Cyber Security Engineer

  • BART
  • Oakland, California
  • Apr 01, 2023
Full Time Engineering Information Technology and Communication Services

Job Description

Ride BART to a satisfying career that lets you both: 1) make a difference to Bay Area residents, and 2) enjoy excellent pay, benefits and employment stability. BART is looking for people who like to be challenged, work in a fast paced environment, and have a passion for connecting riders to work, school and other places they need to go. BART offers a competitive salary, comprehensive health benefits, paid time off, and the CalPERS retirement program.

Conditions of Employment

All San Francisco Bay Area Rapid Transit District (BART) employees are required to be fully vaccinated against COVID-19 as a condition of employment. You will be required to show proof of your completed COVID-19 vaccination prior to receiving a final offer, unless you receive a COVID-19 Vaccination reasonable accommodation due to a medical condition or a religious exemption due to an approved sincerely held religious belief that prohibits you from receiving a vaccine. BART will review requests for a reasonable accommodation or religious exemption on a case-by-case basis. Documentation may be required. For questions, please contact BART Human Resources, Leave Management at HRDP@bart.gov .

Department

Office of the CIO, Desktop and Network Services

Pay and Benefits

BART offers comprehensive compensation and benefits programs. Benefits include CalPERS pension; excellent medical (effective January 1, 2023 current employee cost $160.96 monthly for most plans), vision, and dental coverage; supplemental insurances; paid holidays and vacation; as well as two investment programs, one of which is entirely funded by BART. BART does not participate in Social Security. Complimentary BART passes for employee and qualifying dependents.

Pay Rate

Non-Represented Pay Band 7

Annual Salary: $113,621.00 (Minimum) - $172,136.00 (Maximum)

Note: The initial salary offer will be between $113,621.00/year - $159,559.47/year to commensurate with education and experience.

Posted Date

March 10, 2023

Closing Date

Open Until Filled

The first batch application review will begin on April 3, 2023.

Please note that any job announcement may be canceled at any time.

Reports To

Manager of Cyber Security

Days Off

Saturday and Sunday

Who May Apply

All current BART employees and qualified individuals who are not yet BART employees.

Current Assignment

This announcement will recruit one (1) position within the BART Office of the Chief Information Officer (OCIO). The BART Cybersecurity Division, within the OCIO, offers an exciting and challenging role administering some of the latest security tools in a highly virtualized environment. As a Regional Government office, BART is responsible for networks in 5 Bay Area Counties and the safety of our weekday riders. BART’s Cybersecurity Division has a wide variety of security responsibilities that include Business Networks, SCADA Networks, Police Networks, and Anti-Terrorism security measures. BART is looking for highly motivated, intelligent specialists that are excited to contribute, learn and grow in our organization. In the Cybersecurity Division, you’ll get hands on experience with the latest in Software Defined Networking, Virtualization, Hyperconvergance, Intrusion Detection/Prevention, Network Access Control, Vulnerability Scanning, Data Loss Prevention, Cloud Fencing, End Point Security, Forensics, Security Automation, and much more.

BART is looking for highly experienced security professionals that want to focus their careers on working with cutting edge security tools. An ideal candidate is a former or current enterprise network engineer with a deep understanding of routing, switching and firewalls. The Cybersecurity Division offers a collaborative environment with a major emphasis on ensuring that our Cybersecurity Engineers get the training, support and certifications they need to better combat the evolving threat landscape.

Essential Job Functions

1. Under general supervision develops and implements the design of a complex unified cyber security program.

2. Monitors and Tunes the District’s Unified Cyber Security Program.

3. Provides highly technical security expertise and support related to alarms and monitoring devices that participate in District Security Objectives (DSO’s); Oversees and resolves business and support issues related to RAILS.

4. Manages the various security projects including performing impact diagnostics on existing technology projects.

5. Evaluates business and technical security requirements; driving the selection, prototyping and implementation of applications and technical solutions; and effectively communicating inherent security risks to non-technical users and administrators

6. Implements and tunes algorithms used to monitor both machine and human behavior.

7. Develops and maintains inventory lists generated from advanced forensic investigation.

8. Coordinates and implements enterprise design and remediation solutions based on gathered statistics.

9. Collects automated progress metrics for all technology projects.

10. Coordinates with law enforcement to maintain District security.

11. Responsible for analyzing and testing attack and penetration of Internet infrastructure and Web-based applications utilizing manual and automated tools.

12. Performs other duties as assigned within the scope of the qualifications.

Minimum Qualifications

Minimum: A Bachelor’s Degree in Computer Science, Information Security or related field.

Experience: Three (3) years of (full-time equivalent) verifiable professional experience in an Information Security Operations and/or design role, which must have included Cyber Intelligence, Cyber Defense, Digital Surveillance, or related experience.

Substitution: Additional professional experience as outlined above may be substituted for the education on a year-for-year basis. A college degree and information security related certification (s) and detailed hands-on network experience developing enterprise cyber security programs is highly preferred.

Other Requirements: Professional Certification such as CISSP, CISM, GSEC, GIAC, CEH, CPT are strongly preferred.

Knowledge of:
  • Network security design.
  • Transportation and Rail-specific security concerns. (SCADA, CBTC).
  • Advanced Threat Protection and Sandboxing solutions.
  • Detection/Prevention Systems: Anomaly-based, signature-based, and host-based.
  • Cybersecurity Standards, Practices & Solutions.
  • Related federal, state and local laws, codes and regulations.
  • Information security tools such as Nessus, Kismet, Airsnort, NMAP, Ethereal, WebInspect, Nikto or similar.
  • Information Systems and Information Security which address organizational design, structure and administration practices, system development and maintenance procedures, system software and hardware controls, security and access controls, computer operations, environmental protection and detection, and backup and recovery procedures.
  • Information system architecture and security controls, such as firewall and border router configurations, operating systems configurations, wireless architectures, databases, specialized appliances and information security policies and procedures.
  • Modern 911 Dispatch Technology including PSAP 911, NG9-1-1, CLETS and related Relational Database Administration (DBA) in Oracle, SQL, or similar data systems.
  • Technical knowledge of Unix, Linux and Windows operating systems.
  • Technical knowledge of IDS/IPS, vulnerability assessment tools, remote access methodologies, log management tools, firewalls, cryptography and digital certificates.
  • Surveillance, Access Control and related Alarm Systems.
  • Methods and techniques of networking protocols and remote access.
  • Cyber security issues and impact, and can readily identify potential threats.
  • Unix shell prowess, scripting languages, regular expressions.
  • Programming languages such as Java, C, C++, C#, and .NET.
  • Industry Standards, eg, ISO 17799/27001, NIST Publications and other Industry Related Security Standards.

Skill in:
  • Performing manual techniques to exploit vulnerabilities in the OWASP top 10 including but not limited to cross-site Scripting, SQL injections, session hi-jacking and buffer overflows to obtain controlled access to target systems.
  • Performing network traffic forensic analysis, utilizing packet capturing software, to isolate malicious network behavior, inappropriate network use or identification of insecure network protocols.
  • TCP/IP Networking.
  • Managing interfaces between disparate alarm systems.
  • Monitoring Automatic Vehicle Location (AVL) equipment and statistics.
  • Analyzing and testing attack and penetration of Internet infrastructure and Web-based applications utilizing manual and automated tools.
  • Preparing clear and concise reports and documentation.
  • Executing troubleshooting tasks.
  • Application source code security review.
  • Communicating clearly and concisely, both orally and in writing.
  • Establishing and maintaining effective working relationships with those contacted in the course of work.
  • Creating training materials.
  • Training employees to maintain situational awareness.
  • Coordinating with District management, local law, enforcement and federal laws enforcement.


Selection Process

Applications will be screened to assure that minimum qualifications are met. Those applicants who meet minimum qualifications will then be referred to the hiring department for the completion of further selection processes.

The selection process for this position may include a skills/performance demonstration, a written examination, and a panel and/or individual interview.

The successful candidate must have an employment history demonstrating reliability and dependability; provide copies of certificates, diplomas or other documents as required by law, including those establishing his/her right to work in the U. S; pass a pre-employment medical examination which may include a drug and alcohol screen, and which is specific to the essential job functions and requirements. Pre-employment processing will also include a background check. (Does not apply to current full-time District employees unless specific job requires additional evaluations).

Application Process

External applicants may only apply online, at www.bart.gov/jobs. Applicants needing assistance with the online application process may receive additional information by calling (510) 464-6112.

Current employees are strongly encouraged to apply online, either at www.bart.gov/jobs, or on WebBART.

All applicants are asked to complete the application in full, indicating dates of employment, all positions held, hours worked, and a full description of duties. Online applicants are invited to electronically attach a resume to the application form to provide supplemental information, but should not consider the resume a substitute for the application form itself.

Applications must be complete by the closing date and time listed on the job announcement.

When you have successfully applied for this position you will receive an auto reply e-mail acknowledging that your application was received for this position. Please retain a copy of the e-mail for your records. If you receive an auto reply that does not specifically reference this position, please email Employment Help at employment@bart.gov for assistance.

To verify submission of your application, click on the 'My Career Tools' link at the top of the 'Careers Home Page' after submitting your application to view the list of applications you have submitted (including application date and status). If you have further questions, please email the Employment Help at employment@bart.gov , between the hours of 8:15am - 5:00pm, Monday- Friday.

Equal Employment Opportunity

The San Francisco Bay Area Rapid Transit District is an equal opportunity employer. Applicants shall not be discriminated against because of race, color, sex, sexual orientation, gender identity, gender expression, age (40 and above), religion, national origin (including language use restrictions), disability (mental and physical, including HIV and AIDS), ancestry, marital status, military status, veteran status, medical condition (cancer/genetic characteristics and information), or any protected category prohibited by local, state or federal laws.

The BART Human Resources Department will make reasonable efforts in the examination process to accommodate persons with disabilities or for religious reasons. Please advise the Human Resources Department of any special needs in advance of the examination by emailing at least 5 days before your examination date at employment@bart.gov .

Qualified veterans may be eligible to obtain additional veteran's credit in the selection process for this recruitment (effective Jan. 1, 2013). To obtain the credit, veterans must attach to the application a DD214 discharge document or proof of disability and complete/submit the Veteran's Preference Application no later than the closing date of the posting. For more information about this credit please go to the Veteran's Preference Policy and Application link at www.bart.gov/jobs.

Other Information

Please be prepared to present documentation in support of any required licenses, degrees, or certifications upon request.

Working Conditions

Environmental: Office environment; exposure to computer screens.

Physical Conditions: May require maintaining physical condition necessary for sitting for prolonged periods of time.

Job Address

Oakland, California United States View Map