Apital Inc.
Incident Response Analyst – Transit Operations Center
Description
Apital is seeking a proactive and skilled
Incident Response Analyst
to join its growing cybersecurity team supporting modern train control systems, including CBTC and PTC networks. This analyst will work within the Security Operations Center (SOC) to defend real-time rail communication systems and help contain cyber events that could impact public safety or service continuity.
The Incident Response Analyst handles cyber incidents affecting transit operations, from system outages to control system intrusions, ensuring minimal disruption to service and safety.
Responsibilities
Respond to cyber threats in real-time impacting OT or enterprise systems.
Investigate and respond to anomalies or disruptions in CBTC and PTC communication systems, including data spoofing or jamming.
Analyze incident data from train control centers, base stations, and onboard subsystems.
Work with rail signal and telecom engineers to triage cyber-physical events affecting train movement or safety systems.
Perform forensic analysis on devices like onboard data recorders and train control PLCs following a security breach.
Investigate breaches of fare payment systems, control networks, or Wi-Fi systems.
Coordinate with physical security and transit police during joint cyber-physical threats.
Document incidents and create post-mortem reports with mitigation steps.
Required Skills/ Knowledge
Familiarity with IC*S/SCADA for rail operations.
Experience with log analysis, malware investigation, and forensics.
Knowledge of MITRE ATT&CK for IC*S and NIST IR guidance.
Desired Skills/ Knowledge
Bachelor’s degree or equivalent work experience.
3–5 years of incident response or SOC experience.
Certifications: GIAC (GCIH, GCFA), ECIH, or CISA.
401K, 401 matching, disability insurance, employee assistance program, flexible spending account, health insurance.
#J-18808-Ljbffr
Apital is seeking a proactive and skilled
Incident Response Analyst
to join its growing cybersecurity team supporting modern train control systems, including CBTC and PTC networks. This analyst will work within the Security Operations Center (SOC) to defend real-time rail communication systems and help contain cyber events that could impact public safety or service continuity.
The Incident Response Analyst handles cyber incidents affecting transit operations, from system outages to control system intrusions, ensuring minimal disruption to service and safety.
Responsibilities
Respond to cyber threats in real-time impacting OT or enterprise systems.
Investigate and respond to anomalies or disruptions in CBTC and PTC communication systems, including data spoofing or jamming.
Analyze incident data from train control centers, base stations, and onboard subsystems.
Work with rail signal and telecom engineers to triage cyber-physical events affecting train movement or safety systems.
Perform forensic analysis on devices like onboard data recorders and train control PLCs following a security breach.
Investigate breaches of fare payment systems, control networks, or Wi-Fi systems.
Coordinate with physical security and transit police during joint cyber-physical threats.
Document incidents and create post-mortem reports with mitigation steps.
Required Skills/ Knowledge
Familiarity with IC*S/SCADA for rail operations.
Experience with log analysis, malware investigation, and forensics.
Knowledge of MITRE ATT&CK for IC*S and NIST IR guidance.
Desired Skills/ Knowledge
Bachelor’s degree or equivalent work experience.
3–5 years of incident response or SOC experience.
Certifications: GIAC (GCIH, GCFA), ECIH, or CISA.
401K, 401 matching, disability insurance, employee assistance program, flexible spending account, health insurance.
#J-18808-Ljbffr