"Alerted.org

Job Title, Industry, Employer
City & State or Zip Code
20 mi
  • 0 mi
  • 5 mi
  • 10 mi
  • 20 mi
  • 50 mi
  • 100 mi
Advanced Search

Advanced Search

Cancel
Remove
+ Add search criteria
City & State or Zip Code
20 mi
  • 0 mi
  • 5 mi
  • 10 mi
  • 20 mi
  • 50 mi
  • 100 mi
Related to

  • Manager of Cybersecurity Operations Center

    Port Authority of New York and New Jersey (Jersey City, NJ)



    Apply Now

    Description

    The Cybersecurity Operations Center Manager is responsible for overseeing the day-to-day operations of the Cybersecurity Operations Center, (CSOC), managing vendor performance, and ensuring compliance with agency cybersecurity policies and contractual obligations.

     

    This role involves developing and executing continuous monitoring programs, leading incident response efforts, and optimizing security operations through automation and improved processes. The CSOC Manager will also ensure the effective integration of security monitoring tools and provide regular cybersecurity metrics and reporting to senior leadership.

    Position within the Organization:

    Reporting to the Chief Information Security Officer (CISO), the CSOC Manager will lead the CSOC team, collaborate with internal stakeholders and external vendors, and ensure the organization’s cybersecurity operations are aligned with best practices, regulatory requirements, and the overall security strategy.

    Responsibilities

    Contract Management and Vendor Supervision:

    + Provide contract management and supervision for the operations of the 24 x 7 Cyber Security Operations Center (CSOC) to ensure compliance with agency expectations.

    + Ensure that the staffing contractor adheres to the scope of work, delivering services on schedule and within budget.

    Policy and Procedure Management:

    + Maintain the currency of policies, procedures, standards, playbooks used to deliver services necessary for continuous monitoring of the organization's information and operating technology systems.

    + Focus on protectingthe confidentiality, integrity, and availability of information systems.

    Continuous Monitoring Program Development:

    + Oversee third-party Cybersecurity Operations Center (CSOC) vendor performance to ensure SLAs and KPIs are met

    + Develop and execute the continuous monitoring program, aligning with the NIST Cybersecurity Framework.

    1. Incident Response Capability:

    2. Establish, maintain, and exercise an enterprise-wide 24x7 incident response capability.

    3. Develop incident response policies, procedures, and services to investigate and contain cyber incidents impacting business information and industrial control systems.

    4. Ensure incident response capability aligns with the NIST Cybersecurity RiskFramework.

    5. Cyber Risk Assessment Guidance:

    6. Provide guidance to line department staff performing cyber risk assessments, including threat workshops, threat scenarios, and risk scenarios.

    7. Forensic Investigations:

    8. Serve as the principal forensic technical investigator for cyber incidents.

    9. Solution Design and Implementation:

    10. Design and implement solutions for monitoring and responding to cyber threats and incidents.

    11. Collaboration with OIG and PAPD:

    12. Establish operational relationships with the Office of the Inspector General (OIG) for investigating cyber incidents.

    13. Establish operational relationships with PAPD for investigatingcyber crimethat occurs outside of the area of responsibility of the OIG.

    Additional Responsibilities:

    Vendor and Performance Management:

    + Manage vendor relationships to ensure services align with agency requirements and industry best practices.

    + Conduct reviews, audits, and identify areas for improvement while ensuring compliance with contractual obligations.

    Cybersecurity Threat Intelligence Management:

    + Develop and manage threat intelligence programs, integrating external threat intelligence sources and internal findings.

    + Collaborate with government agencies, industry groups, and private-sector organizations to stay informed about emerging threats and vulnerabilities.

    + Ensure effective sharing and dissemination of relevant threat intelligence within the organization.

    Security Operations and Automation:

    + Continuously evaluate and improve security operations, leveraging automation tools to enhance threat detection, incident response, and operational efficiency.

    + Identify opportunities for process optimization through automation and advanced analytics.

    Security Monitoring, Incident Detection & Threat Hunting:

    + Ensure proper integration of security monitoring tools (SIEM, IDS/IPS, Endpoint Detection and Response, etc.) to identify threats and vulnerabilities across the environment.

    + Monitor, review, and validate cyber alerts to assess the level of risk, ensuring timely detection and escalation.

    + Proactively look for emerging threats throughout the environment.

    Cybersecurity Metrics and Reporting:

    + Develop and implement reporting frameworks to track key cybersecurity metrics (incident response times, threats detected, vulnerabilities, etc.).

     

    Provide regular reports to senior leadership on the status of cybersecurity operations, incidents, trends, and effectiveness of strategies.

    Team Leadership and Development:

    + Lead and mentor internal cybersecurity staff, ensuring high levels of skill development, training, and career progression.

    + Work with HR to recruit, hire, and retain skilled cybersecurity personnel as needed.

    + Foster a culture of cybersecurity awareness, collaboration, and continuous improvement.

    Compliance and Regulatory Management:

    + Ensure cybersecurity operations comply with relevant regulations (e.g., NIST, GDPR, HIPAA, PCI, FISMA).

    + Participate in periodic audits and assessments to verify the organization’s cybersecurity posture aligns with regulatory requirements.

    + Support external audits and assessments of the organization’s cybersecurity posture.

    Business Continuity and Disaster Recovery:

    + Collaborate with IT and business continuity teams to ensure incident response plans are integrated with disaster recovery and business continuity planning.

    + Participate in tabletop exercises and simulations to test the readiness of the incident response team and improve procedures.

    Risk Management and Vulnerability Management:

    + Support proactive vulnerability management, ensuring vulnerabilities are assessed, prioritized, and remediated in a timely manner.

    + Assist in risk assessments to evaluate and prioritize cybersecurity risks across the agency.

    + Provide guidance on implementing risk mitigation strategies to reduce overall cybersecurity risk.

    Change Management and Security Architecture:

    + Work with IT teams to ensure changes to the network and systems are reviewed for potential cybersecurity impacts.

    + Advise on security requirements and contribute to the design of secure system architectures and solutions.

    Collaboration and Incident Coordination:

    + Serve as the Incident Commander for cybersecurity incidents, coordinating with departments and external partners (e.g., law enforcement, government agencies).

    + Coordinate and lead cross-functional teams during cyber incidents, ensuring proper communication, containment, remediation, and reporting.

    Stay abreast of emerging and evolving cybersecurity threats

    + Actively seek out new information on emerging cyber threats

    + Maintain a level of awareness of cyber threatsin order toproactively anticipate and prevent them by staying ahead of the curve.

    + Use threat intelligence sources, briefings, industry forums and other information sources to stay informed.

    Minimum Qualifications:

    + A minimum of 10 years of experience in managing a Cybersecurity Operations Center (CSOC) or a security operations team.

    + Strong knowledge of the NIST Cybersecurity Framework, incident response, threat hunting, and risk management practices.

    + Familiarity with SIEM platforms, IDS/IPS, endpoint protection, and other cybersecurity monitoring tools.

    + Strong knowledge of the FEMA Incident Command System (ICS) and the ability to lead an ICS based incident response.

    + Experience in vendor management, contract negotiation, and performance monitoring.

    + Strong leadership and interpersonal skills, with the ability to lead and motivate teams effectively.

    + Excellent communication and presentation skills, with the ability to communicate complex security topics to non-technical stakeholders.

    Desired Qualifications

    + Certifications in the Incident Command System (ICS) are highly desirable.

    + Professional certifications such asCISSP,CISM,CISA, or similar certifications are highly desirable.

    + Experience with incident response tools, forensic investigation techniques, and malware analysis.

     

    Selection Process

     

    The application process varies by position, but typically includes an initial phone interview for qualified candidates, followed by a more in-depth interview(s) and/or assessment(s). Selected candidates who are made a conditional job offer will be asked to undergo a background check.

     

    Compensation & Benefits

     

    The Port Authority of New York and New Jersey offers a competitive benefits package, hybrid work options for many positions, and a professional environment that supports development and recognizes achievement.

     

    Click here (https://www.jointheportauthority.com/pages/working-here) for more information about benefits, our culture, and career development opportunities.

    REQNUMBER: 63584



    Apply Now



Recent Searches

[X] Clear History

Recent Jobs

  • Manager of Cybersecurity Operations Center
    Port Authority of New York and New Jersey (Jersey City, NJ)
  • City Custodial Assistant
    City of New York (New York, NY)
  • Senior Quality Engineer
    Hilton (Addison, TX)
  • Sr Principal Engineer Systems - Sys Engr-Interface Engineer (25-511)
    Northrop Grumman (Colorado Springs, CO)
[X] Clear History

Account Login

Cancel
 
Forgot your password?

Not a member? Sign up

Sign Up

Cancel
 

Already have an account? Log in
Forgot your password?

Forgot your password?

Cancel
 
Enter the email associated with your account.

Already have an account? Sign in
Not a member? Sign up

© 2025 Alerted.org