SIGNUP

Job Opportunities

Find jobs near you, whether onsite, hybrid, or remote.
  • Similar Jobs to: Sr. Cyber Security Analyst
XX
Cyber Security AnalystCity of New YorkNew York, New York, United States
Apply Now
XX

Cyber Security Analyst

City of New York
  • US
    New York, New York, United States
  • US
    New York, New York, United States
Apply Now

About

The NYC Department of Consumer and Worker Protection (DCWP) protects and enhances the daily economic lives of New Yorkers by licensing businesses, enforcing consumer protection and workplace laws, and providing resources and outreach. DCWP works with its Office of Financial Empowerment and Labor Policy & Standards to empower consumers and working families. DCWP also conducts research and advocates for public policy that fosters stronger, more sustainable communities. DCWP is seeking to hire a Cyber Security Analyst Level II to join its IT Services Division.
The Cyber Security Analyst defends against cybersecurity incidents and identifies, analyzes, communicates and contains incidents as they occur. The role requires excellent communication skills, creativity, a strong technical background, and familiarity with both traditional and emerging security technologies and practices. Activities include day‑to‑day operations as well as new and existing cybersecurity projects.
Major Responsibilities
Under supervision, with latitude for independent initiative and decision making, assist DoTSS in liaising with the NYC Office of Technology and Innovation (OTI) by ensuring any security threats are mitigated by DCWP in a timely manner.
With an effort to remain proactive and stay ahead of issues, respond to alerts and events that could threaten the Agency’s information technology security posture.
Characterize and analyze network traffic and server/cloud performance metrics to identify anomalous activity and potential threats.
Complete appropriate patching on various systems, including workstations, servers and network equipment such as switches, voice gateways and routers.
Analyze identified malicious activity to determine means, method, and details of exploitations against agency systems and applications.
Evaluate commercial software in conjunction with OTI for safe use by NYC DCWP.
Guide ITOPS in reimage/restore devices and equipment to previous known good states after an incident.
Validate, analyze, investigate and mitigate reported trouble tickets or incidents from OTI.
Follow up to ensure DCWP staff are taking and following Cyber Security Training.
Ensure new software (COTS, on‑prem, cloud‑based CRM) is being developed following citywide security standards and protocols that pass through SDLC and security accreditation from OTI.
Follow up on incident reports and app scan reports to ensure that proper mitigation is taking place in a timely manner.
Conduct network monitoring and intrusion detection analysis using various computer network defense tools, such as intrusion detection/prevention systems, firewalls and host‑based security systems; review and adjust ACL as needed based on source/destination/port by requirement.
Conduct log‑based and endpoint‑based threat detection to detect and protect against threats coming from multiple sources.
Correlate activity across assets (endpoint, network, apps) and environments (on‑premises, cloud) to identify patterns of anomalous or suspicious activity.
Support the creation of business continuity/disaster recovery plans, including conducting disaster recovery tests, publishing test results and making changes necessary to address deficiencies.
Research emerging threats and vulnerabilities to aid in the identification of incidents.
Provide users with incident response support, including mitigating actions to contain activity and facilitating forensic analysis when necessary.
Perform security standards testing against computers or IT equipment before implementation to ensure security standards are met.
Coordinate with OTI and ITOPS on providing IT inventory, performing DCWP security audits and coordinating Comptroller and Criminal Justice Information Security (CJIS) directive audits.
Minimum Qualifications
A baccalaureate degree from an accredited college including or supplemented by 24 semester credits in computer science or a related computer field and one year of satisfactory full‑time computer software experience in computer systems development and analysis, applications programming, database administration, maintenance and support, systems programming, data communications, mainframe development, mobile development, web development and design; or
A four‑year high school diploma or its educational equivalent and five years of satisfactory full‑time computer software experience as described above; or
Education and/or experience equivalent to the above. College education may be substituted for up to two years of the required experience on the basis that 60 semester credits from an accredited college is equated to one year of experience. In addition, 24 semester credits from an accredited college or graduate school in computer science or a related field, or a certificate of at least hours in computer programming from an accredited technical school (post‑high school), may be substituted for one year of experience. All candidates must have at least a four‑year high school diploma or its educational equivalent and at least one year of satisfactory full‑time experience as described above.
Preferred Skills
Experience in IT audit, enterprise risk management, penetration tester, red team/incident responder or as a junior security operations analyst.
Experience with regulatory compliance and information security management frameworks such as ISO 27001/27002, COBIT, NIST 800‑53 or related frameworks.
Strong decision‑making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
An ability to effectively influence others to modify their opinions, plans or behaviors.
An understanding of organizational mission, values, goals and consistent application of this knowledge.
Strong problem‑solving and troubleshooting skills.
Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM).
Understanding of privilege access management for servers (preferred knowledge of Delinea/Centrify).
Familiarity with CISA Binding Operational Directives.
Familiarity with Trellix/McAfee/CrowdStrike/Rapid7 and Azure.
55a Program This position is also open to qualified persons with a disability who are eligible for the 55‑a Program. Please indicate at the top of your resume and cover letter that you would like to be considered for the position through the 55‑a Program.
Public Service Loan Forgiveness As a prospective employee of the City of New York, you may be eligible for federal loan forgiveness programs and state repayment assistance programs. For more information, please visit the U.S. Department of Education’s website.
Residency Requirement New York City residency is not required for this position.
#J-18808-Ljbffr
  • New York, New York, United States

Languages

  • English
Notice for Users

This job comes from a TieTalent partner platform. Click "Apply Now" to submit your application directly on their site.

10'000+ Job Opportunities: Find Jobs Near You, Onsite, Hybrid, or Remote