The Transportation Security Administration (TSA) and the Department of Homeland Security are making efforts to increase the cybersecurity resilience of U.S. critical infrastructure and following extensive collaboration with aviation partners. Their amendment to the aviation security programs extends similar performance-based requirements that currently apply to the airport’s transportation system critical infrastructure. The new emergency amendment requires that impacted TSA-regulated entities develop an approved implementation plan that describes measures they are taking to improve their cybersecurity resilience and prevent disruption and degradation to their infrastructure. Cyber threats and attacks, and their scenarios, are complex. It is very challenging to mitigate the risks since bad actors are consistently finding new ways to update their hacking mechanism. The airport has a strong Cybersecurity Team and is looking to add a Cloud Cybersecurity Architect who is up to date in the cybersecurity field to their team.
-
Threat Hunting and Threat Intelligence
- Digital Forensics
- Solving Tabletop Exercises – defending against cyber-attacks, security breaches, ransomware, phishing scams.
- Endpoint Detection and Response (EDR) solution(s) - Endpoint security and alert policies.
- Security information and event management (SIEM) tools.
- Security Incident Response handling.
- Mailbox-related incident response.
- MSSP, CMDB, and M365 incident tickets and alerts.
- Cloud Security in compliance with Azure policies.
- Vulnerability Scanning for most recent updates. Applications and Network scans for vulnerabilities
- Penetration testing.
- Web application, vulnerability, and port scans.
- Load balancer and Firewall rules - Intune MDM.
- Mitigate Cybersecurity risks in a timely manner.