Cybersecurity Engineer Level 6
Job ID: 16458
Business Unit: MTA Headquarters
Location: New York, NY, United States
Regular/Temporary: Regular
Department: IT CISO
Date Posted: Jul 9, 2026
Description
JOB TITLE:
Cybersecurity Engineer Level 6
SALARY RANGE:
$128,041 - $174,177
DEPT/DIV:
Information Technology
SUPERVISOR:
CybSecOffMgr AccesMgmtIdentSec
LOCATION :
2 Broadway, New York, NY 10004
HOURS OF WORK:
9:00 am - 5:30 pm (7.5 hours/day) or as required
This position is eligible for telewor k ing, which is currently one day per week . New hires are eligible to apply 30 days after their effective date of hire.
Opening :
The Metropolitan Transportation Authority is North America's largest transportation network, serving a population of 15.3 million people across a 5,000-square-mile travel area surrounding New York City, Long Island, southeastern New York State, and Connecticut. The MTA network comprises the nation's largest bus fleet and more subway and commuter rail cars than all other U.S. transit systems combined. MTA strives to provide a safe and reliable commute, excellent customer service, and rewarding opportunities.
Job Summary :
The purpose of this position is to provide technical expertise in managing and analyzing cybersecurity risks. Cybersecurity Engineer will be responsible for designing, building, and maintaining infrastructure and application technology to support a secure cybersecurity posture. These include systems that support cybersecurity directly and/or the business operations for Information and Operational Technology disciplines. Secure building and configuration of systems (applications, infrastructure, wireless, carrier systems, cloud, operational technology, IOT, etc.) from the outset reduces risk to MTA. Specialized and focused skill sets in various technology domains assist with the overall risk reduction for the MTA. The configuration, hardening, guidance, response, and analysis of these systems aid in reduction and containment of Cyber Security risk. Risk assessments, data analytics tools, operational process reviews, and collaboration with security engineers, architects, developers, vendors, and business units are used to constantly improve the overall security of the MTA .
The position will have seven (7) levels (including an internship level) which will require a combination of progressive experience, accomplishments, responsibilities, and/or education and may perform all or some of the responsibilities listed below depending on level.
The responsibilities will include:
Researching emerging threats and vulnerabilities to aid in the identification of network incidents, and supporting the creation of new architecture, policies, standards, and guidance to address them
Knowledge and practical implementation of secure system configuration and hardening standards
Design, configure and integrate secure solutions in the technology domains assigned
Provide incident response support, including mitigating actions to contain activity and facilitating forensics analysis, system hardening, and recovery when necessary
Provides installation, system configuration, hardening, and optimization for infrastructure, application, and security components and systems such as servers, workstations, mobile devices, directory services, operating systems, middleware, IOT, web and next-generation firewalls, machine and human behavior learning tools, host-based security systems, security event and incident monitoring systems, virtual, physical, and cloud platforms.
Identifies configuration gaps independently and/or with vendors to reduce cybersecurity risks
Reviews alerts and data from sensors and documents formal, technical incident reports
Tests new systems and manages cybersecurity risks and remediation system testing, baseline, and best practices
Responds to computer security incidents according to the computer security incident response policy and procedures
Provides technical guidance to first responders for handling information security incidents
Provides timely and relevant updates to appropriate stakeholders and decision makers
Communicates investigation findings to relevant business units to help improve the information security posture
Validates and maintains incident response plans and processes to address potential threats
Compiles and analyzes data for management reporting and metrics
Monitors relevant information sources to stay up to date on current attacks and trends
Analyzes potential impact of new threats and communicates risks back to detection analyst, architect, technology SME, and management functions
Performs root-cause analysis to document findings, and participates in root-cause elimination activities as required
Uses judgment to form conclusions that may challenge conventional wisdom
Hypothesizes new threats and indicators of compromise
Monitors threat intelligence feeds to identify a range of threats, including indicators of compromise and advanced persistent threats (APTs)
Identifies the tactics, techniques, and procedures (TTPs) of potential threats through the MITRE ATT&CK or similar frameworks
Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the IT Security Manager, where appropriate.
The role will provide a proactive approach to cybersecurity while also performing investigations of security incidents related to MTA operations related to Cyber Security.
Responsibilities :
Serves as a technical resource for multiple components of the security architecture, risk analysis, and analytics to help define the problems and identify remediation strategies for them.
Troubleshoots and analyzes most problems within assigned area(s), providing cybersecurity correlation, expertise, and resolution that may be complicated by technology interdependency and challenging security issues
Participates in planning for the future technical architecture, providing insight into the future of their area of technology in order to continually improve effectiveness and efficiency.
Participates in or leads the development of roadmaps related to their area(s) of expertise to manage and meet identified technology needs.
Participates in the evaluation of new technologies relative to their domain(s) to determine applicability to and best meet the needs of MTA and constituent agencies.
Specifies the monitoring points to assess performance of technologies in their domain(s). Recommends the necessary actions to ensure optimal performance and reliability.
Develops disaster recovery and contingency plans for their domain(s) to provide users with minimal interruptions in service.
Provides technical leadership to project teams in their area of expertise to promote technical understanding and talent development and/or leads teams to complete projects when a project manager has not been assigned.
Contributes to the technical elements of RFPs and RFIs and negotiates with vendors on technical issues to ensure results are delivered in line with user and organization requirements.
Interacts with major providers at the technical expert level to address mission-critical issues, evaluates ongoing vendor service level, and enforces SLAs and penalties.
Performs other duties and tasks as assigned.
Observing the work performed by the contractor.
Reviewing invoices and approving them if the work meets contractual standards.
Addressing performance issues with the contractor when possible.
Escalating issues to other parties as needed.
Performs other duties as assigned
Complies with all policies and standards
May be required to work hours outside regular work hours, as applicable
Observes the work performed by contractors, as applicable
Reviews invoices and approves them if the work meets contractual standards, as applicable
Addresses performance issues with the contractor when possible, as applicable
Escalates issues to other parties when needed, as applicable
Qualifications :
Bachelor's Degree in Arts/Sciences (BA/BS) and minimum 8 years of relevant experience in a specific cybersecurity subdomain (Cloud, Applications, Infrastructure, Security Technology, etc.) is required.
Bachelor's Degree in Arts/Sciences (BA/BS) in Computer Science or related fields is preferred.
Licenses & Certifications:
Certified Information Security Professional (CISSP) Upon Hire Required or
Global Information Assurance Certification (GIAC) Upon Hire Required or
Certified Information Security Manager (CISM) Upon Hire Required or
Certified in Risk and Information Systems Control (CRISC) Upon Hire Required or
Certified Information Systems Auditor (CISA) Upon Hire Required or
O ther related certification(s) Upon Hire Required
Required Knowledge, Skills , and Abilities :
Verifiable implementation of security domain controls for enterprise technologies
Requires seasoned expertise in multiple technologies and strong understanding of the current and future technology architecture, including the interoperability of technologies.
Advanced ability to conduct and analyze a security risk assessment
Expert understanding of TCP/IP (OSI Layers 1- 4) and Internet and Intranet technologies (OSI Layers 5-7).
Some scripting or programming skills (PERL, Python, PowerShell, etc.) preferred as needed.
Competencies :
Core Competency
Proficiency Level
Competency Definition
Cultivates Innovation
Adept
Creating new and better ways for the organization to be successful
Customer Focus
Adept
Building strong customer relationships and delivering customer-centric solutions
Communicates Effectively
Expert
Developing and delivering multi-mode communications that convey a clear understanding of the unique needs of different audiences
Tech Savvy
Advanced
Anticipating and adopting innovations in business-building digital and technology applications
Technical Skills
Advanced
Specialized knowledge and expertise on tools, programs, domains, platforms, and products used for specific tasks
Values Diversity
Advanced
Recognizing the value that different perspectives and cultures bring to an organization
Collaborates
Advanced
Building partnerships and working collaboratively with others to meet shared objectives
Other Information :
Pursuant to the New York State Public Officers Law & the MTA Code of Ethics, all employees who hold a policymaking position must file an Annual Statement of Financial Disclosure (FDS) with the NYS Commission on Ethics and Lobbying in Government (the "Commission").
Equal Employment Opportunity :
MTA and its subsidiary and affiliated agencies are Equal Opportunity Employers, including with respect to veteran status and individuals with disabilities.
The MTA encourages qualified applicants from diverse backgrounds, experiences, and abilities, including military service members, to apply.