About New York City Cyber Command
NYC Cyber Command was created in 2017 by Executive Order to lead the City’s cyber defense efforts, working across more than 100 agencies and offices to prevent, detect, respond, and recover from cyber threats. NYC Cyber Command is committed to protecting NYC infrastructure and critical systems from malicious attacks through the use of the latest technologies, public-private partnerships, and regular training and exercises for City employees.
Job Description
The mission of NYC3 is to Prevent, Detect, Respond and Recover from cyber threats against the data and infrastructure of the City of New York, in collaboration with public and private sector partners. More specifically this position is for the Threat Management tower within NYC3. As a CERT Analyst you will work closely with the CERT, Security Operations (SOC) and Intelligence team on triaging, responding, remediating and recovering from high severity incidents involving over 140 agencies of the City of New York. Your responsibilities will include
- Building detection rules with the log management solution to alert on anomalous behavior indicative of a malicious threat actor.
- Deliver recommendations and actions to improve the detection, escalation, containment and resolution of incidents.
- Maintain knowledge of the current security threats and actors and their relevance to the City by monitoring reports and intel sources.
- Build metrics utilizing a data security approach to gain insight into attacks and responses to incidents within the City of New York.
- Assist in root cause analysis of high severity incidents.
- Work with NYC3 Data Sciences team to ensure accuracy of the alerts being generated from their machine learning algorithms in relation with the threats observed and correlation.
Minimum Qualification Requirements
- Bachelor's degree from an accredited college OR
- Enrolled in a Bachelor's degree program (with an anticipated graduation date no later than May 2020).
Preferred Skills
- Currently enrolled in a Master’s program for with extensive education and/or some professional experience with cyber security topics and functions.
- An active knowledge of current trends in computer security, software/hardware vulnerabilities.
- A general knowledge on security fundamentals and an inquiring mind.
- An active interest in current security research.
- Knowledge in network analysis, host analysis and IDS/IPS technology.