About New York City Cyber Command
Mission. NYC Cyber Command leads the City’s cyber defense efforts, working across more than 100 agencies and offices to prevent, detect, respond, and recover from cyber threats. NYC3 protects NYC infrastructure and critical systems from malicious attacks and safeguards the data, devices, and services of the City.
Culture. Foremost, we serve the people of the City of New York, so earning - and keeping - their trust is paramount. To deserve that trust, we relentlessly focus on facts, provide sound judgment, and maintain a healthy culture. We pride ourselves on having a respectful and inclusive workplace built on kindness, honest intellectual debate, and excellent work.
Job Description
Cyber Intel Analysts within NYC Cyber Command perform many critical functions within the Threat Management discipline. Chief among these functions is providing the key verticals of the Threat Management team with direct support to operations by consuming and analyzing tactical and technical intel, as well as coordinating between operators and the CTI lead. Some of the Cyber Intel Analysts tasks are described below:
● Provide intel support to primary operators, and also directly assist or execute investigative efforts or tasks
● Direct or assist hunt missions to augment detection capabilities to identify threats across NYC3 operating environment
● Responsible for the collection, processing, analysis, and dissemination of tactical intelligence (IOC’s) and products (finished reports) throughout NYC3 and partner organizations
● Develop, maintain, and execute threat and risk communication processes that advise NYC3 network defenders
● Responsible for pushing indicators to security defenses from NYC3’s Threat Intelligence Platform (TIP) and coordinating activity with defensive operators
● Perform network, system, and kill chain analysis on how malware was introduced and propagated
● Conduct research for tracking certain code families, campaigns, or actors through technical analysis of data, malicious codes, and infrastructure
● Employ predictive analytic methods to determine changes in adversary’s capabilities, motivations, and intent, while providing recommendations to reduce risk before exposure to threats occur
● Provide direct analytic support to the Security Operations Center, including Incident Response and Risk Analysts, to add context to active investigations and threats using intelligence
● Create and present custom threat briefing materials for NYC3 Operational teams to provide tactical situational awareness
Preferred Skills
● Excellent verbal and oral communication skills are required
● Experience working in a security environment and/or supporting security teams from a technical standpoint
● In-depth knowledge of the current cyber threat landscape, with a specific focus on the technical aspects of adversarial Tactics, Techniques and Procedures (TTPs) and their relation to the cyber kill chain and other analytical models
● Fundamental analytic tradecraft skill sets, with extensive experience in the extraction and analysis of tactical intelligence from investigations
● Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, and non-repudiation)
● Strong understanding of vulnerability and exploitation concepts, or experience in penetration testing
● Expertise in host and network-based forensics, or Incident Response best practices
● Strong understanding of dynamic/behavioral malware analysis methods and technology
● Experience in host and network-based defense, or monitoring and detection best practices
Qualification Requirements
1. A baccalaureate degree from an accredited college and four years of satisfactory full‐time experience related to projects and policies required by the particular position; or,
2. Education and/or experience which is equivalent to ʺ1ʺ above.