Cyber Security Analyst

Cyber Security Analyst

The NYC Department of Consumer and Worker Protection (DCWP) protects and enhances the daily economic lives of New Yorkers to create thriving communities. DCWP licenses more than 51,000 businesses in more than 40 industries and enforces key consumer protection, licensing, and workplace laws that apply to countless more. By supporting businesses through equitable enforcement and access to resources and, by helping to resolve complaints, DCWP protects the marketplace from predatory practices and strives to create a culture of compliance. Through its community outreach and the work of its offices of Financial Empowerment and Labor Policy & Standards, DCWP empowers consumers and working families by providing the tools and resources they need to be educated consumers and to achieve financial health and work-life balance. DCWP also conducts research and advocates for public policy that furthers its work to support New York City's communities. DCWP is seeking to hire a Cyber Security Analyst Level II to join its IT Services Division. Under the direction of the Executive Director Infrastructure, the Cyber Security Analyst Level II will assist with implementing cybersecurity policies, standards, directives, and guidelines that draws heavily from citywide cyber policies implemented by the City of New York for all agencies. The Cyber Security Analyst defends against cybersecurity incidents and identifies, analyzes, communicates and contains incidents as they occur. This cybersecurity role requires excellent communication skills, creativity, strong technical background, and familiarity with tradition and emerging security technologies and practices. The activities of this role will be split between day-to-day operations and working on new and existing cybersecurity related projects.

Major Responsibilities:

• Assist DoTSS in liaising with the NYC Office of Technology and Innovation (OTI) by ensuring any security threats are mitigated by DCWP in a timely manner.
• Respond to alerts and events that could threaten the Agency's information technology security posture.
• Characterize and analyze network traffic and server/cloud performance metrics to identify anomalous activity and potential threats.
• Complete appropriate patching on various systems, including workstations, servers and network equipment such as switches, voice gateways and routers.
• Analyze identified malicious activity to determine means, method, and details of exploitations against agency systems and applications.
• Evaluate commercial software in conjunction with OTI for safe use by NYC DCWP.
• Guide ITOPS in reimage/restore devices and equipment to previous known good states after an incident.
• Validate, analyze, investigate and mitigate reported trouble tickets or incidents from OTI.
• Follow up to ensure DCWP staff are taking and following Cyber Security Training.
• Ensure new software (COTS, on-prem, cloud-based CRM) are being developed following citywide security standards and protocols passes through SDLC and security accreditation (from OTI).
• Follow up on incident reports and app scan reports to ensure that proper mitigation is taking place in timely manner.
• Conduct network monitoring and intrusion detection analysis using various computer network defense tools, such as intrusion detection/prevention systems, firewalls and host-based security systems; review and adjust ACL as needed based on source/destination/port by requirement.
• Conduct log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources.
• Correlate activity across assets (endpoint, network, apps) and environments (on-premises, cloud) to identify patterns of anomalous or suspicious activity.
• Support the creation of business continuity/disaster recovery plans, including conducting disaster recovery tests, publishing test results and making changes necessary to address deficiencies.
• Research emerging threats and vulnerabilities to aid in the identification of incidents.
• Provide users with incident response support, including mitigating actions to contain activity and facilitating forensic analysis when necessary.
• Perform security standards testing against computers or IT equipment before implementation to ensure security standards are met.
• Coordinate with OTI and ITOPS on providing IT inventory, performing DCWP security audits and coordinate comptroller and Criminal Justice Information Security (CJIS) directive audits.

Minimum Qualifications

1. A baccalaureate degree from an accredited college including or supplemented by 24 semester credits in computer science or a related computer field and one year of satisfactory full-time computer software experience in computer systems development and analysis, applications programming, database administration, maintenance and support, systems programming, data communications, mainframe development, mobile development, web development and design; or 2. A four-year high school diploma or its educational equivalent and five years of satisfactory full-time computer software experience as described in "1" above; or 3. Education and or/or experience equivalent to "1" or "2" above. College education may be substituted for up to two years of the required experience in "2" above on the basis that 60 semester credits from an accredited college is equated to one year of experience. In addition, 24 semester credits from an accredited college or graduate school in computer science or a related field, or a certificate of at least 625 hours in computer programming from an accredited technical school (post high school), may be substituted for one year of experience. However, all candidates must have at least a four-year high school diploma or its educational equivalent and at least one year of satisfactory full-time experience as described in "1" above.

Preferred Skills

1. Experience in IT audit, enterprise risk management, penetration tester, red team/incident responder or as a junior security operations analyst. 2. Experience with regulatory compliance and information security management frameworks (such as International Organization for Standardization [IS0] 27000-1 or 27000-2, COBIT, National Institute of Standards and Technology [NIST] 800-53 or 800-171). 3. Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one. 4. An ability to effectively influence others to modify their opinions, plans or behaviors. 5. An understanding of organizational mission, values, goals and consistent application of this knowledge. 6. Strong problem-solving and troubleshooting skills. 7. Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM). 8. Understanding of privilege access management for severs (preferred knowledge of Delinea/Centrify) 9. Familiarity with CISA Binding Operational Directives. 10. Familiarity with Trellix/McAfee/CrowdStrike/Rapid7, and Azure.

55a Program

This position is also open to qualified persons with a disability who are eligible for the 55-a Program. Please indicate at the top of your resume and cover letter that you would like to be considered for the position through the 55-a Program.

Public Service Loan Forgiveness

As a prospective employee of the City of New York, you may be eligible for federal loan forgiveness programs and state repayment assistance programs. For more information, please visit the U.S. Department of Education's website at

Residency Requirement

New York City Residency is not required for this position

Additional Information

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.