IT Manager - Cybersecurity Office

Basic Function

Manages the analysis, design, development, testing, documentation and implementation of information and network security solutions, global security policies, standards, guidelines and procedures to ensure ongoing maintenance and security.  Leads and manages the day-to-day activities of the cybersecurity team.  Coordinates the analysis and design of automated security monitoring and alert systems.  Assists the Chief Information Security Officer in ensuring that cybersecurity programs are in compliance with relevant laws, regulations and policies to minimize or eliminate risks and audit findings. Performs duties in a safe efficient manner and in compliance with all applicable rules and safety procedures.

Responsibilities and Specific Duties

• Performs personnel administrative functions of direct report staff (e.g. training, supervising, work assignments, timesheets, performance evaluations, etc.) for the purpose of enhancing productivity of staff and ensuring necessary department outcomes are achieved.
• Protects system by defining access privileges, control structures, and resources for Windows and Linux environments as well as performs investigations and documenting of cybersecurity incidents
• Monitors secure computing environment ensuring operational processes for PCI and HIPAA.
• Creates and manages the annual Cybersecurity Awareness Training program as well as using technology to test the effectiveness of the annual training and quarterly follow-ups.
• Works directly with the Chief Information Security Officer in managing the risk-based process for vendor risk management, including the assessment and treatment for risks that may result from internal customers, consultants and service providers
• Manages multiple complex cybersecurity projects, maintains project schedules and budgets.
• Collaborates with other team members to facilitate troubleshooting and recommendations.
• Effectively communicates technical information, analyzes and problem solves a variety of cybersecurity issues.
• Examines impact of new technologies on the Authority’s overall cybersecurity program, and establishes processes to review implementation of new technologies to ensure security compliance
• Manages the tracking of all information technology and security related audits including scope of audits, timelines, auditing agencies and outcomes. 
• Provides regular reporting on the current status of the information security program to the Chief Information Security Officer
• Conforms to internal change control procedures and industry standard best practices.
• Provides excellent customer service to METRO internal and external customers.
• Applies SMS (Safety Management System) methods and principles in daily routine and supports all aspects of the agency’s Public Transportation Agency Safety Plan (PTASP).
• Promotes safety awareness and follows safety procedures to reduce or eliminate accidents.
• Performs other job-related duties as assigned.
  Pay Range: $106,600 - $142,600

Education Requirement

Bachelor’s degree in Computer Science or a related field is required.

Years & Experience Required

Minimum six (6) years’ experience with IT security technologies, security standards and best practices in Information Security; to include three (3) years’ supervisory/lead experience. PCI and internal/external audits, CobiT, ITIL, ISO 27001 experiences preferred.

Knowledge & Skills Required

Comprehensive knowledge of government and regulatory agency policies/procedures from a security and audit perspective. Knowledge of technological trends and developments in the area of cybersecurity, risk management and security approaches that support the operational processes for PCI is required. Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM) is required. If not CISSP/CISM certified, coursework towards CISSP/CISM is required, with the ability to obtain final certification to progress to the next security level.

Additional Information

The Metropolitan Transit Authority of Harris County, Texas has a zero tolerance drug and alcohol policy for all employees. All internal and external applicants will be required to undergo drug testing before employment and will be subject to further drug and/or alcohol testing throughout their employment.

Further, employees who perform safety-sensitive functions will submit to drug and/or alcohol testing in accordance to the Department of Transportation (DOT) and the Federal Transit Administration (FTA) regulatory requirements.

We provide equal opportunity to all qualified individuals regardless of race, color, religion, age, sex, national origin, veteran status, genetic information or disability.