Job Description
Job Description
Job Title : Cyber Security Analyst
Location : Harlem, NY 10039
Job Type : Contract
Work schedule : Normal business hours Monday-Friday 35 hours / week (not including mandatory unpaid meal break after 6 hours of work).
Duration : 6 Years
Scope of Services :
The Contractor / cybersecurity analyst would perform a variety of services, both in-person at NYC Health Department locations and, if needed, remotely, including but not limited to :
- Identifying and mitigating complex IT technical threats to computer systems, networks, and data.
- Using technical IT tools and IT software to monitor, analyze, and defend against cyberattacks.
- Monitoring and analyzing network traffic, configuring firewalls, intrusion detection / prevention systems and conducting vulnerability assessments.
- Managing and protecting endpoints such as desktops, laptops, servers, and mobile devices from malware, ransomware, and other threats.
- Investigating security incidents, identifying root causes, and implementing corrective actions to prevent future occurrences.
- Utilizing SIEM tools to collect, correlate and analyze security event data for threat detection and responses.
- Monitoring and analyzing emerging threats, vulnerabilities, and attack vectors to proactively defend against cyber threats.
- Performing Penetration testing.
- Keeping abreast of the latest security, privacy, and regulatory concerns and best practices impacting third party risk management.
- Advising the agency on any changes requested by third parties to security and privacy provisions of agreements or contracts.
- Collaborating with IT project management and operational teams to design secure cloud infrastructure plans and services.
Performing analysis on the security of all cloud services, including but not limited to : AWS, Microsoft Azure, Google, etc.
- Providing subject matter expertise on cloud security, automation, and virtualization.
- Developing, documenting, and validating policies, processes, and procedures relating to a variety of cloud concepts and standards.
- Developing cloud security metrics to analyze risks and identify potential opportunities to reduce vulnerabilities.
- Collaborating with all parties and the city's Cyber Command Center to obtain cloud solution dispositions and update agency inventory lists.
Experience and Organizational Capability :
The contractor / cybersecurity analyst would have the following credentials, organizational capability, and / or experience :
- A bachelor's degree in information technology or Computer Science.
- An industry recognized certification within the domains of information security and privacy (e.g., CISSP, GIAC, CISM, CISA, CIPP, CTPRP, CCSP, etc.).
- A minimum of three (3) years of experience working in an IT or computer-related field. Greater consideration will be given to contractors with greater than 5 years of experience.
- A minimum of three (3) years of hands-on technical experience in cloud administration.
- At least 1 year of experience :
with Cloud Cybersecurity efforts and emerging technology aligned with the Risk Management Framework (RMF).
In an Information & Network Security occupation preferred.