of security baseline deviations and risks.

Creates basic documentation for cybersecurity systems and user processes

Participates on project teams, providing information and documentation and executing well defined changes under guidance to ensure the infrastructure, application meets cybersecurity established risk levels and organization needs

Assist in security reviews, identify gaps in security architecture, and assist in developing a security risk management plan.

Ensure that acquired or developed system(s) and architecture(s) are consistent with organization's cybersecurity architecture guidelines.

Level 2

Performs analysis while following established procedures to ensure security of systems, contractor, and/or process.

Provides routine analysis on assigned technologies, following established procedures to ensure safety and security of systems, vendor performance, or processes.

Creates and reviews basic documentation as needed for cybersecurity systems internal processes

Reviews and correlates system logs to identify potential cybersecurity and technical issues.

Level 3

Provides proactive monitoring and analysis for a domain of the cybersecurity to ensure systems security baseline targets are met.

Implements changes to one or more cybersecurity related domain technologies, executing tests and reporting on security baselines, violations/anomalies, to meet requested needs.

Troubleshoot and investigate cybersecurity incidents and issues by analyzing a chain of events and applying technical knowledge following established procedures and standards to resolve immediate customer needs.

Maintains and updates existing documentation and standard operating procedures to ensure accurate and timely information is available for assigned systems.

Works with more experienced colleagues and other IT technical resources to improve coordination of cybersecurity requirements and analyze issues as they arise

Participate in the evaluation of new products and technologies, under the direction and guidance of senior colleagues, relevant to assigned cybersecurity area to enhance cybersecurity posture and reduce risk to the MTA while achieving objectives.

Assist in security reviews, identify gaps in security architecture, and develop a security risk management plan.

Level 4

Executes to the defined product lifecycle, manages the product lifecycle for a component of the infrastructure, proposes changes for implementation, gathers data and analyzes capacity and performance to assure operational availability.

Analyzes the current state of the infrastructure and identifies opportunities for improvement to ensure systems meet business needs. Contributes to changes to established roadmaps, documents them effectively and executes the implementation of changes in their area(s) of responsibility.

Provides ongoing support and troubleshooting for installed technical solutions by analyzing a chain of events and applying technical knowledge, following established procedures and standards to resolve immediate customer needs.

Investigates, evaluates, and tests new products and technologies relevant to assigned infrastructure subsets to enhance cybersecurity analytics and overall security posture. Implements and/or supports the implementation of new technologies for their area of the cybersecurity that affects infrastructure, applications and/or processes.

Promotes security standards and supports efforts to expand and migrate to future security architecture to improve security and share learning.

Develop/integrate cybersecurity designs for systems and networks with security requirements involving critical systems and/or the processing of classified data.

Document and address organization's information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle.

Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.

Assist with the process of performing application code reviews, system vulnerability assessments, and penetration testing to test the strength of the MTA computing environment.

Level 5

Provides more advanced analytical capability in several security domains.

Adds new components to a roadmap, documents them effectively, and directs the testing and implementation of changes.

When provided with an objective to improve security in their security domain(s) and related technology, develops and implements action plans needed to effect the change.

Research new technologies/products and their impact on the infrastructure, prepares a preliminary evaluation of technologies/products and associated costs, and develops and presents recommendations to support anticipated future business needs.

Receives security and performance data and analyzes the baselines and efficacy of installed technologies. Proposes and implements any required changes, including identifying and planning for any resulting impacts on other technologies to optimize system availability and continuity.

Provides ongoing support and troubleshooting for incidents, correlations and reporting to more junior analysts to resolve immediate security threats and/or customer needs.

Provides technical leadership to project teams in their area of expertise and/or leads teams to complete projects specific to their area(s) of expertise to maximize and share learning.

Provides guidance and technical coaching to less experienced staff to support effective workflow and develop technical talent.

Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents.

Determine the protection needs (i.e., security controls) for the information system(s) and network(s) and document appropriately.

Ensure that Applications follow security best practices and are integrated throughout the SDLC.

Level 6

Serves as a technical resource for multiple components of the security architecture, risk analysis, and analytics to help define the problems and identify remediation strategies for them.

Troubleshoots and analyzes most problems within assigned area(s), providing cybersecurity correlation, expertise, and resolution that may be complicated by technology interdependency and challenging security issues

Participates in planning for the future technical architecture, providing insight into the future of their area of technology in order to continually improve effectiveness and efficiency.

Participates in or leads the development of roadmaps related to their area(s) of expertise to manage and meet identified technology needs.

Participates in the evaluation of new technologies relative to their domain(s) to determine applicability to and best meet the needs of MTA and constituent agencies.

Specifies the monitoring points to assess performance of technologies in their domain(s). Recommends the necessary actions to ensure optimal performance and reliability.

Develops disaster recovery and contingency plans for their domain(s) to provide users with minimal interruptions in service.

Provides technical leadership to project teams in their area of expertise to promote technical understanding and talent development and/or leads teams to complete projects when a project manager has not been assigned.

Contributes to the technical elements of RFPs and RFIs and negotiates with vendors on technical issues to ensure results are delivered in line with user and organization requirements.

Interacts with major providers at the technical expert level to address mission critical issues, evaluates ongoing vendor service level and enforces SLAs and penalties.

Level 7

Acts as a technical resource for multiple technologies, with vast knowledge of the capabilities and constraints of technologies supported to continually improve system effectiveness and efficiency.

+