Threat Analyst
Threat Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
The Office of Technology and Innovation (OTI) leverages technology to drive opportunity improve public safety and help government run better across New York City. From delivering affordable broadband to protecting against cybersecurity threats and building digital government services OTI is at the forefront of how the City delivers for New Yorkers in the 21st century. Watch our welcome video to see our work in action follow us on social media @NYCOfficeofTech and visit oti.nyc to learn more.
At OTI we offer great benefits and the chance to work on projects that have a meaningful impact on millions of people. Youll have the opportunity to work with cuttingedge technology and collaborate with other passionate professionals who share your drive and commitment to making a difference through technology.
About Cyber Command
OTIs Office of Cyber Command is committed to protecting City systems that provide vital services to New Yorkers from cyber threats and helping residents become safer in their digital lives. As the organization defending the largest municipality in the country Cyber Command is charged with directing citywide incident response setting citywide cybersecurity policies and standards and working with city agencies to strengthen their cyber defenses.
Job Description
Threat Analysts within Cyber Command play several vital roles within the Threat Management discipline one of which involves ensuring continuous coverage within the 24/7 Security Operations Center. Consequently Threat Analysts must possess the capability and readiness to work night and weekend shifts.
Responsibilities will include:
Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources;
Coordinate with citywide cyber defense teams to validate network endpoint and identity alerts;
Ensure that cybersecurityenabled products or other compensating security control technologies reduce identified risk to an acceptable level;
Document and escalate incidents (including events history status and potential impact for further action) that may cause ongoing and immediate impact to the environment;
Perform cyber defense trend analysis and reporting;
Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack;
Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy;
Plan and recommend modifications or adjustments based on exercise results or system environment;
Provide daily summary reports of network events and activity relevant to cyber defense practices;
Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts;
Provide timely detection identification and alerting of possible attacks/intrusions anomalous activities and misuse activities and distinguish these incidents and events from benign activities;
Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity;
Analyze identified malicious activity to determine weaknesses exploited exploitation methods and effects on system and information;
Determine tactics techniques and procedures (TTPs) for intrusion sets;
Examine network topologies to understand data flows through the network;
Recommend computing environment vulnerability corrections;
Conduct research analysis and correlation across a wide variety of all source data sets (indications and warnings);
Work with stakeholders to resolve computer security incidents and vulnerability compliance;
Provide advice and input for Disaster Recovery Contingency and Continuity of Operations Plans.
CYBER SECURITY ANALYST 13633
Qualifications :
1. A baccalaureate degree from an accredited college including or supplemented by twentyfour 24 semester credits in cyber security network security computer science computer programming computer engineering information technology information science information systems management network administration or a pertinent scientific technical or related area; or
2. A fouryear high school diploma or its equivalent approved by a States department of education or a recognized accrediting organization and three years of satisfactory experience in any of the areas described in 1 above; or
3. Education and/or experience equivalent to 1 or 2 above. College education may be substituted for up to two years of the required experience in 2 above on the basis that sixty 60 semester credits from an accredited college is equated to one year of experience. In addition twentyfour 24 credits from an accredited college or graduate school in cyber security network security computer science computer programming computer engineering information technology information science information systems management network administration or a pertinent scientific technical or related area; or a certificate of at least 625 hours in computer programming from an accredited technical school (post high school) may be substituted for one year of experience.
Additional Information :
The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic including but not limited to an individuals sex race color ethnicity national origin age religion disability sexual orientation veteran status gender identity or pregnancy.
Remote Work :
No
Employment Type :
Fulltime
Employment Type
Full-time
