We invite individuals who are enthusiastic about the aviation industry and dedicated to providing a world-class experience to apply. Join us and be part of a dynamic team that values collaboration, supports each other's development, and embraces diverse ideas and perspectives.
Serving as Michigan's second busiest airport and recognized as the best small airport in the country by USA Today, Gerald R. Ford International Airport stands as a testament to West Michigan's vibrant growth. The airport serves over four million passengers annually, with eight commercial airline partners offering nonstop flights to over 35 destinations. As a vital economic engine in the region, it supports more than 40,000 jobs and contributes over $7 billion to the economy each year.
Gerald R. Ford International Airport has received multiple awards from Airports Council International World's 2023 Airport Service Quality (ASQ) Awards, including Best airport 2 to 5 million passengers in North America; Airport with the Most Dedicated Staff in North America; Easiest Airport Journey in North America; Most Enjoyable Airport in North America; and Cleanest Airport in North America. Managed and operated by the Gerald R. Ford International Airport Authority, the airport is committed to creating an exceptional travel experience for our passengers while fostering growth and prosperity for all of West Michigan. Our team is dedicated, passionate, and focused on innovation, making it a great place to build a rewarding career.
JOB SUMMARY:
Leads and participates in the implementation, administration, and continuous improvement of the Airport’s cybersecurity environment. This role is responsible for securing the organization’s enterprise infrastructure, cloud platforms (Azure & AWS), network environments, and integrated systems, ensuring protection of critical airport operations and data. This is a hands-on engineering role requiring both security architecture, understanding and deep technical implementation capability, with a focus on identity, access control, monitoring, and incident response. Plays a critical role in ensuring the Airport’s environment is secure, resilient, compliant, and aligned with regulatory requirements.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
- Designs, implements, and maintains security controls across cloud environments (Azure & AWS), network and infrastructure systems, and identity and access management platforms.
- Configures and manages identity systems (Entra ID/Azure AD), conditional access and MFA, and endpoint protection and security tools.
- Implements zero trust principles across the environment.
- Designs and enforces Role-Based Access Control (RBAC).
- Implements identity governance and lifecycle management.
- Secures privileged access and administrative accounts.
- Ensures consistent access policies across systems and environments.
- Implements and manages security monitoring solutions (SIEM, logging, alerting)
- Investigates and responds to security incidents.
- Develops and maintains incident response procedures.
- Improves detection capabilities across all systems.
- Secures Azure environments (compute, storage, networking, identity)
- Implements cloud-native security controls and monitoring.
- Ensures alignment with Azure security best practices and frameworks.
- Supports secure cloud architecture in collaboration with infrastructure teams.
- Works closely with network and infrastructure teams to enforce segmentation, secure connectivity, and firewall policies.
- Ensures protection of IT and operational technology environments.
- Ensures alignment with regulatory requirements (TSA, FAA, NIST).
- Supports audits, assessments, and remediation activities.
- Identifies and mitigates security risks across systems.
- Maintains documentation of controls and security posture.
- Develops, implements, and maintains security standards and best practices.
- Serves as a senior technical resource for cybersecurity engineering and operations.
- Collaborates with cross-functional teams (network, infrastructure, applications).
- Evaluates, recommends, and supports implementation of security tools and vendor solutions.
- Performs other related duties as assigned.
REQUIRED KNOWLEDGE AND SKILLS:
- Identity and Access – Working knowledge of Azure Active Directory, RBAC, Conditional Access, MFA, Privileged identity management, and Identity governance.
- Security Engineering – Working knowledge of endpoint protection and EDR tools, SIEM and logging platforms (Microsoft Sentinel or similar), threat detection and response, and vulnerability management.
- Cloud Security – Working knowledge of Azure security services and controls, secure cloud architecture principles, and monitoring and logging in cloud environments.
- Network Security – Working knowledge of firewalls and segmentation concepts, VPN and secure connectivity, and Zero Trust architecture.
- Security Frameworks – Working knowledge of NIST Cybersecurity Framework, Zero Trust principles, and general regulatory and compliance awareness.
- Strong hands-on security engineering capability.
- Ability to design and implement secure systems.
- Deep understanding of identity, access and threat detection.
- Strong analytical and problem-solving skills.
- Ability to operate independently and lead technical security initiatives.
- Strong communication skills, both technical and executive.
QUALIFICATIONS AND REQUIREMENTS:
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field. Master’s degree is preferred.
- Seven to ten years of progressive experience in cybersecurity, information security, or cybersecurity engineering.
- Proven experience implementing security controls in enterprise environments.
- Experience securing cloud environments, Azure is preferred.
- Experience in mission-critical or regulated environments including aviation, transportation, government, or healthcare is preferred.
NOTES:
- Candidate must be able to pass required FBI fingerprint-based criminal history record check.
CONTACTS:
This position has frequent contact with:
- Airport Authority staff and airport tenants.
- Interaction with vendors and external partners.
LICENSES AND CERTIFICATIONS:
- Microsoft Certified: Azure Security Engineer Associate preferred.
- AWS Certified Security – Specialty preferred.
- CISSP, CISM, or GIAC certification preferred.
- Certified Ethical Hacker (CEH) or equivalent technical certification preferred.
PHYSICAL REQUIREMENTS:
- Ability to occasionally lift and move equipment up to 25 pounds.
- Ability to work in data centers, telecommunications rooms, and airport operational areas.
- Ability to remain stationary for extended periods while working at a computer.
WORK ENVIRONMENT:
- Critical infrastructure environment supporting airport operations.
- Participation in incident response and on-call escalation support.
- Collaboration across IT domains (network, infrastructure, applications).
- May be required to work evenings, weekends, or holidays during security incidents, maintenance activities, or operational emergencies.
SUPERVISORY RESPONSIBILITY:
- May provide technical guidance, project leadership, and work coordination for cybersecurity initiatives. Direct supervisory responsibilities may be assigned as organizational needs evolve.