Your success is a train ride away!

As we move America’s workforce toward the future, Amtrak connects businesses and communities across the country. We employ more than 20,000 diverse, energetic professionals in a variety of career fields throughout the United States. The safety of our passengers, our employees, the public and our operating environment is our priority, and the success of our railroad is due to our employees.

 

Are you ready to join our team?

Our values of ‘Do the Right Thing, Excel Together and Put Customers First’ are at the heart of what matters most to us, and our Core Capabilities, ‘Building Trust, Accountability, Effective Communication, Customer Focus, and Proactive Safety & Security’ are what every employee needs to know and do to be most impactful at Amtrak. By living the Amtrak values, focusing on our capabilities, and actively embracing and fostering diverse ideas, backgrounds, and perspectives, together we will honor our past and make Amtrak a company of the future.

 

SUMMARY OF DUTIES:

The Sr. Principal IT Security Analyst sets direction for enterprise wide security projects, strategies, and policies. The Sr. Principal IT Security Analyst develops, executes, and manages data system and network security across the enterprise. This position develops and implements security policies and procedures, security breach procedures, escalation procedures, security auditing procedures.
The Sr. Principal IT Security Analyst also performs security architecture reviews, prepares and presents status reports, metrics, and analysis on security matters to develop security risk analysis scenarios and response procedures.

 

ESSENTIAL FUNCTIONS:

• Sets direction for enterprise wide security projects, strategies and policies.
• Provides subject matter expertise and wide-scale security-related problem resolution.
• Develops, executing, managing, and assessing IT security across the enterprise; including architectural reviews and managing responses to high-level security issues.
• Oversees, developing, maintaining, and publishing, enterprise wide security standards, procedures and guidelines.
• Ensures local security standards align with international and national standards.
• Conducts and overseeing business impact analysis to ensure resources are adequately protected with proper security measures.
• Provides risk assessments and security briefings that advise on critical issues that may affect client or enterprise wide security.
• Conducts and reporting on internal investigations of possible security violations.
• Consults with clients on the data classification of their resources.
• Interfaces with business and IT leaders, communicating security issues, and responding to requests for assistance and information.
• Provides security support for enterprise wide application and infrastructure related projects. Identifies enterprise wide areas of risk to existing security standards and processes.
• Leads and respond to security incidents and investigations and targeting reviews of suspect areas. Consults on teams to resolve issues that are uncovered by various internal and 3rd party monitoring tools.
• Leading and reviewing application security risk assessments for new or updated internal or third-party applications.
• Defining metrics used for management status and statistical reports; analyzing reports and making recommendations for improvements.
• Presents security results to upper management and business units.
• Works with third party vendors during problem resolutions.
• Interfaces with third party vendors to evaluate new security products or as part of a security assessment process. Maintain contact with vendors regarding security system updates and technical support of security products. Select enterprise wide security hardware and software systems.
• Oversee the development of security awareness and compliance training programs; providing communication and training as needed.
• Provide technical expertise on the usage and administration of security tools that control and monitor information security.
• Effectively perform all IT Controls as applicable

MINIMUM QUALIFICATIONS:

• Bachelor’s Degree in related technical/business areas with relevant work experience required in business systems, development and/or support functions in order to satisfy education and experience requirements
• May require knowledge of one processes/services. Business experience should include assignments in one or more business and technical processes.
• Demonstrated experience in combined IT and security work.
• Some experience with information security.
• Proven ability creating and implementing enterprise-wide IT security strategies.
• Proven strong relationship management skills including the ability to maintain positive, productive, and cost-effective relationships with outside vendors.
• Proven experience tracking IT security trends externally and tracking IT security developments internally.
• Proven experience managing large amounts of information, including monitoring security risks, conducting security audits, monitoring security exceptions, assessing new systems for security risks, and synthesizing information in actionable and publishable reports.
• Proven experience managing large teams and large projects, with the ability to meet deadlines and stay under budget.
• Proven experience developing and implementing training programs, preferably centered on IT security.
• Requires in-depth knowledge of security issues, techniques, and implications across all existing computer platforms.
• Proven experience with a systems analysis, application development, database design and administration, and information security.
• Proven ability to lead internal security investigations.

PREFERRED QUALIFICATIONS:

9+ year’s relevant experience or 13+ years of relevant work experience required in business systems, development and/or support functions in order to satisfy education and experience requirements Advanced degree in Cyber Security, Information Assurance, Computer Science, Information Systems or other related field. CISSP certification required Must have excellent verbal and written communication skills.

WORK ENVIRONMENT:

• Work from home position.
• May require travel up to 25% of the time 
• Requires on-call status

COMMUNICATIONS AND INTERPERSONAL SKILLS:
Must have excellent oral and written communication skills.

 

The salary/hourly range is $149,400-$193,644, Pay is based on several factors including but not limited to education, work experience, certifications, internal equity, etc. Depending on an employee’s assigned worksite or location, Amtrak may consider a geo-pay differential to be applied to the employee’s base salary. Amtrak may offer additional incentive and pay programs to recognize and reward our employees, including a short-term incentive bonus based upon factors such as individual and company performance that is commensurate with the level of the position and/or long-term incentive plan compensation. In addition to your salary, Amtrak offers a comprehensive benefit package that includes health, dental, and vision plans; health savings accounts; wellness programs; flexible spending accounts; 401K retirement plan with employer match; life insurance; short and long term disability insurance; paid time off; back-up care; adoption assistance; surrogacy assistance; reimbursement of education expenses; Public Service Loan Forgiveness eligibility; Railroad Retirement sickness and retirement benefits; and rail pass privileges. Learn more about our benefits offerings here.

Requisition ID:165085

Work Arrangement:02-Remote Optional Click here for more information about work arrangements at Amtrak. 
Relocation Offered:No 
Travel Requirements:Up to 25% 

You power our progress through your performance.
 

We want your work at Amtrak to be more than a job. We want your career at Amtrak to be a fulfilling experience where you find challenging work, rewarding opportunities, respect among colleagues, and attractive compensation. Amtrak maintains a culture that values high performance and recognizes individual employee contributions. 

Amtrak is committed to a safe workplace free of drugs and alcohol. All Amtrak positions requires a pre-employment background check that includes prior employment verification, a criminal history check and a pre-employment drug screen. 

Candidates who test positive for marijuana will be disqualified, regardless of any state or local statute, ordinance, regulation, or other law that legalizes or decriminalizes the use or possession of marijuana, whether for medical, recreational, or other use. Amtrak's pre-employment drug testing program is administered in accordance with DOT regulations and applicable law.  

In accordance with DOT regulations (49 CFR § 40.25), Amtrak is required to obtain prior drug and alcohol testing records for applicants/employees intending to perform safety-sensitive duties for covered Department of Transportation positions. If an applicant/employee refuses to provide written consent for Amtrak to obtain these records, the individual will not be permitted to perform safety-sensitive functions.

 

In accordance with federal law governing security checks of covered individuals for providers of public transportation (Title 6 U.S.C. §1143), Amtrak is required to screen applicants for any permanent or interim disqualifying criminal offenses. 

Note that any education requirement listed above may be deemed satisfied if you have an equivalent combination of education, training and experience.

Amtrak is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race/color, to include traits historically associated with race, including but not limited to, hair texture and hairstyles such as braids, locks and twists, religion, sex (including pregnancy, childbirth and related conditions, such as lactation), national origin/ethnicity, disability (intellectual, mental and physical), veteran status, marital status, ancestry, sexual orientation, gender identity and gender expression, genetic information, citizenship or any other personal characteristics protected by law..