|Date Posted||July 18, 2019|
Department Marketing Statement
The Washington Metropolitan Area Transit Authority (Metro) is building a state-of-the-art cybersecurity program to better protect the critical transit infrastructure supporting our nation’s capital. The Cybersecurity Strategy and Project Officer is a senior-level role, advisor and direct report to the Chief Information Security Officer. The Officer shall, principally, manage Metro’s implementation of the NIST Cyber Security Framework (CSF). Associated work includes planning, monitoring, reporting on, and guiding Metro’s cybersecurity strategy. The Officer will create and maintain a multi-year project schedule that ensures a holistic and coordinated enterprise-wide approach to the CSF. The Officer will be expected to craft complex written documents, lead planning and strategy meetings, use technical expertise to guide the program (i.e. integrate architecture, risk and policy requirements into logical/sequential strategic plans), and adapt the schedule based on conflicting or emerging risks. Additionally, the Officer will serve collaterally as the “Chief of Staff” for Cybersecurity, managing many staff functions aimed at building a cohesive team ready and able to tackle the organization’s strategic goals and delivering cohesive CISO messaging.
- A Bachelor’s Degree in Computer Science, Cybersecurity or a related field
- Seven (7) years of experience as a cybersecurity officer/engineer, information systems security officer, or specialized expertise in one or more of the following cyber policy, budget, audit, metrics, or training
- A Master’s Degree in Cybersecurity or IT Management
- Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or similar cybersecurity certification
- Project Management Professional (PMP)
Satisfactorily complete the medical examination for this position, if required. The incumbent must be able to perform the essential functions of this position either with or without reasonable accommodations.
The Cybersecurity Strategy & Projects Officer serves as a strategic and programmatic leader for the cybersecurity office, often representing the Chief Information Security Officer in complex business and technical forums. The incumbent ensures that the cybersecurity program is aligned to organizational values and that projects and programs are meeting those value objectives. The Cybersecurity Strategy & Projects Officer builds strong internal and external partnerships that drive the program towards continuous improvement and alignment with the latest in best practices. The incumbent serves as the primary resource advocate for cybersecurity.
- Leads innovative and transformative cybersecurity strategic planning and monitoring. Works across all disciplines and teams in the cybersecurity office to ensure there is a coherent plan with measurable and meaningful objectives. Tracks the organization's progress in attaining strategic goals, reports on progress to the Chief Information Security Officer (CISO) and leads meetings with leaders to drive course corrections. Ensure a coherent strategy stays on track.
- Establishes and maintains robust external partnerships across industry, federal, state, and local governments that influence Washington Metropolitan Area Transit Authority (WMATA)’s best practices, propelling the organization to be and maintain the status of leader in the transportation cybersecurity arena. Meets regularly with leaders in the field, leading analysis of cybersecurity challenges to discover and bring back best practices in an industry that is constantly evolving.
- Manages strategic human resource decisions for the cybersecurity program (working with HR), including requests for additional personnel, staff allocation among cyber branches, developing job descriptions and career path plans Human Resources (HR) and Information Technology (IT) Administrative Services Manager, projecting human resource shortfalls and programmatic gaps, works with HR Talent Acquisition (TA) to create/edit marketing statements and advertisements and may attend recruiting events representing the Officer of Cybersecurity. Works with employees and managers to strategically rotate and develop staff to support retention and career enhancement objectives. Partners with local universities to develop and manage an internship and fellowship program. Assists the Senior Director in their mission to recruit and retain top talent in an extremely competitive industry.
- Represents the Senior Director/CISO and Directors/Deputy CISOs in various forums, across WMATA and externally. Uses a broad understanding of cybersecurity policy, architecture and technical requirements to drive organizational requirements and advocate for program resources. Ensures that cybersecurity requirements are both captured in various processes and understood across the organization.
- Supports the CISO in a wide array of areas, leverages in-depth understanding of cyber risk management, operations, intelligence, policy, administration and governance to lead specialized projects that cross functional program areas. Works closely with section directors to design, implement, monitor and conclude projects based on aggressive schedules while managing competing priorities. Leads or supports strategic projects that cross the organization where no one section leader has clear jurisdiction or bandwidth to drive holistic success.
- Plans and leads routine all-employee staff meetings, management meetings, team-building and similar sessions aimed at maintaining information flow, morale and cross-section collaboration. Ensures that vital information is always conveyed in a timely manner and ensures the team remains unified among competing priorities.
- Oversees all employee performance evaluations and communicates the CISO and WMATA's standards around performance and evaluation criteria. Works with leaders to develop and implement a consistent, fair and honest appraisal process and performance plans. Coordinates with HR on disciplinary matters. Drives consistency, transparency and fairness across the performance process at all times.
- Crafts, reviews and approves both internal and external communications for the CISO. Works across the cybersecurity organization to ensure there is a consistent and coherent message. Manages the organization's mission, vision, values and goals; aligns these to IT and WMATA overarching priorities (e.g. system reliability, safety, financial responsibility, becoming the employer of choice, etc.); reports externally on how these values/goals are progressing and meeting organizational requirements. Broadly ensures messaging is consistent with leadership direction and organizational values and ensures the organization remains focused on WMATA priorities and that all messaging aligns to those values.
- Supports peers in developing cybersecurity policy that ties to larger cybersecurity and IT policy and that integrates with security architecture. Ensures that WMATA has cybersecurity policy that guides the organization, manages compliance and risk, and defines key roles and partnerships.
The essential duties listed are not intended to limit specific duties and responsibilities of any particular position. Nor is it intended to limit in any way the right of managers and supervisors to assign, direct and control the work of employees under their supervision.
Consideration will be given to applicants whose resumes demonstrate the required education and experience. Applicants should include all relevant education and work experience.
Evaluation criteria may include one or more of the following:
- Personal Interview
- Skills Assessments
- Verification of education and experience
- Criminal Background Check
- Credit history report for positions with fiduciary responsibilities
- Successful completion of a medical examination including a drug and alcohol screening
- Review of a current Motor Vehicle Report
Washington Metropolitan Area Transit Authority, a Federal contractor, is an Equal Opportunity / Affirmative Action employer. All qualified applicants receive consideration for employment without regard to race, color, creed, religion, national origin, sex, gender, gender identity, age, sexual orientation, genetic information, physical or mental disability, or status as a protected veteran, or any other status protected by applicable federal law, except where a bona fide occupational qualification exists. Our hiring process is designed to be accessible and free from discrimination.
This posting is an announcement of a vacant position under recruitment. It is not intended to replace the official job description. Job Descriptions are available upon confirmation of an interview.