Sound Transit
Manager - Information Security Engineering
Join to apply for the
Manager - Information Security Engineering
role at
Sound Transit
Salary range:
$104k to $206k with a midpoint of $155k. New hires typically receive between minimum and midpoint, however, we may go slightly higher based on experience, internal equity and market.
Benefits:
Health Benefits: Two medical plan choices, dental and vision plans all at no cost for employee coverage; comprehensive benefits for employees and eligible dependents.
Long-Term Disability and Life Insurance
Employee Assistance Program
Retirement Plans: 401(a) – 10% employee contribution with a 12% match by Sound Transit; 457(b) – up to IRS maximum (employee only contribution).
Paid Time Off: 25 days annually with increases at four, eight and twelve years of service. Higher accrual for director level and above. 12 paid holidays, up to 2 floating holidays and 2 volunteer days per year.
Parental Leave: 12 weeks for new parents
Pet Insurance discount
ORCA Card: All full-time employees receive an ORCA card at no cost.
Tuition Reimbursement: Up to $5,000 annually for approved tuition expenses.
Inclusive Reproductive Health Support Services
Work‑life balance, professional development opportunities and recognition from colleagues.
General Purpose Under general direction the Information Security Engineering Manager oversees and operates several essential Information Security functions, including Security Engineering and information security tool management. The role supports service owners, system owners, and stakeholders to ensure systems are compliant with the agency’s information security standards. The manager also supports the operations of other functions of the Agency’s Information Security Management System (ISMS).
Essential Functions
Serves as Service Owner for related Information Security Engineering services.
Supports Information Security Architecture and Security Operations services.
Manages personnel for the Information Security Engineering components.
Provides guidance to technical professionals in the Security Engineering functions.
Participates in the implementation of the agency’s information security program.
Participates in the creation of governance documents (policies, standards, baselines, guidelines, procedures).
Identifies and assesses technology‑related risks and recommends mitigating controls.
Influences design of prospective technology solutions in accordance with agency standards.
Evaluates, implements, and supports security‑focused tools and services.
Collaborates with other IT engineering and administration disciplines to incorporate security best practices.
Consults with internal customers on risk assessment, threat modeling, and vulnerability mitigation.
Conducts security assessments, evaluates controls, and provides feedback to management and system owners.
Performs regular security reviews of software and processes, produces threat models, and recommends enhancements.
Participates in ongoing information security education, awareness, and outreach activities.
Participates in incident investigation and response efforts, leading when needed.
Participates in computer and network forensic investigations.
Prepares regular reports on relevant metrics for stakeholders.
Coaches, manages, mentors, and develops staff.
Maintains up‑to‑date professional skills and knowledge of latest security threats and countermeasures.
Champions and models Sound Transit’s core values and demonstrates value‑based behaviors.
Contributes to a culture of diversity, equity, and inclusion in alignment with the equity and inclusion policy.
Follows agency safety rules, regulations, and procedures in all duties.
Integrates sustainability into everyday business practices.
Other duties as assigned.
Minimum Qualifications
Bachelor’s degree in Computer Science, Information Technology, Business Administration, Engineering, or closely related field.
Five years of information technology experience focused on security engineering and operations, or equivalent combination of education and experience.
Three years of leadership, budgetary, planning and workforce management experience.
Required Licenses or Certifications
Certified Information Systems Security Professional (CISSP), or obtain within 12 months of hire.
Preferred Licenses or Certifications
Certified Information Security Manager (CISM)
Information Technology Infrastructure Library (ITIL)
Certified Ethical Hacker (CEH)
Certified Cyber Forensics Professional (CCFP)
GIAC Certified Incident Handler (GCIH)
Required Knowledge and Skills
Strong command of ITIL core processes and principles.
Strong command and experience with information security architecture and engineering principles.
General knowledge of the NIST 800 series, PCI DSS, and ISO 27001/2 frameworks.
Experience in Information Security, Security Architecture, Security Engineering, or Security Operations.
Understanding of information technology and security controls.
Experience with security-related technologies, systems, and tools.
Proficiency in MS Office (Project, Word, Excel, PowerPoint, SharePoint).
Strong team leadership and verbal/written communication skills.
Ability to work in highly collaborative environments.
Strong workload prioritization and self‑organization skills.
Strong project management skills.
Preferred Knowledge and Skills
Understanding of Cloud Computing environments (Microsoft Azure preferred).
Physical Demands / Work Environment
Hybrid office environment.
Requires communication with stakeholders and use of specialized security tools; may involve bending, hearing, sitting, standing, talking, seeing, and lifting up to 25 lbs.
Agency promotes a safe and healthy work environment and provides appropriate safety and equipment training.
Sound Transit is an equal employment opportunity employer. No person is unlawfully excluded from employment action based on race, color, religion, national origin, sex (including gender identity, sexual orientation and pregnancy), age, genetic information, disability, veteran status or other protected class.
Seniority Level Mid‑Senior level
Employment Type Full-time
Job Function Information Technology
#J-18808-Ljbffr
Manager - Information Security Engineering
role at
Sound Transit
Salary range:
$104k to $206k with a midpoint of $155k. New hires typically receive between minimum and midpoint, however, we may go slightly higher based on experience, internal equity and market.
Benefits:
Health Benefits: Two medical plan choices, dental and vision plans all at no cost for employee coverage; comprehensive benefits for employees and eligible dependents.
Long-Term Disability and Life Insurance
Employee Assistance Program
Retirement Plans: 401(a) – 10% employee contribution with a 12% match by Sound Transit; 457(b) – up to IRS maximum (employee only contribution).
Paid Time Off: 25 days annually with increases at four, eight and twelve years of service. Higher accrual for director level and above. 12 paid holidays, up to 2 floating holidays and 2 volunteer days per year.
Parental Leave: 12 weeks for new parents
Pet Insurance discount
ORCA Card: All full-time employees receive an ORCA card at no cost.
Tuition Reimbursement: Up to $5,000 annually for approved tuition expenses.
Inclusive Reproductive Health Support Services
Work‑life balance, professional development opportunities and recognition from colleagues.
General Purpose Under general direction the Information Security Engineering Manager oversees and operates several essential Information Security functions, including Security Engineering and information security tool management. The role supports service owners, system owners, and stakeholders to ensure systems are compliant with the agency’s information security standards. The manager also supports the operations of other functions of the Agency’s Information Security Management System (ISMS).
Essential Functions
Serves as Service Owner for related Information Security Engineering services.
Supports Information Security Architecture and Security Operations services.
Manages personnel for the Information Security Engineering components.
Provides guidance to technical professionals in the Security Engineering functions.
Participates in the implementation of the agency’s information security program.
Participates in the creation of governance documents (policies, standards, baselines, guidelines, procedures).
Identifies and assesses technology‑related risks and recommends mitigating controls.
Influences design of prospective technology solutions in accordance with agency standards.
Evaluates, implements, and supports security‑focused tools and services.
Collaborates with other IT engineering and administration disciplines to incorporate security best practices.
Consults with internal customers on risk assessment, threat modeling, and vulnerability mitigation.
Conducts security assessments, evaluates controls, and provides feedback to management and system owners.
Performs regular security reviews of software and processes, produces threat models, and recommends enhancements.
Participates in ongoing information security education, awareness, and outreach activities.
Participates in incident investigation and response efforts, leading when needed.
Participates in computer and network forensic investigations.
Prepares regular reports on relevant metrics for stakeholders.
Coaches, manages, mentors, and develops staff.
Maintains up‑to‑date professional skills and knowledge of latest security threats and countermeasures.
Champions and models Sound Transit’s core values and demonstrates value‑based behaviors.
Contributes to a culture of diversity, equity, and inclusion in alignment with the equity and inclusion policy.
Follows agency safety rules, regulations, and procedures in all duties.
Integrates sustainability into everyday business practices.
Other duties as assigned.
Minimum Qualifications
Bachelor’s degree in Computer Science, Information Technology, Business Administration, Engineering, or closely related field.
Five years of information technology experience focused on security engineering and operations, or equivalent combination of education and experience.
Three years of leadership, budgetary, planning and workforce management experience.
Required Licenses or Certifications
Certified Information Systems Security Professional (CISSP), or obtain within 12 months of hire.
Preferred Licenses or Certifications
Certified Information Security Manager (CISM)
Information Technology Infrastructure Library (ITIL)
Certified Ethical Hacker (CEH)
Certified Cyber Forensics Professional (CCFP)
GIAC Certified Incident Handler (GCIH)
Required Knowledge and Skills
Strong command of ITIL core processes and principles.
Strong command and experience with information security architecture and engineering principles.
General knowledge of the NIST 800 series, PCI DSS, and ISO 27001/2 frameworks.
Experience in Information Security, Security Architecture, Security Engineering, or Security Operations.
Understanding of information technology and security controls.
Experience with security-related technologies, systems, and tools.
Proficiency in MS Office (Project, Word, Excel, PowerPoint, SharePoint).
Strong team leadership and verbal/written communication skills.
Ability to work in highly collaborative environments.
Strong workload prioritization and self‑organization skills.
Strong project management skills.
Preferred Knowledge and Skills
Understanding of Cloud Computing environments (Microsoft Azure preferred).
Physical Demands / Work Environment
Hybrid office environment.
Requires communication with stakeholders and use of specialized security tools; may involve bending, hearing, sitting, standing, talking, seeing, and lifting up to 25 lbs.
Agency promotes a safe and healthy work environment and provides appropriate safety and equipment training.
Sound Transit is an equal employment opportunity employer. No person is unlawfully excluded from employment action based on race, color, religion, national origin, sex (including gender identity, sexual orientation and pregnancy), age, genetic information, disability, veteran status or other protected class.
Seniority Level Mid‑Senior level
Employment Type Full-time
Job Function Information Technology
#J-18808-Ljbffr