Network Cybersecurity Architect (Hybrid/Remote) - 90363132 - Washington

Your success is a train ride away!

As we move America’s workforce toward the future, Amtrak connects businesses and communities across the country. We employ more than 20,000 diverse, energetic professionals in a variety of career fields throughout the United States. The safety of our passengers, our employees, the public and our operating environment is our priority, and the success of our railroad is due to our employees.

Are you ready to join our team?

Our values of ‘Do the Right Thing, Excel Together and Put Customers First’ are at the heart of what matters most to us, and our Core Capabilities, ‘Building Trust, Accountability, Effective Communication, Customer Focus, and Proactive Safety & Security’ are what every employee needs to know and do to be most impactful at Amtrak. By living the Amtrak values, focusing on our capabilities, and actively embracing and fostering diverse ideas, backgrounds, and perspectives, together we will honor our past and make Amtrak a company of the future.

SUMMARY OF DUTIES:
The Cyber Architect Director Network serves a technical expert in network security architecture and engineering functions and in-depth knowledge to protect IT systems, network and data across the enterprise. The role also requires strategic expertise across all technology functions to support business goals. TheCyber Architect Director Network possesses a mastery of internal security solutions required to protect business operations. The Cyber Architect Director Network is the expert on designing and automating security processes. TheCyber Architect Director Network addresses the issues of today and has the foresight to see where the industry is headed and proactively deliver secure solutions.Cyber Architect Director Network think like attackers to identify how solutions may be abused to an attacker’s advantage.  

ESSENTIAL FUNCTIONS:

• Serves as the service offering lead of Network Security and provides thought leadership, vision, and strategy.
• Leads project teams and develops milestones and objectives to support senior management goals.
• Decisions have a significant impact on the overall success of security technology projects.
• Routinely briefs senior management on security technology initiatives and provides advice and guidance to senior management and other technical professionals on complex matters requiring significant interpretation of information to identify and develop solutions.
• Identifies requirements for security assessments of technology systems and leads system changes to ensure adherence to standards, policy, guidelines, strategies, and security best business practices.
• Performs fit/gap assessments, identifies and proposes strategic capability requirements, and ensures technical delivery of the strategic roadmap.
• Interprets and communicates the results of security metrics to leaderships and identifies the steps necessary to attain the desired results.
• Leads and participates in planning sessions related to projects or new technologies to implement process improvement within the functional area. Documents discussions and agreements. Facilitates gate review, change advisory boards and IT operational meetings.  
• Builds relationships with leaders across the technology portfolio to incorporate security principles into engineering design and deployments.
• Defines testing and validation criteria in application security controls across projects.
• Assesses the effectiveness of defensive practices and countermeasures across infrastructure and applications.
• Architects network security solutions and works with Network team to implement the design.
• Champions the ability to “shift left” and incorporate security early on and throughout the development lifecycle.
• Mastery of vulnerability assessments and analysis processes that deliver results-oriented communication related to risk tolerance and threat to the business.
• Defines quality test activities and validation requirements in preparation for go-live.
• Knowledge of ICS/SCADA cybersecurity concerns.
• Recognized as a technical expert resource to resolve problems, security incidents and conduct forensic investigations.

MINIMUM QUALIFICATIONS:

• Bachelor’s Degree in Computer Science, Information Systems, Cybersecurity, Engineering or related field plus 11+ years of relevant experience required.
• 15+ years of relevant work experience required to satisfy education and experience requirements
• 11+ years of relevant technical experience across multiple security technology domains.
• Professional security-related certifications (e.g. CCNP Security, CCIE Security, Security+, Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), CISCO, SANS certifications, etc.).

MIMINUM KSA (Knowledge, Skills, and Abilities):

• Must possess advanced customer service, communication and interpersonal skills, work well with others in an integrated team environment, and must be self-motivated. 
• Mastery of securing Windows and *nix operating systems, endpoint applications, networking protocols and devices.
• Deep understanding of scripting in Python, Bash, Perl, PowerShell or other relevant language.
• Expert understanding of OWASP, CVSS, the MITRE ATT&CK framework and the secure software development lifecycle (SLDC).
• Mastery of SIEM/SOAR, EDR, CASB, IDS/IPS, AV, DLP, UEBA, FW, etc. technologies 
• Experience leading technical risk and vulnerability assessments. 
• Strong analytical skills with experience working in or supporting a Security Operations Center.

PREFERRED QUALIFICATIONS:

• Master's degree in Information Technology, Cybersecurity, Engineering or equivalent.
• Experience with scripting languages.
• 13+ years experience in cybersecurity technology specialization.
• Extensive experience with operations and security across Amazon Web Services (AWS) and Microsoft Azure.
• Mastery of the Microsoft Security Stack.
• Knowledge of Payment Card Industry (PCI), Health Information Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), National Institute of Standards (NIST), Center for Internet Security (CIS) or International Standards Organization (ISO) requirements.

WORK ENVIRONMENT:

• Work is performed in an office environment but may be remote/hybrid.
• May require travel up to 20% of the time 
• Requires on-call status
• After hours, weekend and periodic shift work may be required
• Other duties as assigned

COMMUNICATIONS AND INTERPERSONAL SKILLS:
Must have excellent oral and written communication skills.

The salary/hourly range is $190,476 - $216,000. Pay is based on several factors including but not limited to education, work experience, certifications, etc. Depending on an employee’s assigned worksite or location, Amtrak may consider a geo-pay differential to be applied to the employee’s base salary. Amtrak may offer additional incentive and pay programs to recognize and reward our employees, including a short-term incentive bonus based upon factors such as individual and company performance that is commensurate with the level of the position and/or long-term incentive plan compensation. In addition to your salary, Amtrak offers a comprehensive benefit package that includes health, dental, and vision plans; health savings accounts; wellness programs; flexible spending accounts; 401K retirement plan with employer match; life insurance; short and long term disability insurance; paid time off; back-up care; adoption assistance; surrogacy assistance; reimbursement of education expenses; Public Service Loan Forgiveness eligibility; Railroad Retirement sickness and retirement benefits; and rail pass privileges. Learn more about our benefits offerings here.

Requisition ID:159470
Posting Location(s):District of Columbia
Job Family/Function:Information Technology 
Relocation Offered:No 
Travel Requirements:Up to 25% 
 

You power our progress through your performance.
 

We want your work at Amtrak to be more than a job. We want your career at Amtrak to be a fulfilling experience where you find challenging work, rewarding opportunities, respect among colleagues, and attractive compensation. Amtrak maintains a culture that values high performance and recognizes individual employee contributions. 

Amtrak is committed to a safe workplace free of drugs and alcohol. All Amtrak positions requires a pre-employment background check that includes prior employment verification, a criminal history check and a pre-employment drug screen. 

Candidates who test positive for marijuana will be disqualified, regardless of any state or local statute, ordinance, regulation, or other law that legalizes or decriminalizes the use or possession of marijuana, whether for medical, recreational, or other use. Amtrak's pre-employment drug testing program is administered in accordance with DOT regulations and applicable law.  

In accordance with DOT regulations (49 CFR § 40.25), Amtrak is required to obtain prior drug and alcohol testing records for applicants/employees intending to perform safety-sensitive duties for covered Department of Transportation positions. If an applicant/employee refuses to provide written consent for Amtrak to obtain these records, the individual will not be permitted to perform safety-sensitive functions.

In accordance with federal law governing security checks of covered individuals for providers of public transportation (Title 6 U.S.C. §1143), Amtrak is required to screen applicants for any permanent or interim disqualifying criminal offenses. 

Note that any education requirement listed above may be deemed satisfied if you have an equivalent combination of education, training and experience.

Amtrak is an EOE/Affirmative Action Minority/Female employer, and we welcome all to apply. We consider candidates regardless of race/color, religion, sex (including pregnancy, childbirth and related conditions), national origin/ethnicity, age, disability (intellectual, mental and physical), veteran status, marital status, ancestry, sexual orientation, gender identity and gender expression, genetic information, citizenship or any other personal characteristics protected by law.