Principal Cybersecurity Engineer - SFO - ITT (9976) - (150558)
- Full-time
- Work Hours : Regular
- Job Code and Title : 9976-Technology Expert I
- Fill Type : Permanent Exempt
Appointment Type : Permanent Exempt. This position is excluded by the Charter from the competitive civil service examination process and shall serve at the discretion of the Appointing Officer.
Check all associated application documentation thoroughly before clicking on the apply button at the bottom of this description.
Application Opening : Monday, October 7, 2024
Application Deadline : Apply Immediately. Application filing will be open at least through 5 : 00 PM on Wednesday, October 9, 2024 and will close any time thereafter.
Compensation Range : $159,692 - $200,850 annually
Recruitment ID : REF44664D-01155096
Working Hours : Full-time, 40 hours per week, Monday Friday, 8 am - 5 pm, Hybrid work schedule
San Francisco International Airport (SFO), an enterprise department of the City and County of San Francisco (CCSF), has approximately 1,700 CCSF employees and strives to be a diverse, equitable, and inclusive employer.
Under the direction of the Director, Cybersecurity and Compliance, the Principal Cybersecurity Engineer is responsible for the overall security of information assets and technologies through the creation and support of preventative, detective, and corrective controls.
Identifies, refines, and analyzes cyber-security data across a wide variety of sources to report against agreed upon key performance indicators measuring the efficacy of these controls.
Works closely with IT operations and engineering teams to identify and remediate cyber-security issues and concerns.
The Principal Cybersecurity Engineer may provide technical supervision over other IS Engineers, technical leadership and direction, technical responsibility for completion of major projects, and serves as a technical authority for one or more related specialties.
Performs and reviews complex work involving analysis, planning, designing, implementation, maintenance, troubleshooting and enhancement of complex large systems or networks and the physical and logical components that integrate these systems together.
Serves as a lead technical architect and systems integrator for large complex systems and networks.
You are excited about this opportunity because you will :
- Document cyber-security standards, specifications, policies, processes, procedures, and industry recognized best practices for the design, implementation, testing, deployment, and maintenance of cyber-security controls that ensure the confidentiality, integrity, and availability of airport information, information systems, and operational technology.
- Establish and refine cyber security requirements for the development or enhancement of large complex systems and networks operating over dissimilar platforms and technologies.
- Design, implement and enhance the preventative, detective, and corrective cyber security controls that protect airport information, information systems, and operational technology.
- Plan, implement and maintain upgrades, updates, and fixes for enterprise systems and related cybersecurity components without adversely affecting the overall availability and reliability of said systems and networks.
- Manage and test cyber security configurations for Linux and Microsoft Windows operating systems, CrowdStrike, Palo Alto Networks firewalls, Amazon Web Services, Microsoft Azure and Entra ID in both production and non-production environments.
- Review cyber-security vulnerabilities, advisories, and alerts from a variety of sources; determines applicability to current and planned information systems and data, assesses potential impact to airport operations, and coordinates follow up activities based on the severity and exploitability of these vulnerabilities.
- Assist in the development of strategic plans to meet cyber-security and technology needs.
- Manage major projects to successfully meet schedule, budget, and scope.
- May review and recommend personnel actions in areas of performance, evaluation, training, selection and disciplinary measures.
- May include additional duties as assigned by the Airport's CIO and CISO.
Education : An associate degree in computer science, computer engineering, software engineering, or a closely related field from an accredited college or its equivalent.
Experience : Five (5) years of recent and verifiable experience analyzing, installing, configuring, enhancing, and / or maintaining cyber security controls across an enterprise network.
Desirable Qualifications :
- Four (4) years of verifiable cybersecurity experience working in an airport environment or similar experience within the DHS Transportation Systems Sector.
- Three (3) years of verifiable cybersecurity experience managing and maintaining satisfactory compliance against the PCI Data Security Standard.
- Two (2) years of verifiable cybersecurity experience managing Palo Alto Networks firewalls or similar next-generation devices.
- One or more of the following certifications : Certified Information Systems Security Professional (CISSP), Certification as Payment Card Industry Internal Security Assessor (ISA), or SANS Cybersecurity certifications.
- Ability to obtain National Security Clearance.
Selection Procedures : The selection process will include evaluation of applications in relation to minimum requirements.
Verification :
Applicants may be required to submit verification of qualifying education and experience at any point during the recruitment and selection process.
Transportation (TSA) Security Clearance : Candidates for employment with the San Francisco Airport Commission are required to undergo a criminal history record check.
Customs Clearance : This position requires that the incumbent be qualified for unescorted access to the San Francisco International Airport U.
S. Customs Security Area.
The City and County of San Francisco encourages women, minorities and persons with disabilities to apply.
J-18808-Ljbffr