Job description

Under the direction of the Director, Cybersecurity and Compliance, the Principal Cybersecurity Engineer is responsible for the overall security of information assets and technologies through the creation and support of preventative, detective, and corrective controls. Identifies, refines, and analyzes cyber-security data across a wide variety of sources to report against agreed upon key performance indicators measuring the efficacy of these controls. Works closely with IT operations and engineering teams to identify and remediate cyber-security issues and concerns. The Principal Cybersecurity Engineer may provide technical supervision over other IS Engineers, technical leadership and direction, technical responsibility for completion of major projects, and serves as a technical authority for one or more related specialties. Performs and reviews complex work involving analysis, planning, designing, implementation, maintenance, troubleshooting and enhancement of complex large systems or networks and the physical and logical components that integrate these systems together. Serves as a lead technical architect and systems integrator for large complex systems and networks. As a team member of SFO, you will embrace SFO’s core values and SFO’s Racial Equity Action Plan. You are excited about this opportunity because you will: • Document cyber-security standards, specifications, policies, processes, procedures, and industry recognized best practices for the design, implementation, testing, deployment, and maintenance of cyber-security controls that ensure the confidentiality, integrity, and availability of airport information, information systems, and operational technology. Ensure said documentation is aligned to and consistent with departmental directives, policies and regulations. Reviews said documentation prior to general distribution. • Establish and refine cyber security requirements for the development or enhancement of large complex systems and networks operating over dissimilar platforms and technologies that comprise the backbone of enterprise information and operational technology infrastructure. May involve harmonizing controls across different standards and frameworks including but not limited to the Payment Card Industry Data Security Standard, the National Institute of Standards and Technology Cyber Security Framework, and Department of Homeland Security Transportation Security Agency rules and regulations. • Design, implement and enhance the preventative, detective, and corrective cyber security controls that protect airport information, information systems, and operational technology. Provide problem determination, corrective measures and technical support for said controls to the programmers, business analysts, project managers, operations staff, technicians, administrators, end users and management team. Liaise and collaborate between different sections, divisions, departments and engineering peers to analyze, detect, identify, and resolve cyber-security and operational issues of high complexity and scope. • Plan, implement and maintain upgrades, updates, and fixes for enterprise systems and related cybersecurity components without adversely affecting the overall availability and reliability of said systems and networks. May be required to provide after-hours support for mission critical systems. Assist in the coordination and implementation of corrective measures while adhering to change control policies and practices. • Manage and test cyber security configurations for Linux and Microsoft Windows operating systems, CrowdStrike, Palo Alto Networks firewalls, Amazon Web Services, Microsoft Azure and Entra ID in both production and non-production environments. • Review cyber-security vulnerabilities, advisories, and alerts from a variety of sources; determines applicability to current and planned information systems and data, assesses potential impact to airport operations, and coordinates follow up activities based on the severity and exploitability of these vulnerabilities. Respond to cybersecurity incidents as directed. • Assist in the development of strategic plans to meet cyber-security and technology needs, May research and conduct feasibility studies for new hardware and software necessary to implement said plans. Make recommendations on these studies and provide cost and time allocation estimates for same. • Manage major projects to successfully meet schedule, budget, and scope. Work closely with vendors, contractors, technology stakeholders, and participate in technical committees and project delivery teams. May monitor, coordinate, and assist in developing technology budget. May direct and monitor technical support activities related to said activities. • May review and recommend personnel actions in areas of performance, evaluation, training, selection and disciplinary measures. Ensure that appropriate policies and procedures are followed by subordinates. May supervise, provide guidance for and participate in the work of subordinates. May supervise and coordinate the analysis, planning, installation, integration, maintenance, customization and enhancement of hardware and software for complex large systems or networks. • May include additional duties as assigned by the Airport's CIO and CISO. • Perform other functions outlined in the 1044 IS-Engineer Principal job classification

Requirements