Information Technology (IT) Security Administrator

at  Hampton Roads Transit

Hampton Roads Transit is looking for dynamic, customer service oriented, and energetic people to become part of a committed team providing excellent and effective public transportation to the Hampton Roads region. In addition to rewarding careers and professional development opportunities, we offer unmatched benefits and competitive wages in a stimulating environment that will provide you with the flexibility and training tools to grow.

The IT Security Administrator will be hands-on and responsible for management of HRT’s information security and compliance related activities including the following:

• Utilizing a risk-based approach to manage information security related aspects of HRT’s business.
• Assuring compliance with information security, privacy and industry standards and regulations.
• Maintaining the process of establishing reasonable organization security and privacy defaults.
• Implementing the NIST Cybersecurity Framework within the organization to improve cyber resilience.

This role is responsible for ensuring HRT’s systems are secure, ensuring we are complying with data privacy regulatory practices and risk auditing.

REQUIRED KNOWLEDGE, ABILITIES AND SKILLS ESSENTIAL TO JOB FUNCTIONS:

• Demonstrated Experience in Network Engineering.
• Certification in CompTIA Security +.
• Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) Certification, SANS Certifications, or comparable certifications preferred.
• Familiarity with general business practices, a wide range of software and hardware applications
• Experience in establishing cybersecurity and risk metrics for reporting.
• Ability to effectively present information and respond to questions from senior management, groups of managers, clients and internal and external customers
• Ability to troubleshoot and solve problems quickly and completely.
• Ability to handle multiple tasks simultaneously and meet multiple deadlines.
• Excellent written and verbal communication skills.

TRAINING AND/OR EDUCATION:

BS or higher in Computer Science, Information Technology Systems or related field.

REQUIRED EXPERIENCE:

5-10 years in Information Technology field, 2+ years in IT Security Lead role, Leadership/Management experience preferred.

SPECIAL REQUIREMENTS:

This position is classified as essential personnel. Onsite position.

The IT Security Administrator will be hands-on and responsible for management of HRT’s information security and compliance related activities including the following:

• Utilizing a risk-based approach to manage information security related aspects of HRT’s business.
• Assuring compliance with information security, privacy and industry standards and regulations.
• Maintaining the process of establishing reasonable organization security and privacy defaults.
• Implementing the NIST Cybersecurity Framework within the organization to improve cyber resilience

(Duties listed are not intended to be all inclusive nor to limit duties that might reasonably be assigned.)

• Responsible for creating and executing strategies to improve the reliability and security of IT information, systems, infrastructure, networks, communications, and programs.
• Works with CIO/CTO to define, implement and maintain corporate information and operations technology security policies and procedures.
• Own the entire IT audit process for SOC & PCI reporting across the enterprise.
• Working knowledge with industry standards such as HIPAA, ITIL, NIST, SANS, COBIT, OWASP, and ISO.
• Responsible for leading vulnerability audits, forensic investigations and mitigation procedures.
• Responds immediately to security-related incidents, leads response team, and provides post-event analysis.
• Acts as a key liaison between Technology management, staff, risk assessment efforts, and auditors.
• Develops and ensures organization-wide training in security awareness, protocols and procedures.
• Ensures compliance regarding staff security and appropriate security needs.
• Responsible for assessing, testing, selecting, and implementing new security products and technologies.
• Prepare cost estimates, budgets, and identifies integration issues.
• Evaluate new cybersecurity threat and IT trends and develop effective security controls.
• Evaluate potential security breaches, coordinate response, and recommend corrective actions.
• Maintain current knowledge of industry and regulatory trends and developments for the enterprise technology.
• Demonstrate experience with sensitive and/or confidential data.
• Hands-on experience in driving/leading technical efforts.
• Strong background in information technology operations and development.
• Demonstrate a clear understanding of the challenges of information security.
• Demonstrate excellent analytical and problem-solving abilities to identify and fix security risks.
• Manage records created and received in compliance with the Hampton Roads Transit Records Management Policy and Procedures.
• Responsible for maintaining a general awareness of HRT’s EMS
• Responsible for handling all related job responsibilities in accordance to HRT’s Environmental Policy, relevant EMS Standard Operating Procedures, and Emergency Management Pla