Job Description
About New York City Cyber Command
NYC Cyber Command was created in 2017 by Executive Order to lead the City’s cyber defense efforts, working across more than 100 agencies and offices to prevent, detect, respond, and recover from cyber threats. NYC Cyber Command is committed to protecting NYC infrastructure and critical systems from malicious attacks through the use of the latest technologies, public-private partnerships, and regular training and exercises for City employees.
About the Position
The Computer Emergency Response Team (CERT) Specialist will conduct malware analysis, campaign assessment, intelligence collection and analysis, and network and host based forensics. Primary responsibilities include proactive security event and incident detection, reviewing and analyzing security events from various monitoring and logging sources, website and web application security assessment and penetration testing, packet analysis and Intrusion Detection System / Intrusion Prevention System technology and handling in an operational environment.
Responsibilities include:
• Provide tactical level intelligence analysis of Cyber threats and actors in support of Cyber defense and network operations;
• Perform forensics, network vulnerability and malware analysis to conduct Cyber threats and security events;
• Deliver recommendations and actions to improve the detection, escalation, containment and resolution of incidents;
• Enhance existing incident response methods, tools and processes;
• Perform real-time incident handling, including forensics collections and intrusion correlations and tracking;
• Collect, assess, and catalog threat indicators;
• Maintain knowledge of the current security threat level by monitoring related Internet postings, intelligence reports, and related sources;
• Perform malware analysis and reverse engineering;
• Participate in on-call rotation;
• Perform special projects and initiatives as assigned.
Minimum Qual Requirements
1. A baccalaureate degree from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the particular position; or
2. Education and/or experience which is equivalent to "1" above.
Preferred Skills
The preferred candidate should possess the following:
• Experience performing security event and incident detection and handling in an operational environment such as SOC, CSIRT, CERT, etc;
• Experience reviewing and analyzing Security Events from various monitoring and logging sources;
• Knowledge of, and experience with packet analysis and IDS/IPS technology;
• Experience in website and web application security assessment or penetration testing;
• Previous experience working as a part of an IT Security team;
• Formal education or a strong background in Computer Science, computer engineering or similar experience;
• Incident response experience;
• An active knowledge of current trends in computer security, software/hardware vulnerabilities;
• Active interest in current security research;
• Ability to work as part of a CERT Team which may require rotational weekday/weekend on-call coverage;
• Strong sense of teamwork, an inquisitive mind and the desire to share knowledge;
• Ability to understand and implement technical vulnerability corrections;
• Experience conducting malware analysis;
• Experience with automation, scripting (python, perl, ruby, etc);
• Understanding of Intrusion analysis;
• Knowledge of multiple operating systems (Windows, Linux, OSX);
• Security product assessments;
• Security tools development;
• Host and Network Forensics;
• Security tools development.
• Certifications: GCIA, GCIH, GCFA, GISF, GNFA, GREM
To Apply
* Interested applicants with similar civil service titles who meet the preferred requirements should also submit a resume for consideration
For City employees, please go to Employee Self Service (ESS), click on Recruiting Activities > Careers, and search for Job ID #394247
For all other applicants, please go to www.nyc.gov/jobs/search and search for Job ID #394247
SUBMISSION OF A RESUME IS NOT A GUARANTEE THAT YOU WILL RECEIVE AN INTERVIEW
APPOINTMENTS ARE SUBJECT TO OVERSIGHT APPROVAL
New York City Cyber Command and the City of New York are equal opportunity employers.
NYC3 participates in E-Verify
Hours/Shift
Day - Due to the necessary technical support duties of this position in a 24/7 operation, candidate may be required to work various shifts such as weekends and/or nights/evenings.
Work Location
New York, NY
Residency Requirement
City Residency is not required for this position