More jobs:
Assistant Director, Business Information Security Officer
Job in
Los Angeles, Los Angeles County, California, 90017, USA
Listed on 2026-07-07
Listing for:
MetroLINK
Full Time
position Listed on 2026-07-07
Job specializations:
-
IT/Tech
Cybersecurity, Information Security, IT Consultant
Job Description & How to Apply Below
Assistant Director (Various) Working/Posting
Title:
Assistant Director, Business Information Security Officer PURPOSE OF POSITION The Southern California Regional Rail Authority (SCRRA), operator of the METROLINK Commuter Rail System, is seeking a Assistant Director, Business Information Security Officer (BISO) who will understand the key assets and processes, define and evolve cybersecurity strategy, identify and evaluate risks and controls, and suggest incremental controls or risk mitigation strategies where necessary.
Additionally, the Assistant Director, BISO will ensure business compliance with Information Security Policies and Standards while continuously monitoring and reporting on risks and documented exceptions. The Assistant Director, BISO helps the business achieve their objectives while not compromising the security posture. The Assistant Director, BISO will work under the general direction of SCRRA’s Chief Technology Officer, and the position will collaborate with internal and external auditors to ensure compliance with SCRRA’s cyber security procedures and industry standards.
DISTINGUISHING CHARACTERISTICS This job description is not part of a job series. SUPERVISION EXERCISED AND RECEIVED Receive general oversight from executive level management. This position will have no direct reports. The duties listed below are intended to describe the general nature and level of work being performed and are not to be interpreted as an exhaustive list of responsibilities. Lead, develop, and implement SCRRA-wide or large-scale business unit information and operational technology security strategies, programs, plans, programs, policies, and procedures designed to protect the integrity and security of the SCRRA network, data resources, operations, and other information assets in accordance with SCRRA policies and industry standards.
Develop and maintain in-depth understanding of region/business unit processes, systems, technologies, data, customers, consumers, partners. Evaluate the overall technology portfolio for adherence to security policies and procedures for all SCRRA corporate and operational systems (e.g. positive train control (PTC)). Coordinate auditing and compliance and certification requirements. Leads cyber security training program for the agency, consumers, and partners as needed. Act as the key security resource for IT leadership and the IDTS Business Partners and other local personnel.
Partner with all Departments to achieve effective working relationships that can further the effectiveness of the Security program. Lead development of the Information Security Policies and Standards throughout the agency. Lead implementation of cyber security solutions required to meet business objectives. Review and audit technical implementations of physical security solutions required to meet business objectives. Lead information security operations in partnership with all departments.
Proactively identify noncompliance and areas of potential improvement, and issue corrective actions to department manager. Engage with clients and customers as needed to assist the business to achieve its objectives by representing our security program, supporting internal and external audits, assisting in customer communication of security incident, etc.). Participate in region/business unit related conferences, client facing engagement, industry forums to represent the Cyber Security program.
Provide regular and timely reporting on the status of cyber security throughout the agency. Provide escalation path for security issues, incidents and inquiries. Review work of the Security Incident Response and Crisis Management teams to ensure the effective driving of incidents to acceptable resolution; assist with investigations as needed. Provide Cyber Security Guidance for agency personnel. Drive remediation activities throughout the agency.
Work with the Compliance and Information Risk Management team to drive policy and regulatory compliance. Responsible for the PCI-DSS annual compliance submission requirement and develop monitoring program to ensure SCRRA is PCI compliant. The…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×