Logo
City of New York

City of New York is hiring: Cyber Security Analyst in New York

City of New York, New York, NY, United States


Company Description

Job Description

THIS POSITION MAY BE ELIGIBLE FOR REMOTE WORK FOR UP TO 2 DAYS PER WEEK, PURSUANT TO THE REMOTE WORK PILOT PROGRAM.

The NYC Department of Consumer and Worker Protection (DCWP) protects and enhances the daily economic lives of New Yorkers to create thriving communities. DCWP licenses more than 45,000 businesses in more than 40 industries and enforces key consumer protection, licensing, and workplace laws that apply to countless more. By supporting businesses through equitable enforcement and access to resources and, by helping to resolve complaints, DCWP protects the marketplace from predatory practices and strives to create a culture of compliance. Through its community outreach and the work of its offices of Financial Empowerment and Labor Policy & Standards, DCWP empowers consumers and working families by providing the tools and resources they need to be educated consumers and to achieve financial health and work-life balance. DCWP also conducts research and advocates for public policy that furthers its work to support New York City's communities. For more information about DCWP and its work, call 311 or visit DCWP at nyc.gov/dcwp or on its social media sites, Twitter, Facebook, Instagram and YouTube.

In 2016, following DCWP's successful implementation of the City's Paid Sick Leave Law, DCWP's mandate expanded yet again to add the Office of Labor Policy & Standards (OLPS), which is NYC's central resource for workers and a dedicated voice for workers in City government. OLPS is the largest municipal labor standards office in the country and is charged with conducting original data collection and research, policy development, education and outreach on key workplace issues, and advocating for and enforcing a new generation workplace protections. DCWP now stands at the nexus of consumers, businesses, and working families in New York City and is pioneering how city government can protect and enhance the lives of all of players in the marketplace, including consumers, business and workers, and how that work ultimately fosters stronger, more sustainable, and thriving communities. Through its Office of Financial Empowerment, DCWP assists low-income and immigrant New Yorkers to build assets and make the most of their financial resources by providing free financial counseling at Financial Empowerment Centers across the City, access to mainstream banking, and encouraging Earned Income Tax Credit utilization. DCWP is seeking to hire a Cyber Security Analyst Level II to join its IT Services Division. Under the direction of the Executive Director Infrastructure, the Cyber Security Analyst Level II will assist with implementing cybersecurity polices, standards, directives, and guidelines that draws heavily from citywide cyber policies implemented by the City of New York for all agencies.
The Cyber Security Analyst defends against cybersecurity incidents and identifies, analyzes, communicates and contains incidents as they occur. This cybersecurity role requires excellent communication skills, creativity, strong technical background, and familiarity with tradition and emerging security technologies and practices. The activities of this role will be split between day-to-day operations and working on new and existing cybersecurity related projects.

Major Responsibilities:

- Under supervision, with latitude for independent initiative and decision making, assist DoTSS in liaising with the NYC Office of Technology and Innovation (OTI) by ensuring any security threats are mitigated by DCWP in a timely manner.
- With an effort to remain proactive and stay ahead of the issues, respond to alerts and events that could threaten the Agency's information technology security posture.
- Characterize and analyze network traffic and server/cloud performance metrics to identify anomalous activity and potential threats.
- Complete appropriate patching on various systems, including workstations, servers and network equipment such as switches, voice gateways and routers.
- Analyze identified malicious activity to determine means, method, and details of exploitations against agency systems and applications.
- Evaluate commercial software in conjunction with OTI for safe use by NYC DCWP.
- Guide ITOPS in reimage/restore devices and equipment to previous known good states after an incident.
- Validate, analyze, investigate and mitigate reported trouble tickets or incidents from OTI.
- Follow up to ensure DCWP staff are taking and following Cyber Security Training.
- Ensure new software (COTS, on-prem, cloud-based CRM) are being developed following citywide security standards and protocols passes through SDLC and security accreditation (from OTI).
- Follow up on incident reports and app scan reports to ensure that proper mitigation is taking place in timely manner.
- Conduct network monitoring and intrusion detection analysis using various computer network defense tools, such as intrusion detection/prevention systems, firewalls and host-based security systems; review and adjust ACL as needed based on source/destination/port by requirement.
- Conduct log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources
- Correlate activity across assets (endpoint, network, apps) and environments (on-premises, cloud) to identify patterns of anomalous or suspicious activity.
- Support the creation of business continuity/disaster recovery plans, including conducting disaster recovery tests, publishing test results and making changes necessary to address deficiencies.
- Research emerging threats and vulnerabilities to aid in the identification of incidents.
- Provide users with incident response support, including mitigating actions to contain activity and facilitating forensic analysis when necessary.
- Perform security standards testing against computers or IT equipment before implementation to ensure security standards are met.
- Coordinate with OTI and ITOPS on providing IT inventory, performing DCWP security audits and coordinate comptroller and Criminal Justice Information Security (CJIS) directive audits.

Qualifications

1. A baccalaureate degree, from an accredited college including or supplemented by twenty-four (24) semester credits in cyber security, network security, computer science, computer programming, computer engineering, information technology, information science, information systems management, network administration, or a pertinent scientific, technical or related area; or

2. A four-year high school diploma or its equivalent approved by a State's department of education or a recognized accrediting organization and three years of satisfactory experience in any of the areas described in "1" above; or

3. Education and/or experience equivalent to "1" or "2", above. College education may be substituted for up to two years of the required experience in "2" above on the basis that sixty (60) semester credits from an accredited college is equated to one year of experience. In addition, twenty-four (24) credits from an accredited college or graduate school in cyber security, network security, computer science, computer programming, computer engineering, information technology, information science, information systems management, network administration, or a pertinent scientific, technical or related area; or a certificate of at least 625 hours in computer programming from an accredited technical school (post high school), may be substituted for one year of experience.

Additional Information

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.