Lead Cyber Watch Ops Analyst - 90397452 - null

Your success is a train ride away!

As we move America's workforce toward the future, Amtrak connects businesses and communities across the country. We employ more than 20,000 diverse, energetic professionals in a variety of career fields throughout the United States. The safety of our passengers, our employees, the public and our operating environment is our priority, and the success of our railroad is due to our employees.

Are you ready to join our team?

Our values of 'Do the Right Thing, Excel Together and Put Customers First' are at the heart of what matters most to us, and our Core Capabilities, 'Building Trust, Accountability, Effective Communication, Customer Focus, and Proactive Safety & Security' are what every employee needs to know and do to be most impactful at Amtrak. By living the Amtrak values, focusing on our capabilities, and actively embracing and fostering diverse ideas, backgrounds, and perspectives, together we will honor our past and make Amtrak a company of the future.

The Cyber Watch Operations Analyst is a key position responsible for supporting the day-to-day operations of our Cyber Threat Command Center. In this role, you will have a critical impact with key stakeholder engagement, cybersecurity incident management, incident response, and coordination. Your expertise in cyber incident response, cybersecurity incident handling, and cyber threat analysis will be instrumental in protecting our organization's systems, data, and reputation.

ESSENTIAL FUNCTIONS:

• Ability to work under pressure, prioritize tasks, and meet deadlines in a fast-paced environment.
• Ability to think critically and like threat actors.
• Strong analytical and problem-solving skills, with the ability to assess complex situations and make informed decisions.
• Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
• Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
• Ability to interpret the information collected by security tools.
• Knowledge of attack vectors, threat tactics, and attacker techniques.
• Preferred ability for effective communication and interpersonal skills, work well with others in an integrated team environment, and must be self-motivated.
• Preferred knowledge and familiarity with Operational Technology (OT), Industrial Controls Systems (ICS) or Supervisory Control and Data Acquisition (SCADA) systems but not required.

• Responsible for delivery of security solutions for activity-based assignments, executing and resolving problems within specified area.
• Monitor Cyber security anomalies, investigate, resolve and escalate Cyber Security
  events, incidents and problems* Search for potential vulnerability, exploit, or "0" Day based on the user behavior, Endpoint threat detection, Network behavior analytics, artificial engine alarms and managed security reports.
• Review Firewall, IDS/IPS logs, web content filtering logs, net flow device logs, antivirus logs
• Lead Cyber Security tools (SIEM, EDR, CASB etc.) administration.
• Lead Periodical check for company policy violation / Support the investigation on policy violation
• Lead Cyber security audits and inspecting security logs to uncover possible security violations.
• Generating, gathering, and tracking security metrics, developing scorecards for the metrics, and communicating the results Supports and participates in formal reporting related to Cyber Security Operations
• Monitor security events and develop Cyber security controls across the enterprise.
• Lead Security support efforts for application and infrastructure related projects.
• Lead application security risk assessments for new or updated internal or third-party applications.
• Conduct quality test activities and validates test completeness in preparation for go-live.
• Responding and resolving problems, security incidents and forensic investigations.
• Investigates, resolves and escalates problems. Monitors and analyzes metrics to ensure customer satisfaction and vendor performance.
• Lead vulnerability and risk analysis using commercial tools or custom scripts and
  documenting found gaps
  
  

MINIMUM QUALIFICATIONS:

• Bachelor's degree in computer science, Information Systems, or related field plus 6+ years relevant experience required or 9+ years of relevant work experience required to satisfy education and experience requirements
• Professional security-related certifications (e.g. Security+, Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), etc.).
• Must possess excellent customer service, strong communication and interpersonal skills, work well with others in an integrated team environment, and must be selfmotivated.
• Strong analytical skills.
• Experience with SIEM, EDR, CASB, IDS/IPS, AV, DLP UEBA, FW, etc. technologies.
• Experience performing vulnerability management assessments.
• Experience working in a Cyber Security Operations (or SOC) as an analyst.

PREFERRED QUALIFICATIONS:

• Master's degree in information technology, Cyber Security, or equivalent
• Experience with scripting languages.
• 8+ years' experience in cyber security specialization (compliance, information security program management, continuous monitoring, vulnerability assessment.

WORK ENVIRONMENT:

• Work is performed in a Remote Work Environment.
• May require travel up to 10% of the time.
• Requires on-call status* After hours, weekend and periodic shift work may be required.

COMMUNICATIONS AND INTERPERSONAL SKILLS:
Must have excellent oral and written communication skills.

The salary/hourly range is $103,700-$134,460, Pay is based on several factors including but not limited to education, work experience, certifications, internal equity, etc. Depending on an employee's assigned worksite or location, Amtrak may consider a geo-pay differential to be applied to the employee's base salary. Amtrak may offer additional incentive and pay programs to recognize and reward our employees, including a short-term incentive bonus based upon factors such as individual and company performance that is commensurate with the level of the position and/or long-term incentive plan compensation. In addition to your salary, Amtrak offers a comprehensive benefit package that includes health, dental, and vision plans; health savings accounts; wellness programs; flexible spending accounts; 401K retirement plan with employer match; life insurance; short and long term disability insurance; paid time off; back-up care; adoption assistance; surrogacy assistance; reimbursement of education expenses; Public Service Loan Forgiveness eligibility; Railroad Retirement sickness and retirement benefits; and rail pass privileges. Learn more about our benefits offerings here.

Requisition ID:165084

Work Arrangement:02-Remote OptionalClick here for more information about work arrangements at Amtrak.

Relocation Offered:No

Travel Requirements:Up to 25%

You power our progress through your performance.

We want your work at Amtrak to be more than a job. We want your career at Amtrak to be a fulfilling experience where you find challenging work, rewarding opportunities, respect among colleagues, and attractive compensation. Amtrak maintains a culture that values high performance and recognizes individual employee contributions.

Amtrak is committed to a safe workplace free of drugs and alcohol. All Amtrak positions requires a pre-employment background check that includes prior employment verification, a criminal history check and a pre-employment drug screen.

Candidates who test positive for marijuana will be disqualified, regardless of any state or local statute, ordinance, regulation, or other law that legalizes or decriminalizes the use or possession of marijuana, whether for medical, recreational, or other use. Amtrak's pre-employment drug testing program is administered in accordance with DOT regulations and applicable law.

In accordance with DOT regulations (49 CFR * 40.25), Amtrak is required to obtain prior drug and alcohol testing records for applicants/employees intending to perform safety-sensitive duties for covered Department of Transportation positions. If an applicant/employee refuses to provide written consent for Amtrak to obtain these records, the individual will not be permitted to perform safety-sensitive functions.

In accordance with federal law governing security checks of covered individuals for providers of public transportation (Title 6 U.S.C. *1143), Amtrak is required to screen applicants for any permanent or interim disqualifying criminal offenses.

Note that any education requirement listed above may be deemed satisfied if you have an equivalent combination of education, training and experience.

Amtrak is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race/color, to include traits historically associated with race, including but not limited to, hair texture and hairstyles such as braids, locks and twists, religion, sex (including pregnancy, childbirth and related conditions, such as lactation), national origin/ethnicity, disability (intellectual, mental and physical), veteran status, marital status, ancestry, sexual orientation, gender identity and gender expression, genetic information, citizenship or any other personal characteristics protected by law..