About New York City Cyber Command
Mission. NYC Cyber Command leads the City’s cyber defense efforts, working across more than 100 agencies and offices to prevent, detect, respond, and recover from cyber threats. NYC3 protects NYC infrastructure and critical systems from malicious attacks and safeguards the data, devices, and services of the City.
Culture. Foremost, we serve the people of the City of New York, so earning - and keeping - their trust is paramount. To deserve that trust, we relentlessly focus on facts, provide sound judgment, and maintain a healthy culture. We pride ourselves on having a respectful and inclusive workplace built on kindness, honest intellectual debate, and excellent work.
Job Description
The Urban Technology division of New York City Cyber Command (NYC3) provides security services that enable City agencies to fully leverage the future of smart city technologies in a secure way. As part of the Urban Technology team and the head of this unit, the Critical Infrastructure Lead is the ideal blend between a senior executive and a technician, able to serve as a subject matter expert and direct a team of personnel to ensure that the city provides a secure operational platform our residents, employees and visitors. The Critical Infrastructure Lead will provide advice and technical expertise to NYC3, as well as city and agency leadership on the security of connected infrastructure, operational technology, industrial control systems (ICS), and supervisory control and data acquisition (SCADA), autonomous vehicles, connected vehicle data (V2X), smartphones, cloud, analytics and more.
Responsibilities will include:
· Develop secure Urban Technology architecture blueprints that can be leveraged by Agencies;
· Review and create Urban Technology designs, solutions and proposals;
· Perform market research on urban technology security vendors;
· Conduct vulnerability research against smart devices;
· Collaborate with City Agencies and the Office of the CTO on security aspects of smart city initiatives, identifying potential risks and developing solutions to mitigate those risks;
· Work with organizations to secure potential vulnerabilities on connected devices;
· Maintain situational awareness of the current cyber threat landscape, with a focus on potential impacts to New York City.
Projects will be undertaken in small teams with close coordination with the Department of Information Technology and Telecommunications, other Agencies and the CTO’s office. We are looking for a talented, motivated individual who enjoys working in creative, stimulating environments to advise City Agencies on the secure deployment of technologies that solve the City’s problems and advance the state of the art in cybersecurity for a vast array of problems in Urban Technology.
The position’s responsibilities include commitment to and compliance with the City’s EEO policy.
Minimum Qualification Requirements
1. A baccalaureate degree from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the particular position;
or
2. Education and/or experience which is equivalent to “1” above.
Preferred Skills
The preferred candidate should possess the following:
· At least 10 years of experience and 18 months supervisory experience in Cybersecurity, including risk management, vulnerability assessments, penetration testing, security assessments, strategy and program development, network architecture designs, or monitoring solutions. A bachelors can substitute for 2 years of experience, but 18 months supervision is mandatory;
· 2+ years of experience, BS or MS in Computer Engineering or Electrical Engineering Reverse Engineering; Vulnerability Research; Wireless and Network Communications; Malware; Mobile/Embedded Development; RTOS Kernel development; Constraint Solving; Exploit mitigation techniques;
· Experience with industrial control regulations, including IEC 62443, NIST SP 800-82, NERC CIP, or NEI 08-09 or other industrial control regulations
· Experience with Cybersecurity standards and best practices and how to integrate them
· Experience with evaluating security vulnerabilities, developing mitigation strategies, and implementing remediation
· Experience with analyzing vulnerability and security risk assessment tool results, including DoD SCAP or Nessus
· Ability to analyze Cybersecurity documentation, including security policies, plans, and procedures
· Strong organizational skills; will require tracking of outstanding issues and multiple projects.
· Ability to work as part of a team, as well as independently
· Ability to drive projects to full completion
· Exceptional written and oral communication skills.
· Highly motivated self-starter demonstrating integrity, initiative and innovation qualities.
· Strong organizational skills; will require tracking of outstanding issues and multiple projects;
· Exemplary Communications, both oral and written;
· Willingness to travel in the five boroughs of NYC;
· Ability to train and lead staff;
· Excellent research and analytical skills;
· Excellent oral and written communication skills.