Pittsburgh Regional Transit is seeking an Information Security Specialist to lead and maintain Information Security technical and human-centered initiatives for Port Authority of Allegheny County d/b/a Pittsburgh Regional Transit (PRT). Maintains policies, procedures, standards and documentation to assess, monitor, report, escalate and remediate IT risk and compliance issues. Evaluates business objectives, derive technical requirements and develops secure, reliable, and efficient security solutions for the business. Provides oversight regarding audit, regulatory and risk assessment activities across all IT functional areas. Implements mitigation strategies and approaches based on both audit and assessment feedback and management participation.

Essential Functions

• Support Information Security and Incident Response activities for PRT. o Develop, lead, and assist in human-centered information security awareness, training, informational campaigns, and other activities focused on ensuring that internal customers are well-prepared for Information Security risks. o In support of secure authentication environment, process password reset requests and further the implementation of single sign-on and self-service authentication management. o Monitor and analyze alerts to identify security issues for remediation. o Support the implementation of critical security controls as they relate to PCI/HIPPA and risk assessments.

Job Requirements

• High school diploma or GED. • Bachelor's degree in information security or related field from an accredited college or university. Related experience plus certifications may be substituted for education on a year-for-year basis. • Knowledge of information security standards (e.g., PCI/DSS, ISO 17799/27002, etc.), along with rules and regulations related to information security and data confidentiality. • Ability to develop and execute: o Information Security training (both live and recorded), o policies and standards, o and network penetration testing (and evaluation). • Ability to evaluate vulnerability assessments, risk analysis, contract review, management of gap remediation and compliance testing. • Strong analytical and problem-solving skills are necessary. • Strong documentation and organizational skills • Excellent written and verbal communication and inter-personal skills • Demonstrated ability in the use of Microsoft 365 platform. • Valid PA driver’s license.

Preferred Attributes

• Ability to employ risk identification/analysis of desktop, server, application, database, and overall network security principles. • CISSP, GSEC, GIAC, or other security certifications are desired (training for these can be provided by Authority, if necessary).

Salary

71500-107300/Year    

Apply   Back