NYC Staffing
Cybersecurity Officer- Application Security
NYC Staffing, New York, New York, United States, 10001
Cybersecurity Officer- Application Security
The purpose of this position is to provide technical leadership and management of MTA's cybersecurity program in one or more technical domains. This role deals with both internal and external threats to the MTA systems, which can affect the safety of employees and customers, system integrity, and operational availability. As part of managing the program, the Cybersecurity Officer will need expertise in managing a complex program with highly skilled staff, contracts, and processes associated with risk management that are essential to maintaining electronic and physical safety for MTA's business in all areas that utilize technology. Responsibilities: Managing and developing staff, technology, and processes to reduce risk with the evolving cyber threat landscape. Working across multiple technology and cybersecurity domains to ensure cybersecurity is looked at holistically. Considering all risk assessments, data-driven analytics, and developing standards, reference architectures, and reducing the risk of the MTA through emerging technologies. Having expertise in one or more domains of technology and effective management. Specific expertise and skills in the domain of application security are required to improve MTA Cybersecurity delivery in the domains of application code development, rapid application coding, DevSecOps, and accommodate the strategic change the Agile Product Management team is currently implementing. Critical Skills: Cybersecurity expertise Application security knowledge Coding and development skills Security architecture Secure development lifecycle (SDLC) Security testing tools Incident response Security policies and procedures Knowledge of application security architecture, Zero-trust architecture, and application security governance Expertise with the selection, configuration, integration, and management of application security testing tools Understanding of DevOps tools Leadership: Provide leadership to a strong talent pool of technical professionals Lead a team of multi-functional technical staff planning, building, and maintaining cybersecurity tools Lead others, as appropriate, and when necessary, that will consist of one or more agile coaches, data analytics researchers, and other cybersecurity personnel Provide direction on evaluation, selection, implementation, and maintenance of cybersecurity tools Leads teams to complete projects when a project manager has not been assigned Attained significant achievements managing technical teams, contractors, and vendors Human Resource Management: Attract, develop, coach, and retain high-performance team members Build staff expertise and competence to meet evolving demands Financial Management: Demonstrate consistent understanding of funding, communications, and systems Collaborate with IT Business Management Services to identify procurement contracts Strategy & Planning: Assess and make recommendations on the improvement and re-engineering within the IT Department Promote the use of employee self-service and mobile connectivity within products Recommend automation of business processes to reduce reliance on manual approvals Acquisition & Deployment: Coordinate and facilitate consultation with stakeholders to define business and systems requirements Provide direction on evaluation, selection, implementation, and maintenance of information systems Advises MTA IT management on changing trends and emerging technology Directs the development of the analysis required to determine if Information Technology projects should follow a "Build" or "Buy" methodology Manages the development and implementation of new modules within assigned products Management and Oversight: Participates in overall business planning Responsible for leading and reporting on various product progress and deliverables Ensure continuous delivery of product services through oversight of service level agreements Responsible for the recruitment, development, motivation, training, and retention of a diverse and high performing multi-level IT/OT team Develop business case justifications and cost/benefit analyses for IT spending and initiatives Cybersecurity Officer-Specific Accountabilities: Planning Architecture Contracts/Vendor Management Documentation Guidance, Communications, and Training Support Operations Research & Analysis Qualifications: Bachelor's degree required, preferably in Computer Science or related fields Minimum of 5 plus years of relevant experience CISSP, CISM, or other advanced security-related certification preferred Certifications in technology subdomains preferred Experience in Project Management Principles (Waterfall and Agile) preferred Deep understanding of technology and cybersecurity domain principles Proven ability to manage projects and initiatives Proven ability to manage people Understanding of Operating Systems, Cloud, Mobile, and Applications Some scripting or programming skills preferred Knowledge of programming languages, frameworks, databases, and software engineering is a must Proficient in Productivity Tools (i.e., Office 365, Gsuite) Experience with Spreadsheets and Data Analysis Strong Verbal/written communication skills Financial/budgeting planning and management experience is a plus Ability to fit in with the constantly shifting needs and demands of the business
The purpose of this position is to provide technical leadership and management of MTA's cybersecurity program in one or more technical domains. This role deals with both internal and external threats to the MTA systems, which can affect the safety of employees and customers, system integrity, and operational availability. As part of managing the program, the Cybersecurity Officer will need expertise in managing a complex program with highly skilled staff, contracts, and processes associated with risk management that are essential to maintaining electronic and physical safety for MTA's business in all areas that utilize technology. Responsibilities: Managing and developing staff, technology, and processes to reduce risk with the evolving cyber threat landscape. Working across multiple technology and cybersecurity domains to ensure cybersecurity is looked at holistically. Considering all risk assessments, data-driven analytics, and developing standards, reference architectures, and reducing the risk of the MTA through emerging technologies. Having expertise in one or more domains of technology and effective management. Specific expertise and skills in the domain of application security are required to improve MTA Cybersecurity delivery in the domains of application code development, rapid application coding, DevSecOps, and accommodate the strategic change the Agile Product Management team is currently implementing. Critical Skills: Cybersecurity expertise Application security knowledge Coding and development skills Security architecture Secure development lifecycle (SDLC) Security testing tools Incident response Security policies and procedures Knowledge of application security architecture, Zero-trust architecture, and application security governance Expertise with the selection, configuration, integration, and management of application security testing tools Understanding of DevOps tools Leadership: Provide leadership to a strong talent pool of technical professionals Lead a team of multi-functional technical staff planning, building, and maintaining cybersecurity tools Lead others, as appropriate, and when necessary, that will consist of one or more agile coaches, data analytics researchers, and other cybersecurity personnel Provide direction on evaluation, selection, implementation, and maintenance of cybersecurity tools Leads teams to complete projects when a project manager has not been assigned Attained significant achievements managing technical teams, contractors, and vendors Human Resource Management: Attract, develop, coach, and retain high-performance team members Build staff expertise and competence to meet evolving demands Financial Management: Demonstrate consistent understanding of funding, communications, and systems Collaborate with IT Business Management Services to identify procurement contracts Strategy & Planning: Assess and make recommendations on the improvement and re-engineering within the IT Department Promote the use of employee self-service and mobile connectivity within products Recommend automation of business processes to reduce reliance on manual approvals Acquisition & Deployment: Coordinate and facilitate consultation with stakeholders to define business and systems requirements Provide direction on evaluation, selection, implementation, and maintenance of information systems Advises MTA IT management on changing trends and emerging technology Directs the development of the analysis required to determine if Information Technology projects should follow a "Build" or "Buy" methodology Manages the development and implementation of new modules within assigned products Management and Oversight: Participates in overall business planning Responsible for leading and reporting on various product progress and deliverables Ensure continuous delivery of product services through oversight of service level agreements Responsible for the recruitment, development, motivation, training, and retention of a diverse and high performing multi-level IT/OT team Develop business case justifications and cost/benefit analyses for IT spending and initiatives Cybersecurity Officer-Specific Accountabilities: Planning Architecture Contracts/Vendor Management Documentation Guidance, Communications, and Training Support Operations Research & Analysis Qualifications: Bachelor's degree required, preferably in Computer Science or related fields Minimum of 5 plus years of relevant experience CISSP, CISM, or other advanced security-related certification preferred Certifications in technology subdomains preferred Experience in Project Management Principles (Waterfall and Agile) preferred Deep understanding of technology and cybersecurity domain principles Proven ability to manage projects and initiatives Proven ability to manage people Understanding of Operating Systems, Cloud, Mobile, and Applications Some scripting or programming skills preferred Knowledge of programming languages, frameworks, databases, and software engineering is a must Proficient in Productivity Tools (i.e., Office 365, Gsuite) Experience with Spreadsheets and Data Analysis Strong Verbal/written communication skills Financial/budgeting planning and management experience is a plus Ability to fit in with the constantly shifting needs and demands of the business