Sound Transit

Salary range is $125k to $230k, with a midpoint of $170k. New hires typically receive between minimum and midpoint, however, we may go slightly higher based on experience, internal equity and market.

Sound Transit also offers a competitive benefits package with a wide range of offerings, including:

• Health Benefits: We offer two choices of medical plans, a dental plan, and a vision plan all at no cost for employee coverage; comprehensive benefits for employees and eligible dependents, including a spouse or domestic partner.
• Long-Term Disability and Life Insurance.
• Employee Assistance Program.
• Retirement Plans: 401a – 10% of employee contribution with a 12% match by Sound Transit; 457b – up to IRS maximum (employee only contribution).
• Paid Time Off: Employees accrue 25 days of paid time off annually with increases at four, eight and twelve years of service. Employees at the director level and up accrue additional days. We also observe 12 paid holidays and provide up to 2 paid floating holidays and up to 2 paid volunteer days per year.
• Parental Leave: 12 weeks of parental leave for new parents.
• Pet Insurance.
• ORCA Card: All full-time employees will receive an ORCA card at no cost.
• Tuition Reimbursement: Sound Transit will pay up to $5,000 annually for approved tuition expenses.
• Compensation Practices: We offer competitive salaries based on market rates and internal equity. In addition to compensation and benefits, you’ll find that we provide work-life balance, opportunities for professional development and recognition from your colleagues.

GENERAL PURPOSE: 

Under general direction from the Chief Information Security Officer, the Deputy Director - Information Security Architecture & Engineering performs at a senior professional level to secure the agency’s information and technology systems by playing a key role in the strategic and operational components of the information security program. This role defines the technical strategy and supporting architecture of the security controls required by the agency’s information security management system (ISMS), as well as developing the necessary security standards, policies, and procedures required to implement administrative security controls.

The Deputy Director of Information Security Architecture and Engineering plays a key role in the strategic and operational components of the Information Security Program, acting as a strong partner to system owners agency-wide, and providing collaborative leadership and extensive subject matter expertise to assist in the development of adequate security controls and risk mitigation strategies for their respective systems. This role aligns strategic goals and objectives with decisions regarding products and services, technologies, partners and suppliers, organization, capabilities, and key agency and Information Security initiatives. 

The Deputy Director of Information Security Architecture and Engineering works to develop an integrated view of the security controls in place throughout the organization using a repeatable approach, cohesive framework, and alignment with industry standards and best practices. The Deputy Director of Information Security Architecture and Engineering is responsible for operation and oversight of the “Security Engineering and Infrastructure Security” and SecOps functions of the Information Security Division, and for the mentoring and professional development of the Division’s technical staff.

ESSENTIAL FUNCTIONS:

The following duties are a representative summary of the primary duties and responsibilities. Incumbent(s) may not be required to perform all duties listed and may be required to perform additional, position-specific duties.

• Manages people, budget, programs, and strategy for the Information Security Architecture, Security Engineering and Security Operations components of the Information Security Division. Exercises supervision in terms of costs, methods, and staffing.
• Responsible for the strategy development for all technical functions within the Information Security Division, and provides key input to support the development of the overall strategy for the Division and the agency’s Information Security Program. 
• Provides guidance to the technical professionals that comprise the Security Engineering and Security Operations functions of the Information Security Division. Prepares and executes professional development plans to ensure technical skills and competencies of this staff remain aligned with agency needs.
• Oversees the performance of the Managed Service Providers, contractors and consultants that supply key technical services for the Division.
• Works to develop a broader, strategically-focused understanding of the need for infrastructure security, to include building relationships with other groups to understand their long-term business needs. 
• Works in strong collaboration with service owners to develop a strategic outlook for their services to inform budgetary and resource planning needs.
• Identifies and assesses technology-related risks to information security associated with prospective technology solutions; and recommends appropriate mitigating controls.
• Provides subject matter expertise to develop and execute a cloud security strategy that aligns with the business and information security objectives (including control design).
• Influences the design of any prospective technology solution for adherence to documented agency standards, policies, and regulatory responsibilities.
• Develops a security architecture strategy based on a situational awareness of various business scenarios and use cases.
• Designs and develops technical standards to interpret and implement applicable information security policies and controls.
• Represents Information Security when participating in the department’s IT Service Delivery core processes.
• Acts as Service Owner for the services offered by the “Security Engineering and Infrastructure Security” and SecOps functions of the Information Security Division.
• Collaborates with other IT engineering and administration disciplines to ensure security best practices are incorporated into design, implementation and sustainment of systems and services within the agency.
• Advises and consults with internal customers on risk assessment, threat modeling and mitigation of vulnerabilities.
• Oversees information security incident investigation and response efforts, leading as needed.
• Oversees computer and network forensic investigations in support of incident response activities.
• Supports root‐cause analysis when incidents occur and prepare incident reports.
• Evaluates, implements, and supports security-focused tools and services required to support information security controls.
• Evangelizes information security at Sound Transit.
• Leads the Education and Awareness program component of the agency’s Information Security Management System (ISMS).
• Conducts regular security reviews of both software and processes. Reviews and creates threat models and recommends security enhancements consistent with information security strategy and evolving threats.
• Focuses on keeping professional skills current.
• Keeps up to date on latest information security threats and countermeasures.
• Champions and models Sound Transit's core values and demonstrates values-based behaviors in everyday interactions across the agency.
• Contributes to a culture of diversity, equity and inclusion in alignment with Sound Transit’s Equity & Inclusion Policy.
• It is the responsibility of all employees to follow the Agency safety rules, regulations, and procedures pertaining to their assigned duties and responsibilities, which could include systems, operations, and/or other employees. 
• It is the responsibility of all employees to integrate sustainability into everyday business practices.
• Other duties as assigned.

MINIMUM QUALIFICATIONS:

Education and Experience: Bachelor’s Degree in Computer Science, Information Technology, Business Management Information Systems, or closely related field and six years of information systems security or cyber security experience; OR an equivalent combination of education and experience. Four years of leadership, budgetary, planning and workforce management experience required.

Preferred Licenses or Certifications:

• Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM), or ability to obtain certification within 12 months of hiring.
• CEH, CCFP, GCIH (or other GIAC), ITIL v3, CCSP, or others that are considered field-relevant.

Required Knowledge and Skills:

• Experience with the application of threat modeling or other risk identification techniques.
• Deep understanding of Operating System architecture as it relates to the functions of the following components: OS kernel, OS kernel modules and device drivers, memory management, inter-process communication, security subsystem, user account rights, user group rights, system logs, I/O functions, network services, file-system permissions, and application interaction with the Operating System.
• Extensive understanding of Microsoft OS (Server and Workstation) products.
• Technical skills proficiency in the following areas: security information event management, network protocols (e.g. TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols), system administration, malware (propagation, infection, types), intermediate knowledge of network security controls and technologies (proxy, firewall, IDS/IPS, router/switch, open source information collection platforms), cryptography, Microsoft Active Directory.
• Deep knowledge of security operations: perimeter defense, forensics, incident response, kill chain analysis, risk assessment and security metrics.
• Extensive understanding of internet-facing, web applications.
• Relevant experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography.
• Extensive experience with information security incident handling and investigation procedures.
• Demonstrated skills in conducting forensic analysis of digital evidence, network traffic, managing event analysis/correlation and related incident investigations.
• In-depth knowledge of security software threats and vulnerability mitigation techniques.
• Extensive knowledge of modern public cloud platforms (Azure, AWS).
• Extensive knowledge of risk-based methodologies and one or more of the following frameworks: ISO 27001/2:2017, PCI-DSS, or NIST 800-53.
• Strong understanding of IT Service Delivery (ITIL) core processes and methodologies.
• Leadership/supervisory principles, methods and techniques.
• Establishing and maintaining effective working relationships with other department staff, management, vendors, and other stakeholders.
• Documenting and explaining risks, recommendations, and incident data to technical stakeholders.
• Interpreting and administering information security policies, standards and procedures sufficiently to administer, discuss, resolve, and explain them to staff and other constituencies.
• Generating metrics and preparing reports to facilitate decision-making on security-related activities.
• Utilizing personal computer software programs affecting assigned work and in compiling and preparing spreadsheets and reports.
• Preparing and analyzing complex data and comprehensive reports.
• Writing of technical documentation and standards.
• Responding to inquiries and in effective oral and written communication.
• Researching, analyzing, and evaluating new security processes, products and techniques.
• Candidate should have excellent time management skills including the ability to prepare prioritize and complete work plans.
• Results oriented, highly organized, proactive and self-motivated.
• Communicating and coordinating with co-workers, customers, and vendors. 
• Working effectively under pressure, meeting deadlines, and adjusting to changing priorities.
• Responding to inquiries and in effective oral and written communication.
• Researching, analyzing, and evaluating new service delivery methods and techniques.
• Working collaboratively with other departments, agency officials, and outside agencies.

Physical Demands / Work Environment: 

• Work is performed in a standard office environment.
• The Agency promotes a safe and healthy work environment and provides appropriate safety and equipment training for all personnel as required. 

Sound Transit is an equal employment opportunity employer. No person is unlawfully excluded from employment action based on race, color, religion, national origin, sex (including gender identity, sexual orientation and pregnancy), age, genetic information, disability, veteran status or other protected class.