Turnpike Industrial Park Building, Eastern Regional Office, Western Regional Office
2850 Turnpike Industrial Drive, Flinthill Road, North Center Avenue
Middletown, King of Prussia, New Stanton
Building Zip Code:
17057, 19406, 15672
* This position may be located at one of the Pennsylvania Turnpike Commission's offices: Turnpike Industrial Park Building (Middletown), Eastern Regional Office (King of Prussia) or Western Regional Office (New Stanton).
This position may be eligible for partial telework and alternate work schedule programs. The Information Technology Department is currently operating in a remote and hybrid environment due to the pandemic. The Pennsylvania Turnpike Commission is assessing future programs in a post-pandemic environment.
The Pennsylvania Turnpike Commission, opened on October 1, 1940, is known as “America’s First Superhighway”! Our mission is to operate a safe, reliable, customer-valued toll road system that supports national mobility and commerce. The PTC operates a 552-mile system used by 192 million vehicles a year. Together, we are building the highway of the future.
Job Purpose and Summary
This position is responsible for managing the efforts of highly skilled technical staff responsible for securing the enterprise information systems, networks, communications, and other technologies that support the operations of the Pennsylvania Turnpike Commission (PTC). Work is performed with considerable independence and reviewed for attainment of program goals and overall performance. Supervision is exercised over internal and external professional staff responsible for securing PTC systems and data.
Essential Functions & Responsibilities
Manages lower-level staff involved in the administration and support of the organization’s network and application security. Provides technical supervision and guidance. Manage internal/external staff functions including delegation of work assignments and review of work product, staff performance evaluation, goal settings, and mentoring.
Manages the design and implementation of complex network security enhancements, systems, architecture, and platforms. Reviews existing and proposed enterprise security architecture. Identifies security design gaps and makes recommendations for changes or enhancements.
Reviews technology projects led by other groups to verify that they meet security standards and requirements. Identifies security design gaps and makes recommendations for changes or enhancements.
Coordinates with other IT units to perform regular vulnerability testing, risk analysis and IT security assessments periodically or as needed. Identifies and/or anticipates threats and/or weaknesses. Communicates current or emerging security threats to the Information Security Officer quickly and effectively. Manages security tabletop exercises as part of Continuity of Operations Planning (COOP).
Manages daily operational and infrastructure support of all security-related systems. Manages the design, deployment, and support of internet-facing systems and business partner communications solutions.
Manages daily operational and program support for all security threat analysis/prevention activities, the IT Security Third Party Risk Program, and IT Security code scanning requirements.
Conducts incident response analysis and provides post-event analysis. Monitors key performance indicators for incident and request resolution in ServiceNow. Assign tickets to staff as needed.
Manages cybersecurity awareness and training programs including, annual training requirements, regular phishing tests, cybersecurity monthly programs, and application of the discipline process outlined in the IT Security Awareness Training Standard.
Manages the design and implementation of IT program controls and implementation including asset identification, development of security templates, and the performance of device audits.
Acts as a first responder for security-oriented problems. Mobilizes teams to initiate corrective action when a security event is reported or detected. Acts as incident commander if the Director is not available.
Reviews and approves short/long-range strategic plans and the operational/capital budgets for the security and incident response environments.
Reviews and approves requests for proposals (RFPs) for security related services/systems. Evaluates proposals and makes recommendations. Oversees and monitors contract performance. Ensures specifications and statements of work (SOWs) are met to ensure the efficient and cost-effective delivery of services.
Maintains superior technical knowledge of the PTC’s security environment and tools including an in-depth understanding of future directions and technologies related to unit.
Coordinates with various departments and managers to ensure compliance with the PTC security and risk program is achieved and maintained.
Participates in meetings to provide guidance, subject matter expertise and recommendations. Researches and maintains a thorough understanding of the latest security standards, systems, products, practices and protocols.
Uses situational awareness to anticipate and prevent accidents.
Performs related duties as assigned.
Equivalent combination of education and/or experience may be accepted. Five (5) of the years of experience must be in a supervisory capacity.
The selected candidate will be offered an exceptional benefits package which includes comprehensive medical, dental, vision and prescription coverage, along with a benefit plan for retirement. In addition, leave programs, tuition reimbursement, employee assistance program, and alternative work schedules are available to employees.
Interested candidates may apply to the Cyber Security Manager posting by visiting careers.paturnpike.com by September 28, 2021.
The Pennsylvania Turnpike Commission is an equal opportunity employer. We value diversity and are committed to creating an inclusive environment for all employees. If you need assistance or an accommodation due to a disability, you may contact the Human Resources Department by calling 717-831-7378.
Bachelor’s degree in computer science, information systems or electronic engineering. Equivalent combination of education and/or experience may be accepted.
Possession of CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional), CCNP (Cisco Certified Network Professional), CCND (Cisco Certified Network Designer) or CCSP (Cisco Certified Security Professional) credentials are preferred. Possession of a valid driver’s license. Must obtain and maintain a valid Pennsylvania driver’s license within six (6) months of employment.
Eight (8) years of experience in information security engineering/architecture and cyber security incident response. Equivalent combination of education and/or experience may be accepted. Five (5) of the years of experience must be in a supervisory capacity.
The Pennsylvania Turnpike Commission (PTC) is a premiere transportation organization whose mission is to responsibly operate and manage a safe, reliable and efficient toll road system, serve as a transportation services leader and foster innovation to better serve our customers. Opened since October 1, 1940, the PTC operates a 552-mile system used by 194 million vehicles a year.