To establish, maintain, and improve the security of information technology assets owned by the Authority. Protects computer resources from malicious, accidental or unauthorized access from the public Internet. Identifies, drafts, implements and enforces information security policies and procedures that assure the security and integrity of information assets of the Authority. Provides central administration of Internet related corporate responsibilities by registering and maintaining domain names, Internet IP addresses, etc. Provides secure data communications with banks, police, consultants, vendors, and employees.
Essential Tasks of the Job
Performs security related tasks.
1. Manages and maintains Massport network enterprise perimeter security.
2. Defines and refines firewall policies to industry best practice and corporate guidelines.
3. Develops, implements and maintains network intrusion detection strategies.
4. Provides ongoing analysis of systems/network vulnerability to possible intrusions.
5. Works with outside consultants as appropriate for independent security risk and vulnerability assessments.
6. Monitors vendor and 3rd party security bulletins and takes appropriate actions.
7. Monitors security logs and produces security related reports.
8. Coordinate with company CSO to implement or investigate security initiatives and issues.
9. Assists in User community education of corporate security procedures and policies.
Performs system and network related tasks.
1. Provides strategic direction and operational planning of the computing and network environments.
2. Analyzes new and emerging products and technologies and makes recommendations to senior management.
3. Provides oversight, analysis and technical knowledge of computer networks and systems.
4. Oversees network software and hardware research initiatives.
5. Reviews information technology plans and proposals to validate design objectives.
6. Determines operational, technical, and support requirements for the installation, operation, and maintenance of data communications networks and networked systems.
7. Provides decision-making and problem solving for planning and design sessions, projects and operational activities.
8. Provides project management or system implementation services for network-related projects, including: writing Requests For Proposal; meeting with vendors; evaluating proposals; participation in vendor selection; project monitoring and reporting.
9. Monitors critical computing and network resources in conjunction with Systems and Network Administrators.
10. Repairs and/or evaluates issues with the responsible System or Network Administrator.
11. Manages assigned staff including: assigns work duties as appropriate; develops and implements work standards; performance management; train and/or provide for training of staff.
12. Provides IT forensics and system level evaluations for the Human Resources Department, Legal Department, and Internal Audit Department during discovery or misconduct investigations.
SECONDARY JOB TASKS:
Manages all Security Sensitive Information ("SSI") for the Department.
Will safeguard all SSI in accordance with 49 CFR Parts 15 and 1520 and supporting Massport policies and procedures.
Serves as the Departmental liaison to the Corporate Security and Legal Departments on the management of SSI.
Periodically monitors department documents to ensure implementation of policies regarding the marking, custody, creation, management and destruction of SSI.
Trains all Departmental staff on the procedures to manage SSI.
Manages the procurement of necessary containers for the storage of SSI material and manages the destruction and necessary record keeping for all SSI.
Represents the Department at all Massport meetings relating to the management of SSI.
Performs other duties as directed by the Director, Information Technology.
Job Requirements and Qualifications
EDUCATION: Bachelor's degree in Computer Science or Management Information Systems or equivalent professional experience required.
EXPERIENCE: 7 years related work experience in the design, implementation, maintenance and security of an enterprise class data network required. Requires a strong background in system or network administration. Work experience to have included management of other persons required.
1. Strong working knowledge of computer networking and Internet operations.
2. Extensive knowledge of computer systems, network principles, concepts, and methodologies.
3. Strong ability to apply learned concepts and/or theories as necessary to accomplish a broad range of activities.
4. Ability to pass a Massport controlled substance test, and background security check.
WORK SCHEDULE: Ability to work 37.5 hours per week and ability to meet fluctuating workload demands as necessary.