Job Description

Principal Dt Security Engineer - Washington

Your success is a train ride away! As we move America's workforce toward the future, Amtrak connects businesses and communities across the country. We employ more than 20,000 diverse, energetic professionals in a variety of career fields throughout the United States. The safety of our passengers, our employees, the public and our operating environment is our priority, and the success of our railroad is due to our employees.

Are you ready to join our team? Our values of 'Do the Right Thing, Excel Together and Put Customers First' are at the heart of what matters most to us, and our core capabilities, 'Building Trust, Accountability, Effective Communication, Customer Focus, and Proactive Safety & Security' are what every employee needs to know and do to be most impactful at Amtrak. By living the Amtrak values, focusing on our capabilities, and actively embracing and fostering diverse ideas, backgrounds, and perspectives, together we will honor our past and make Amtrak a company of the future.

Summary of duties: The principal IT security engineer performs a broad range of complex technical and professional work functions to protect IT systems, network and data across the enterprise. The role is technical and requires an in-depth understanding of information security technologies and functions. The role also requires an understanding of business goals/strategy and operational requirements in a fast-paced environment. The principal IT security engineer leads the technical management of internal security systems or tools and implements automation to deliver security principles.

Essential functions:

• Supports the service owner and may serve as a service offering lead in the delivery of security technologies.
• Leads the evaluation and recommendation of hardware and software systems that provide security functions.
• Leads security assessments of technology systems and recommends system changes to ensure adherence to standards, policy, guidelines, strategies, and security best business practices.
• Generating, gathering, and tracking security metrics, developing scorecards for the metrics, and communicating the results to technology leadership.
• Participates in planning sessions related to projects or new technologies to implement process improvement within the functional area. Documents discussions and agreements. Facilitates gate review, change advisory boards and IT operational meetings.
• Works to consistently learn and share advanced skills and practices that promote team excellence.
• Builds relationships with developers, stakeholders, security champions, and scrum masters to incorporate security principles into engineering design and deployments.
• Draft and uphold CI/CD security strategy and practices in tandem with other technical team leads.
• Support the ability to 'shift left' and incorporate security early on and throughout the development lifecycle.
• Leads quality test activities and validates test completeness in preparation for go-live.
• Provides subject matter expertise to resolve problems, security incidents and conduct forensic investigations.
• Understands the TCP/IP stack with prior hands-on expertise securing diverse LAN, WAN, VPN, and wireless environments for large organizations.
• Ability to work nights, weekends and holidays as needed to support planned and unplanned network maintenance and troubleshooting events.

Minimum qualifications:

• Bachelor's degree in computer science, Information Systems, Cybersecurity, Engineering or related field.
• Professional security-related certifications (e.g. Security+, Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), CISCO, SANS certifications, etc.).
• Must possess excellent customer service, strong communication and interpersonal skills, work well with others in an integrated team environment, and must be self-motivated.
• Proficient in securing Windows and *nix operating systems, endpoint applications, networking protocols and devices.
• Understanding of OWASP, CVSS, the MITRE ATT&CK framework and the secure software development lifecycle (SLDC).

Preferred qualifications:

• Master's degree in information technology, Cybersecurity, or equivalent. 7+ years of relevant experience, 11+ years of relevant work experience required to satisfy education and experience requirements.
• Experience in cybersecurity specialization (compliance, information security program management, continuous monitoring, vulnerability assessment).
• Preferably some experience with operations and security across Amazon Web Services (AWS) and Microsoft Azure.
• Experience working with the Microsoft Security Stack.
• Knowledge of Payment Card Industry (PCI), Health Information Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), National Institute of Standards (NIST), Center for Internet Security (CIS) or International Standards Organization (ISO) requirements.

Work environment:

• Work is performed onsite in an office environment.

Communications and interpersonal skills:

• Must have excellent oral and written communication skills.

Job Tags

Similar Jobs