11 Metro Tech 5th Floor (SOC), Brooklyn NY 11201
SCOPE OF SERVICES: The experienced Specialist will augment staff in the 24x7x365 Security Operations Center including nights, weekends and holidays to monitor the health of City networks.
The resource function is essential to OTI Cyber Command’s ability to defend City systems from cyber threat including direct support of life safety, revenue generating, and COVID response operations. The rapid shift to and from telework supported the acquisition of 300k+ new City-owned devices that facilitate remote access and remote learning, which has significantly expanded the City’s attack surface. The resource will contribute to OTI Cyber Command’s ability to issue timely vulnerability notifications and prioritized system patching info. Without timely vulnerability notification, the city cannot effectively adjust its defensive controls resulting in increased likelihood of cyber events that may require costly remediation efforts.
Perform many critical functions within the Threat Management discipline including staffing 24x7x365 coverage at the City’s Security Operations Center (SOC) augmenting FTE shift schedules including nights, weekends and holidays.
Interface with OTI Cyber Command teams internally, with City agencies, vendors and information-sharing partners.
Monitor City networks and security alerts for intrusion, attempted compromise and anomalous behavior; apply mitigation techniques or escalation factors; correlate threat intelligence across various logs collected by established security controls.
7/ 8 years of experience in Threat Management/SOC/Incident Response environment.
Strong understanding of network and host technologies
Experience applying techniques for detecting host and network-based intrusion using IDS methods and technologies
Experience with SIEM technologies, malware analysis and mitigation techniques
Apply cybersecurity and privacy principles to organizational requirements (confidentiality, integrity, availability, authentication, non-repudiation)
Interpret information collected by diagnostic network tools
Ability to investigate and solve complex problems