What are the responsibilities and job description for the Cybersecurity Engineer - l position at Jacksonville Transportation Authority?
Brief Description
The Cybersecurity Engineer - I role is responsible for monitoring the computer and network security of the JTA. This is an operational role similar to that of an analyst in a Security Operations Center and requires monitoring, evaluating, acknowledging and dispositioning of alarms. Additional duties include ensuring the smooth operation of security products and software in order to provide maximum confidentiality, integrity, and availability of JTA data. Provides internal audit functions to the Technology & Innovation department. The position reports to the Chief Information Security Officer and receives guidance, mentorship and daily operational assignments from the Lead Cybersecurity Engineer. The role requires rotational on-call duties when assigned.
Essential Function(s)
Monitors alerts and alarms from various Cybersecurity tools used at the JTA.
Correlates alerts, alarms and actions them under the daily operational guidance of the Lead Cybersecurity Engineer.
Performs Internal and External Vulnerability Scans, works with Network and System & Network Engineers to remediate discovered vulnerabilities.
Ensures security measures, such as spam and virus protection, are deployed uniformly and appropriately across the enterprise.
Monitors for inappropriate use of the Internet by JTA employees.
Performs internal audit functions regarding infrastructure maintenance, software maintenance and system & user entitlement reviews (user accounts, permissions, password, etc).
Maintains the IT Risk Register, updating business impact, remediations and risk levels.
Assists senior Information Security team with the maintenance of the JTA Security Program.
Ensures that all IT equipment complies with all industry standards (for example, ISO27001, NIST, PCI-DSS).
Assists Technology & Innovation department with Disaster Recovery and Business Continuity planning efforts.
Assists Technology & Innovation department with Information Security Policy & Procedure development and maintenance.
Undertakes routine preventative measures to maintain and monitor network security, particularly if the network connects to the internet.
Implement security improvements by assessing current situation, evaluating trends, and anticipating requirements.
Determine security violations and inefficiencies by conducting periodic audits.
Works with the senior staff to respond to security incidents.
Minimum Qualifications
Associate's degree in related field and a minimum of 1 year experience in Cybersecurity as an analyst or related cybersecurity work experience.
Additional years of related work experience may be substituted for a degree.
Must have the CompTIA Security certification upon hiring, or obtain no more than 12 months after hire.
Preferred Qualifications
A Bachelor's Degree in a related field is preferred.
CISSP or related industry certification is also preferred.
Knowledge, Skills And Abilities
Demonstrated knowledge of security incident investigation, management and escalation.
Demonstrated knowledge of security technologies, network security, intrusion detection, and digital forensics.
Demonstrated hands-on work experience with leading cybersecurity tools such as SIEM (Logrhythm or similar), NDR (Darktrace or similar), EDR(Microsoft Defender or similar), Linux shell scripting experience, Email security (Cisco ESA or similar), Identity and Access Management (Entra ID or similar)
Demonstrated knowledge of related security products that include vulnerability scanners and event monitoring.
Work in a team-oriented, collaborative environment.
Excellent verbal and written communication skills. Strong customer service orientation.
Occasional off-hour assistance may be needed, and schedule flexibility for planned/unplanned work after production hours.
Work Environment/Physical Demands
The Cybersecurity Engineer works in an office environment where the noise level is generally quiet.
This role may be required to work nights, weekends, and/or holidays depending on the circumstance(s).
Physical Demands May Include
Sitting and/or standing for prolonged periods. Performing repetitive motion.
Acknowledgements
This position description in no way states or implies that these are the only duties to be performed. Employees are responsible for completing all mandatory training classes. Employees must also review and comply with all JTA/JTM policies, procedures, and directives. This document does not create an employment contract, implied or otherwise, other than an “at will” employment relationship. All employment offers are contingent upon pre-employment drug testing.
Positions marked as ‘Safety Sensitive’ will be subject to random testing for drug and alcohol use and if any testing is positive, the application for employment will be rejected, or if hired, employment may be terminated. Positions marked as “COOP Essential” may be required to work whenever the Continuity of Operations Plan is activated.
Driver’s License – The position description will specify whether a driver’s license is required and the acceptable class of license. Unless an exception under Florida law exists, a nonresident must obtain a Florida driver’s license within 30 days of hire. If a driver’s license has a corrective lens restriction, the employee must wear corrective lenses when operating any vehicle for work purposes. Suspended or revoked licenses, work permits, and certain restricted licenses are not acceptable.
The Jacksonville Transportation Authority is an Equal Opportunity/Affirmative Action Employer and does not tolerate discrimination or violence in the workplace. Employees who require a reasonable accommodation as defined by the Americans with Disabilities Act (ADA) must notify JTA in advance to allow sufficient time for JTA to provide the accommodation.
The Cybersecurity Engineer - I role is responsible for monitoring the computer and network security of the JTA. This is an operational role similar to that of an analyst in a Security Operations Center and requires monitoring, evaluating, acknowledging and dispositioning of alarms. Additional duties include ensuring the smooth operation of security products and software in order to provide maximum confidentiality, integrity, and availability of JTA data. Provides internal audit functions to the Technology & Innovation department. The position reports to the Chief Information Security Officer and receives guidance, mentorship and daily operational assignments from the Lead Cybersecurity Engineer. The role requires rotational on-call duties when assigned.
Essential Function(s)
Monitors alerts and alarms from various Cybersecurity tools used at the JTA.
Correlates alerts, alarms and actions them under the daily operational guidance of the Lead Cybersecurity Engineer.
Performs Internal and External Vulnerability Scans, works with Network and System & Network Engineers to remediate discovered vulnerabilities.
Ensures security measures, such as spam and virus protection, are deployed uniformly and appropriately across the enterprise.
Monitors for inappropriate use of the Internet by JTA employees.
Performs internal audit functions regarding infrastructure maintenance, software maintenance and system & user entitlement reviews (user accounts, permissions, password, etc).
Maintains the IT Risk Register, updating business impact, remediations and risk levels.
Assists senior Information Security team with the maintenance of the JTA Security Program.
Ensures that all IT equipment complies with all industry standards (for example, ISO27001, NIST, PCI-DSS).
Assists Technology & Innovation department with Disaster Recovery and Business Continuity planning efforts.
Assists Technology & Innovation department with Information Security Policy & Procedure development and maintenance.
Undertakes routine preventative measures to maintain and monitor network security, particularly if the network connects to the internet.
Implement security improvements by assessing current situation, evaluating trends, and anticipating requirements.
Determine security violations and inefficiencies by conducting periodic audits.
Works with the senior staff to respond to security incidents.
Minimum Qualifications
Associate's degree in related field and a minimum of 1 year experience in Cybersecurity as an analyst or related cybersecurity work experience.
Additional years of related work experience may be substituted for a degree.
Must have the CompTIA Security certification upon hiring, or obtain no more than 12 months after hire.
Preferred Qualifications
A Bachelor's Degree in a related field is preferred.
CISSP or related industry certification is also preferred.
Knowledge, Skills And Abilities
Demonstrated knowledge of security incident investigation, management and escalation.
Demonstrated knowledge of security technologies, network security, intrusion detection, and digital forensics.
Demonstrated hands-on work experience with leading cybersecurity tools such as SIEM (Logrhythm or similar), NDR (Darktrace or similar), EDR(Microsoft Defender or similar), Linux shell scripting experience, Email security (Cisco ESA or similar), Identity and Access Management (Entra ID or similar)
Demonstrated knowledge of related security products that include vulnerability scanners and event monitoring.
Work in a team-oriented, collaborative environment.
Excellent verbal and written communication skills. Strong customer service orientation.
Occasional off-hour assistance may be needed, and schedule flexibility for planned/unplanned work after production hours.
Work Environment/Physical Demands
The Cybersecurity Engineer works in an office environment where the noise level is generally quiet.
This role may be required to work nights, weekends, and/or holidays depending on the circumstance(s).
Physical Demands May Include
Sitting and/or standing for prolonged periods. Performing repetitive motion.
Acknowledgements
This position description in no way states or implies that these are the only duties to be performed. Employees are responsible for completing all mandatory training classes. Employees must also review and comply with all JTA/JTM policies, procedures, and directives. This document does not create an employment contract, implied or otherwise, other than an “at will” employment relationship. All employment offers are contingent upon pre-employment drug testing.
Positions marked as ‘Safety Sensitive’ will be subject to random testing for drug and alcohol use and if any testing is positive, the application for employment will be rejected, or if hired, employment may be terminated. Positions marked as “COOP Essential” may be required to work whenever the Continuity of Operations Plan is activated.
Driver’s License – The position description will specify whether a driver’s license is required and the acceptable class of license. Unless an exception under Florida law exists, a nonresident must obtain a Florida driver’s license within 30 days of hire. If a driver’s license has a corrective lens restriction, the employee must wear corrective lenses when operating any vehicle for work purposes. Suspended or revoked licenses, work permits, and certain restricted licenses are not acceptable.
The Jacksonville Transportation Authority is an Equal Opportunity/Affirmative Action Employer and does not tolerate discrimination or violence in the workplace. Employees who require a reasonable accommodation as defined by the Americans with Disabilities Act (ADA) must notify JTA in advance to allow sufficient time for JTA to provide the accommodation.