Principal Cyber Security Engineer

Marketing Statement

Ride BART to a satisfying career that lets you both:
1) make a difference to Bay Area residents, and
2) enjoy excellent pay, benefits, and employment stability. BART is looking for people who like to be challenged, work in a fast‑paced environment, and have a passion for connecting riders to work, school and other places they need to go. BART offers a competitive salary, comprehensive health benefits, paid time off, and the CalPERS retirement program.

Pay Rate Non Rep Pay Grade E08
Annual Salary Rate: $ annually (minimum) – $ annually (maximum)
The negotiable starting salary will be between $ annually – $ annually, commensurate with education and experience.

Reports To Manager of Cyber Security or designee

Current Assignment San Francisco Bay Area Rapid Transit (BART) is seeking to fill a Principal Cyber Security Engineer position in the Office of the Chief Information Officer (OCIO).

The Principal Cyber Security Engineer will be responsible for developing and implementing comprehensive security strategies for Operational Technology (OT) infrastructure, including Enterprise Systems, SCADA systems, and custom internal applications.

• Design and enforce security policies and protocols to protect OT infrastructure from cyber threats.
• Conduct risk assessments and vulnerability analyses on Enterprise Systems and SCADA environments.
• Collaborate with IT and OT teams to ensure seamless integration of security measures across all platforms.
• Monitor and respond to security incidents, ensuring rapid resolution and compliance with industry standards.
• Develop and deliver training programs to enhance security awareness among staff and stakeholders.
• Stay updated on emerging threats and technologies, providing recommendations for continuous improvement of security posture.

• Cyber Security
  
  Certifications:
  
  Relevant certifications such as CISSP, CISM, or CEH.
• Operational Technology
  
  Experience:
  
  Extensive knowledge of securing SCADA systems and Enterprise Networks.
• Custom Application Security:
  Proficiency in assessing and securing custom internal applications against potential vulnerabilities.
• Incident Response Expertise:
  Strong background in incident response planning and execution within OT environments.
• Regulatory Compliance Knowledge:
  Familiarity with industry regulations and standards relevant to cyber security in operational technology.

Applications will be screened to assure that minimum qualifications are met. Those applicants who meet minimum qualifications will then be referred to the hiring department for the completion of further selection processes.

The selection process for this position may include a skills/performance demonstration, a written examination, and a panel and/or individual interview.

The successful candidate must have an employment history demonstrating reliability and dependability; provide copies of certificates, diplomas or other documents as required by law, including those establishing his/her right to work in the U.S. Pre‑employment processing will also include a background check. (Does not apply to current full‑time District employees unless specific job requires additional evaluations).

External applicants may only apply online, t.gov/jobs. Applicants needing assistance with the online application process may receive additional information by calling .

Current employees must apply online t.gov/jobs.

All applicants are asked to complete the application in full, indicating dates of employment, all positions held, hours worked, and a full description of duties. Online applicants are invited to electronically attach a resume to the application form to provide supplemental information but should not consider the resume a substitute for the application form itself. Applications must be complete by the closing date and time listed on the job announcement.