Cyber Security Analyst

at City of New York
Published February 12, 2024
Location New York, NY
Category Default  
Job Type Full-time  

Description

Job Description

The Bureau of Information Systems provides a full range of technology support services for key business functions and Charter mandated responsibilities of the Comptrollers Office. These services include technology strategic planning, web site development, graphic design, disaster recovery, systems development, network administration, audio/visual services, business process re-engineering, change management, program management, security administration, Service Desk, computer operations, telecommunications, and document management. As part of security administration, Advanced Threat Protection (ATP) technology is used for detecting and preventing situations where sensitive information is exposed outside the organizations network.

Under the direction of the Manager of Network Operations, the Cyber Security Analyst will assist with implementing cybersecurity polices, standards, directives, and guidelines that draws heavily from citywide cyber policies implemented by the City of New York for all agencies. Tasks include, but are not limited to, the following:

- Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis and direct system remediation)

- Conduct threat analysis and assessments on network/systems, monitor, maintain, update and secure client's infrastructure.

- Establish, maintain, and execute all components of an incident response plan, including run books, from incident intake through root cause analysis, technical remediation analysis and reporting.

- Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system (IDS) logs to identify possible threats to network security.

- Execute cyber defense incident triage to include determination of scope, urgency, and potential impact; identifying the specific vulnerability and making recommendations that enable expeditious remediation.

- Perform initial, forensic investigation, accurately document incidents from beginning to end including evidence handling.

- Participate in the incident response activities to minimize the impact. Act as a technical and forensic investigation liaison between the agency, OTI, and Cyber Command

- Respond and resolve basic operational technical Incidents and Requests.

- Perform other related duties and functions as required.

MINIMUM QUALIFICATION REQUIREMENTS

A baccalaureate degree, from an accredited college including or supplemented by twenty-four (24) semester credits in cyber security, network security, computer science, computer programming, computer engineering, information technology, information science, information systems management, network administration, or a pertinent scientific, technical or related area and two (2) or more years of satisfactory experience in any of the areas described above.

PREFERRED SKILLS IN ADDITION TO MINIMUM QUALIFICATIONS

- 2 years or more experience working in a complex enterprise environment;

- Strong understanding of vulnerability and exploitation concept;

- Previous experience in firewalls, IDS/IPS, SEIM, cybersecurity tools;

- Previous experience performing threat hunting and incident response using SIEM tools, cybersecurity management tools;

- Knowledge of Malware Analysis, Reverse Engineering and Host-based and Memory Forensics tools and techniques;

- Deep understanding of computer intrusion activities, incident response techniques, tools and procedures;

- Knowledge of digital forensics methodology as well as security architecture, system administration and networking (including TCP/IP, DNS, HTTP, SMTP);

- Knowledge of operating systems including Mac and Windows;

- Familiarity with programming languages such as Python, Perl, C/C++, PowerShell, etc.;

- Experience with security assessment and vulnerability tools such as Qualys, NMAP, Security Onion suite, Nessus, and Metasploit.

TO APPLY, GO TO: Employment Opportunities at www.comptroller.nyc.gov

Note: We appreciate every applicants interest; however, only those under consideration will be contacted. Certain residency requirements may apply. Vacancy notices listed as Until Filled will be posted for at least five workdays.

Qualifications

1. A baccalaureate degree, from an accredited college including or supplemented by twenty-four (24) semester credits in cyber security, network security, computer science, computer programming, computer engineering, information technology, information science, information systems management, network administration, or a pertinent scientific, technical or related area; or

2. A four-year high school diploma or its equivalent approved by a States department of education or a recognized accrediting organization and three years of satisfactory experience in any of the areas described in 1 above; or

3. Education and/or experience equivalent to 1 or 2, above. College education may be substituted for up to two years of the required experience in 2 above on the basis that sixty (60) semester credits from an accredited college is equated to one year of experience. In addition, twenty-four (24) credits from an accredited college or graduate school in cyber security, network security, computer science, computer programming, computer engineering, information technology, information science, information systems management, network administration, or a pertinent scientific, technical or related area; or a certificate of at least 625 hours in computer programming from an accredited technical school (post high school), may be substituted for one year of experience.

Additional Information

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.