What is Hackers' Pub?

Deadly Dust: Explosions at Didion Milling

A CSB safety video on its investigation into the fatal combustible dust explosions and fires at the Didion Milling facility in Cambria, Wisconsin, that occur...

www.youtube.com · YouTube

Information Security Officer

Salary: Position Range: $92,589.00 - $128,166.00 Hiring Range: $104,449.000 - $122,236.000 Most applicants’ offers will fall within this hiring range based on qualifications, experience, and alignment with the role’s needs. FLSA Status: Exempt Join the team that keeps the Tri-Cities moving! OUR MISSION AND VALUES Ben Franklin Transit (BFT) provides exceptional and cost-effective transportation services that consistently exceed customer expectations while promoting the principles and practices of livable communities and sustainable development. We value customer service, collaboration, diversity, fiscal accountability, innovation, sustainability, and safety. Employees and representatives of BFT are expected to uphold our values and mission. NATURE OF POSITION The Information Security Officer (ISO) is responsible for leading the agency’s cybersecurity governance and risk management program. The ISO develops and maintains cybersecurity policies and standards, designs and delivers security awareness and role-based training, establishes security recordkeeping and evidence practices (including retention coordination), and drives incident readiness and continuous improvement. This role partners with IT, operations, maintenance, safety/security, records management, HR, and vendors to ensure cybersecurity controls are practical, auditable, and aligned with transit operational needs. ESSENTIAL DUTIES AND RESPONSIBILITIES Own and maintain the agency cybersecurity program charter, roadmap, and key performance indicators. Maintain a cybersecurity risk register; facilitate risk acceptance decisions with leadership and system owners. Chair or coordinate a cross-functional cybersecurity steering group (IT, operations, maintenance, safety/security, records, HR, procurement). Ensure cybersecurity requirements are integrated into projects, change management, and system lifecycle activities. Develop and maintain cybersecurity policies, standards, and procedures with a defined review cadence and exception process. Establish minimum security standards for identity, access, endpoints, logging, backups, remote access, and vendor connectivity. Produce and maintain plain-language guidance that staff can follow (one-page standards, job aids, checklists). Design and manage annual security awareness training and new-hire cybersecurity onboarding. Deliver role-based training for high-risk roles (e.g., finance, HR, dispatch supervisors, IT administrators, maintenance leads). Coordinate phishing simulations and targeted coaching/remediation (where used). Measure training effectiveness and report completion and risk trends to leadership. Partner with the Records Officer to align cybersecurity records (policies, acknowledgements, training records, incidents, and logs) with applicable Washington State retention requirements and agency records policies. Define and maintain a security evidence framework: what records are required, where they live, and how they are produced for audits/public records requests. Support legal holds and preservation requirements related to incidents, investigations, and litigation. Leverage security and compliance capabilities available in the agency’s Microsoft 365 Government G5 environment (e.g., Microsoft Defender, Microsoft Entra ID, and Microsoft Purview) to improve prevention, detection, and data governance. Coordinate configuration standards and monitoring for email and collaboration security, identity protection (MFA/conditional access), data protection (sensitivity labels/DLP), and retention/eDiscovery/audit capabilities as licensed. Develop operational runbooks and reporting dashboards so controls remain effective and measurable over time. Maintain and test the Cybersecurity Incident Response Plan, including playbooks for ransomware, business email compromise, and vendor compromise. Coordinate tabletop exercises with IT and operational stakeholders; track corrective actions through closure. Serve as a lead technical/program liaison during cybersecurity incidents (internal coordination and vendor coordination). Establish cybersecurity requirements for vendors and contracts (secure remote access, MFA, incident notification, logging, and data handling). Perform risk reviews for critical vendors and systems; validate that compensating controls are documented when needed. Coordinate vendor access lifecycle management (onboarding, periodic review, termination). Other duties as assigned. KNOWLEDGE, SKILLS & ABILITIES Knowledge of modern threat landscape (phishing, ransomware, credential theft, supply-chain compromise) and practical mitigations. Ability to develop clear policies, standards, and training content and to maintain document and evidence control. Ability to assess risk, prioritize work, and communicate risk to non-technical stakeholders. Understanding of identity and access management, endpoint protection, vulnerability management, logging, backups, and incident response. Ability to work effectively with operations and maintenance staff to design controls that do not disrupt service delivery. Strong written and verbal communication skills, including the ability to facilitate cross-functional discussions and influence outcomes without formal authority. MINIMUM QUALIFICATIONS Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Information Systems, or a related field; or an equivalent combination of education and experience. Five (5) years of progressively responsible experience in cybersecurity, information security, IT risk management, or a related field. PREFERED QUALIFICATIONS Security certifications such as CISSP, CISM, CRISC, Security+, GIAC, or equivalent Experience in public sector, critical infrastructure, transportation, or a 24/7 operational environment. Working knowledge of NIST Cybersecurity Framework (CSF), NIST SP 800-53/800-171 concepts, or comparable control frameworks; ability to map controls to agency policy and evidence. Experience with Microsoft Defender, Microsoft Purview, Microsoft Entra ID (identity governance/conditional access), and security reporting/monitoring practices. Experience partnering with records management on retention, eDiscovery, and public records response readiness. PHYSICAL REQUIREMENTS Generally sedentary in nature; occasionally stand and walk; intermittently kneel, stoop, bend and twist at the waist, and reach overhead; sit for long periods of time. Rarely kneel, crouch, or crawl. Occasionally lift, push/pull, or carry up to 40 pounds. Good vision to read print and computer screen. Hear and speak to communicate in person, before groups, and over the telephone. Manual dexterity of hands and fingers to include repetitive keyboarding, grasping and reaching to operate a computer keyboard, mouse and/or standard office equipment. WORKING CONDITIONS Work is primarily performed in an office environment where noise, distractions, and lack of privacy may be present. Position participates in after-hours incident response as needed and may be on-call during cybersecurity events. Operate a motor vehicle. Remote option dependent on location. If you want to give back to the community, consider hopping onboard the team that's going places! Equal Employment Opportunity (EEO) Policy Ben Franklin Transit (BFT) is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. It is BFT’s policy to employ, train, promote, compensate, and provide conditions of employment without regard to a person’s race, color, sex, disability, religion, national origin, age, veteran’s status, citizenship, or any other status protected by applicable law. Drug-Free Workplace Policy Ben Franklin Transit (BFT) is a drug-free workplace. The purpose of this policy is to ensure worker fitness for duty and to protect our employees, passengers, and the public from the risks posed by the use of alcohol and prohibited drugs. Participation in BFT’s zero tolerance drug-free workplace policy is a condition of employment. Ben Franklin Transit (BFT) provides exceptional and cost-effective transportation services that consistently exceed customer expectations while promoting the principles and practices of livable communities and sustainable development. We value customer service, collaboration, diversity, fiscal accountability, innovation, sustainability and safety. Employees and representatives of BFT are expected to uphold our values and mission. We offer a competitive salary and comprehensive benefits package including medical, dental, vision, long term disability, and life insurance. For more information please click here and scroll down to the benefits section.

bft.wd501.myworkdayjobs.com

Dark Blue Weekly published

darkblueraven.com

More Than 800 Google Workers Urge Company to Cancel Any Contracts With ICE and CBP

The campaign is among the largest anti-ICE protests by workers at a single company since federal agents shot and killed two people in Minneapolis last month.

www.wired.com · WIRED

More Than 800 Google Workers Urge Company to Cancel Any Contracts With ICE and CBP

The campaign is among the largest anti-ICE protests by workers at a single company since federal agents shot and killed two people in Minneapolis last month.

www.wired.com · WIRED

総選挙最終盤！たむともストリート対話 in名古屋

「2/8の投開票日まで頑張りぬきたい、最後まで対話をしたい」と田村智子。たむともストリート対話の第4弾を、名古屋で行いました！「高市さんの笑顔が素敵」「選挙興味ない」「移民をなんとかして」「高市さん遅くまでがんばってる」そんな声に、たむともの答えは？◆チャンネル登録https://www.youtube.com/...

www.youtube.com · YouTube