You are viewing a preview of this job. Log in or register to view more details about this job.

Cybersecurity Architect in NYC (onsite) with MTA

SDVO Tech
Email

Job Title: Cybersecurity Architect

Pay Rate: $65/Hourly

Required Hours/Week: 40

Location: New York City, NY, 10004 (Onsite)

Remote Job: No

Job Start Date: ASAP

Experience: 10-20 Years

Position Type: Contract

Primary Skills: active directory, OSPF, BGP, Cisco ISE, SONET, Stealthwatch, DWDM, Nozomi, Gigamon

Interview Type: Phone followed In-Person

 

Description 

The Metropolitan Transportation Authority (MTA) Agency Cyber Resources Project: onsite consultants at various NY-area locations who can assist the MTA Operational Technology (OT) groups in supporting new and ongoing MTA cybersecurity projects.

 

Background

The MTA has a vast network of transportation infrastructure spanning the New York City Metropolitan service area, southern portions of New York, Long Island, and segments of New Jersey and Connecticut. This transportation infrastructure includes a large network of underground and under-river subway, rail, and vehicular tunnels; elevated subway and rail structures; rail yards and bus depots; subway, rail, bus stations, and maintenance facilities.

 

MTA OT Groups

MTA agency OT groups are primarily responsible for Industrial Control Systems (ICS) that manage, monitor, and control the operations of critical infrastructure. These types of specialized technologies are required to meet safety, performance, security, reliability, and operational requirements.

 

Responsibilities: 

  • Assemble a vendor vetted and pre-screened team of onsite consultants to support new and ongoing MTA OT cybersecurity projects at MTA agencies
  • Develop a process so the consultants can be deployed to agencies quickly and efficiently, based on need and skillset
  • Track and monitor all assigned cybersecurity work/projects/directives and provide regular updates to leadership

Required/Desired/Highly desired Skills: 

  • BGP, OSPF and Switching (Cisco) (Required)
  • Network Segmentation and Isolation (Required)
  • Virtualization and Infrastructure (Vmware, Virtual Switches) (Required)
  • Authentication, Authorization, and Accounting (AAA)   (Required)
  • Containment/Protection Tools for OT Environments (Forescout)   (Required)
  • DWDM and SONET (Required)
  • Knowledge of Physical Access Control Systems   
  • Knowledge of Video Management Systems   
  • Knowledge of Endpoint Credential Management
  • Knowledge of Active Directory and Windows Server Administration and Hardening   
  • Knowledge of Cisco ISE/Stealthwatch   
  • Knowledge of Vulnerability and Patch Management   
  • Knowledge of Privileged Access Management
  • Knowledge of Cybersecurity Incident Response Plan/Program
  • Knowledge of Threat Detection and Vulnerability Assessments
  • Knowledge of Implementing Deception Technology (Honeypot/Honeynets)
  • Data Analysis (Nice to Have)
  • Knowledge of Nozomi maintenance and management   
  • Knowledge of TDI administration and management   
  • Knowledge of Gigamon maintenance and management experience