The Orange County Transportation Authority (OCTA) is the county’s primary transportation agency. OCTA creates, funds and delivers efficient transportation for Orange County. We keep Orange County moving with extensive bus and paratransit service, Metrolink commuter rail service, the 91 Express Lanes Toll Road, motorist services and freeway, street and road improvement projects. OCTA began in in 1991 with the consolidation of seven separate transportation agencies. OCTA is dedicated to its organizational mission and core values. OCTA’s mission is to develop and deliver transportation solutions to enhance quality of life and keep Orange County moving. OCTA’s core values consist of integrity, teamwork, communication, customer focus, and can-do spirit.
Under general direction, leads and manages staff that is responsible for information security policy development and the maintenance and design of security policy education, training, and awareness activities. Defines, documents, and implements cybersecurity strategies, architectures, and procedures, and verifies that voice and data computing infrastructure is properly protected from internal and external threats. Aids teams during processes design to ensure a secure environment and compliance with applicable law. Coordinates, investigates and reports on cyber security incidents. Leads and manages various cybersecurity analysts.
This is an exempt position in Salary Grade U: Min $104,166.40– Mid $129,563.20– Max $154,960.00 per year. The starting salary will be within this range based on qualifications.
The application deadline for this position is Tuesday, March 6, 2018.
This list is intended to indicate the general nature and level of work performed by employees within this classification and is not designed to be interpreted as an exhaustive listing of all tasks required of employees assigned to this job.
•Leads, develops and implements strategies to balance security recommendations with business needs; defines solutions that balance both business and security requirements.
•Develop and manage cybersecurity budget and staff.
•Develop scopes of work and manage projects from conception through procurement and execution.
•Defines global security policies, standards, guidelines and procedures to ensure on-going maintenance of security.
•Conducts information security risk assessments and risk management services, providing security risk evaluation, mitigation, and solutions to projects and initiatives.
•Performs security audits of off-the-shelf and custom applications and infrastructure.
•Stays abreast of industry best practices in risk management techniques and integrates new methods and tools as appropriate.
•Monitors vendor and third party security reports/lists in assisting staff in proactively applying security patches.
•Provides in-depth support for information security incidents including internal violations, hacker attacks, and malware. Assists with the investigation of security breaches, policy violations, and other security incidents.
•Identifies methods to enhance existing security services. Researches, designs, schedules, and implements new security technologies into the current operating environment.
•Manages and conducts the agencies Cyber-security training program.
Any combination of education and experience equivalent to a bachelor’s degree in Computer Science, Mathematics or Business, with a minimum of approximately five years related computer security analysis experience in business and accounting environments; two of which are at the journey level in computer security analysis in business and accounting environments and three years of experience in management. Hands on experience with various network security services. A current and/or previously held security related certifications is required (e.g., CISM, CISSP, CISA, GSNA, GSAE).
•Security practices on current releases of Windows server, Windows desktop, Linux, and HP/UX server operating systems.
•Cloud and wireless security.
•Project Management fundamentals.
•Security issues affecting Industrial Control Systems.
•Remote access protocols.
•Security practices on current releases of VMware, ESX, and Citrix XenServer Hypervisors.
•Anti-virus tools, specifically Microsoft Forefront and Cisco FireAMP.
•Network Segmentation Processes and tools.
•Cisco switches and routers.
•Patch management tools, specifically Microsoft System Center Configuration Manager.
•Familiarity with Citrix VPX AccessGateway Server.
•Internet filtering tools, specifically Websense.
•HIPAA, and PCI security requirements.
•Intrusion detection/prevention systems.
•Innovate and bring new visionary ideas that add value to the agency.
•Lead team and obtain user involvement for projects.
•Define, analyze, and develop security solutions.
•Develop and prepare effective documentation covering system security, policies, and procedures.
•Work in a multi-disciplinary team.
•Develop and implement long range security management solutions.
•Adapt to technological advancements within the industry.
Working Conditions/Physical Activities:
(The physical demands described are representative of those that must be met by the employee to successfully perform the essential functions of this job. OCTA provides reasonable accommodation to enable individuals with disabilities to perform the essential functions.)
Positions in this class typically require:
•Work may be performed in a stressful, fast-paced office environment, depending upon assignment.
•Requires ability to understand verbal communication and to respond effectively.
•Positions in this class typically require: Reaching, Fingering, Grasping, Feeling, Talking, Hearing, Seeing, and Repetitive Motions in computer use.
Compensation and Benefits:
OCTA offers an attractive compensation and benefits package. The specific features of this package include: medical, dental and vision insurance; retirement; vacation and holiday pay; life insurance; deferred compensation plan; short-term and long-term disability plans; flexible spending accounts; educational reimbursement; ergonomic/wellness programs; flex-time schedule. Salary is dependent upon qualifications.
The above statements are intended to indicate the general nature and level of work performed by employees within this classification. They are not designed to contain or be interpreted as an exhaustive list of all duties, responsibilities, skills, and qualifications required of employees assigned to this job.
OCTA is an equal opportunity and affirmative action employer and ensures that all qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability or veteran status.