10 days old

Sr Principal IT Security Analyst - 90165475 - Washington

Washington, DC 20004

Your success is a train ride away.

Amtrak connects businesses and communities across the country and we move Americas workforce toward the future. We employ more than 20,000 diverse, energetic professionals in a variety of career fields throughout the United States. The safety of our passengers, our employees, the public and our operating environment is our priority and the success of our railroad is the result of our employees.

Are you ready to join our team?

The Sr. Principal IT Security Analyst assists with setting direction for enterprise-wide security projects, strategies, and policies. The Sr. Principal IT Security Analyst develops, executes, and manages data system and network security across the enterprise. This position develops and implements security policies and procedures, security breach procedures, escalation procedures, security auditing procedures. The Sr. Principal IT Security Analyst also prepares and presents status reports, metrics, and analysis on security matters to develop security risk analysis scenarios and response procedures.

Aids with setting direction for enterprise wide security projects, strategies and policies.
Provides subject matter expertise and wide-scale security-related problem resolution.
Develops, executes, manages, and assess IT security across the enterprise; including architectural reviews and managing responses to high-level security issues.
Oversees, develops, maintains, and publishes, enterprise wide security standards, procedures and guidelines.
Conducts and oversees business impact analysis to ensure resources are adequately protected with proper security measures.
Provides risk assessments and security briefings that advise on critical issues that may affect client or enterprise wide security.
Conducts and reports on internal investigations of possible security violations.
Interfaces with business and IT leaders, communicates security issues, and responds to requests for assistance and information.
Provides security support for enterprise wide application and infrastructure related projects. Identifies enterprise-wide areas of risk to existing security standards and processes.
Leads and respond to security incidents and investigations and targeting reviews of suspect areas. Collaboratively consults to resolve issues that are uncovered by various internal and 3rd party monitoring tools.
Reviewing application security risk assessments for new or updated internal or third-party applications.
Defining metrics used for management status and statistical reports; analyzing reports and making recommendations for improvements.
Presents security results to upper management and business units.
Interfaces with third party vendors to evaluate new security products or as part of a security assessment process. Maintains contact with vendors as needed for incident response activities. Select enterprise-wide security hardware and software systems.
Provide technical expertise on the usage and administration of security tools that control and monitor information security.
Effectively perform all IT Controls as applicable

Must have excellent verbal and written communication skills

Bachelors Degree in related technical/business areas plus 9+ years relevant experience or 13+ years of relevant work experience required in business systems, development and/or support functions in order to satisfy education and experience requirements
7 to 10 years of relevant technical experience.
Demonstrated experience with Incident Handling / Incident Response
Demonstrated experience in combined Information Technology and Cybersecurity work.

Proven ability creating and implementing enterprise-wide IT security strategies.
Proven strong relationship management skills including the ability to maintain positive, productive, and cost-effective relationships with outside vendors.
Proven experience tracking IT security trends externally and tracking IT security developments internally.
Proven experience managing large amounts of information, including monitoring security risks, conducting security audits, monitoring security exceptions, assessing new systems for security risks, and synthesizing information in actionable and publishable reports.
Proven experience managing large teams and large projects, with the ability to meet deadlines and stay under budget.
Requires in-depth knowledge of security issues, techniques, and implications across all existing computer platforms.
Proven experience with a systems and application analysis, and information security.
Proven ability to lead internal security investigations.

11 years relevant experience
Advanced degree in Cybersecurity, Information Assurance, Computer Science, Information Systems or another related field.
(ISC)2 Certified Information Systems Security Professional (CISSP)


Must have excellent oral and written communication skills.

Requisition ID:53706
Posting Location(s):District of Columbia
Job Family/Function:Information Technology
Relocation Offered:No
Travel Requirements:Up to 25%

Amtrak employees power our progress through their performance.

We want your work at Amtrak to be more than a job we want it to be a fulfilling experience where you find challenging and rewarding opportunities, respect among colleagues, competitive pay, benefits that protect you and your family, and a high performance culture that recognizes and values your contributions and helps you reach your career goals.

We proudly support and encourage U.S. Veterans to apply for Amtrak job opportunities.

All positions require pre-employment background verification, medical review and pre-employment drug screen. Amtrak is committed to a safe and drug-free workplace and performs pre-employment substance abuse testing. All new hires are required to undergo a hair drug test which detects the presence of illegal drugs for months prior to testing.Marijuana,notwithstanding any statute, ordinance, regulation, or other law that legalizes or decriminalizes the use or possession ofmarijuana, whether for medical, recreational, or other use. Candidates who engage in the usage ofmarijuanawillnotbe qualified for hire.We appreciate your cooperation in keeping Amtrak safe and drug-free.

In accordance with DOT regulations (49 CFR section 40.25), Amtrak is required to obtain prior drug and alcohol testing records for applicants/employees intending to perform safety- sensitive duties for covered Department of Transportation positions. If an applicant/employee refuses to provide written consent for Amtrak to obtain these records, he/she will not permitted to perform safety-sensitive functions.

Note that any education requirement listed above may be deemed satisfied if you have an equivalent combination of education, training and experience.

Amtrak is an Affirmative Action/Equal Opportunity Employer and we welcome all to apply. We consider candidates regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, disability (including blindness), or veteran status.

POSTING NOTES: Information Technology|| Information Technology



  • Transportation
Posted: 2021-07-15 Expires: 2021-08-19

Amtrak, the national rail operator, connects America in safer, greener and healthier ways. With 21,000 route miles in 46 states, the District of Columbia and three Canadian provinces, Amtrak operates more than 300 trains each day — at speeds up to 150 mph — to more than 500 destinations. Amtrak is the operator of choice for state-supported corridor services in 17 states and for four commuter rail agencies.

Sponsored by:
ADP Logo

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Sr Principal IT Security Analyst - 90165475 - Washington

Washington, DC 20004

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast