This position will interface with various IT departments and provide information to IT leadership with respect to current infrastructure security events, reporting, investigation monitoring and day to day security operation. The following desired knowledge, skills, and abilities are required for this position. Excellent organizational, decision making and communications skills. Excellent knowledge of network security operations with a solid understanding of the technology. Good to excellent attention to detail. Excellent creative problem-solving abilities, coupled with a desire to take on responsibility. Strong team player and people skills with the ability to engage and motivate fellow staff members to drive results. Ability to handle multiple tasks in a fast-paced environment, and prioritize highly varied work in order to maintain required productivity levels. Ability to communicate technical info and ideas so others will understand. Ability to make appropriate decisions considering the relative costs and benefits of potential actions. Ability to apply varying team player traits that create solutions and results to unexpected situations. Ability to assist and motivate less experienced team members to achieve our goals.
Responsibilities Include the Following:
* Work alongside / within a group of technical security staff responsible for the management, response, and reporting to all MTA Computer and Network security related incidents, performing forensic investigations on advance threat analysis. This position will also be responsible for all statistical analysis, performing simulation and incident testing in a lab environment, correlation of events, trend analysis, comparing against security policy and vulnerability database.
* Examining physical memory dumps, volatile data and system audit captures, NTFS $MFT files, Windows Registry hives, Windows Event logs, running processes, active network connections, system logs, and select file attributes
* Web Application Security - Develop and assist the MTA in improving web application security, developing use cases, analyzing and leading incident response related web application security. Along with incidents withing the cloud host platforms such as Amazon and Azure
* RSA Application Expert Analyst. must have expert ability to leverage RSA platform during forensic investigations
* Conducting with conducting Cyber Security Table Top Exercises.
* Building and Maintaining Cyber Security Incident Response Plans.
* Participate / assist with the management and monitoring, analyzing and reporting of security incident and day to day security events with primary focus on highly critical systems holding PPSI, PCI and HIPPA data to make sure proper security controls are in place.
* Participate / assist with incident reporting and providing forensic investigation reports to management, notifying, and coordinating changes with all MTA agencies and departments as a result of security incidents.
* Perform project management and assist with forecasting, budgeting, and monitoring of data security projects and procedures as they relate to Cyber Security Operation Center. Assist the Cyber Security Incident and Monitoring and Security Support team as per MTA and New York State security policies and procedures.
* Responsible to provide 24x7x365 level 2 support as it relates to all security incident and play primary role in forensic investigation at Cyber Security Operation Center at MTA.
* Assist as directed the CSOC focal point in any Cyber Security investigation that requires involvement with law enforcement agencies.
* Assist with lifecycle replacement and upgrades throughout MTA for all Cyber Security Incident Response infrastructures.
Candidate must possess expert level skills with multiple programming languages and must demonstrate that they can reverse engineer malware code. The Candidate must be an expert in Cyber Security Incident Response processes. Must be proficient with UNIX, Windows, OSX and Mobile Devices. Candidate must be proficient with the administration of Office365 and all its security features.
Red Hat Linux
Unis Shell Scripting
Oracle Application Development