Cybersecurity Officer I (Data Security Privacy)

Washington Metropolitan Area Transit Authority-posted 6 months ago
Full-time • Entry Level
Alexandria, VA
Transit and Ground Passenger Transportation
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Washington Metropolitan Area Transit Authority (Metro) is building a state-of-the-art cybersecurity program to safeguard the critical transit infrastructure of our nation's capital. The Data Privacy & Security Officer I will support an emerging function centered on safeguarding Metro's sensitive information through the practical application of privacy, security, and data protection controls and principles. This role will report to the Data Security Officer and will help ensure that personal and sensitive data is classified, stored, and managed appropriately; assist in the identification and evaluation of data-related risks; and support compliance with internal security policies and external regulatory requirements. By collaborating with stakeholders across multiple departments and documenting key data protection processes, the Officer I will play a foundational role in strengthening Metro's security and privacy posture. The Officer I will contribute to a range of data security and protection initiatives, including supporting the privacy threshold analysis (PTA)/privacy impact assessment (PIAs) process, monitoring data security alerts for triage and escalation, and assisting with remediation and compliance tasks. This position is an excellent opportunity for a self-starter with a strong sense of initiative, excellent attention to detail, and the ability to work independently while collaborating across technical and business functions to define and improve new workflows. Familiarity with tools supporting data governance policies, data labeling, and risk is strongly preferred. The ideal candidate will bring a working knowledge of data privacy frameworks, emerging risk considerations, and cybersecurity practices with a focus on building scalable processes to support a best-in-class security program. As a member of the Data Security team, the Officer I will contribute to both routine data governance tasks and broader initiatives with the goal of protecting of Metro's critical data against evolving cyber threats.

  • Assist with the development of cybersecurity career enhancing workforce plans, strategies, and guidance.
  • Create training and education requirements to address changes to cybersecurity policy, emerging threats, certification requirements and industry best practices.
  • Create a strong culture of cybersecurity within the IT organization and drive behavioral changes for all business units within WMATA.
  • Ensure timely, mission-focused, and tailored cybersecurity training and developmental opportunities are provided to cybersecurity personnel.
  • Assist in the creation of governance standards based on NIST and other frameworks.
  • Assist with the development and maintenance of cybersecurity plans, strategy, and policy.
  • Ensure WMATA's cybersecurity program has a governance model based on best practice.
  • Assist with performance assessments of threats and vulnerabilities for systems and networks.
  • Measure effectiveness of defense-in-depth architecture against known vulnerabilities.
  • Ensure system and network threats and vulnerabilities are identified and remediated in a timely manner.
  • Assist with evaluating the performance of the IT security program and its individual components.
  • Track findings and reports of remediation progress.
  • Support policy compliance, governance and incident response programs.
  • Prepare audit reports that identify technical and procedural findings.
  • Coordinate external audit requirements.
  • Assist with compiling and reviewing budgets for the Cybersecurity program.
  • Work with other cybersecurity personnel to ensure effective budget planning.
  • Track contracting costs and needs, managing statement of work efforts.
  • Prepare governance and compliance management reports, key performance metrics, scorecards, and briefings.
  • Work with leadership to use continuous monitoring scoring and grading metrics.
  • Ensure the enterprise has cybersecurity scorecards that present a clear view of the health of the organization.
  • Provide support for the cybersecurity components of the governance, risk and compliance (GRC) tool.
  • Assist with the execution of a risk-based, repeatable/consistent system security strategy.
  • Evaluate and support the documentation, validation, assessment, and authorization processes necessary to assure that existing and new IT systems meet cybersecurity and risk requirements.
  • Provide support regarding privacy impact assessments of an application's security design.
  • Advise security managers on risk levels and security posture of managed systems.
  • Consult with customers to gather and evaluate functional requirements.
  • A Bachelor's degree from an accredited college or university.
  • With a technical degree, no prior experience as a cybersecurity engineer/analyst is required.
  • Without a technical degree, six (6) months to one (1) year of experience as a cybersecurity officer/engineer, information systems security officer, or specialized expertise in cyber policy, intelligence, analytics, budget, audit, metrics, or training is required.
  • A Bachelor's degree in Computer Science, Cybersecurity or related field.
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Data Privacy Officer Resume Examples
Data Privacy Officer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service