Cyber Security Analyst

Job Description

Job Description

Job Title : Cyber Security Analyst

Location : Harlem, NY 10039

Job Type : Contract

Work schedule : Normal business hours Monday-Friday 35 hours / week (not including mandatory unpaid meal break after 6 hours of work).

Duration : 6 Years

Scope of Services :

The Contractor / cybersecurity analyst would perform a variety of services, both in-person at NYC Health Department locations and, if needed, remotely, including but not limited to :

• Identifying and mitigating complex IT technical threats to computer systems, networks, and data.
• Using technical IT tools and IT software to monitor, analyze, and defend against cyberattacks.
• Monitoring and analyzing network traffic, configuring firewalls, intrusion detection / prevention systems and conducting vulnerability assessments.
• Managing and protecting endpoints such as desktops, laptops, servers, and mobile devices from malware, ransomware, and other threats.
• Investigating security incidents, identifying root causes, and implementing corrective actions to prevent future occurrences.
• Utilizing SIEM tools to collect, correlate and analyze security event data for threat detection and responses.
• Monitoring and analyzing emerging threats, vulnerabilities, and attack vectors to proactively defend against cyber threats.
• Performing Penetration testing.
• Keeping abreast of the latest security, privacy, and regulatory concerns and best practices impacting third party risk management.
• Advising the agency on any changes requested by third parties to security and privacy provisions of agreements or contracts.
• Collaborating with IT project management and operational teams to design secure cloud infrastructure plans and services.

Performing analysis on the security of all cloud services, including but not limited to : AWS, Microsoft Azure, Google, etc.

• Providing subject matter expertise on cloud security, automation, and virtualization.
• Developing, documenting, and validating policies, processes, and procedures relating to a variety of cloud concepts and standards.
• Developing cloud security metrics to analyze risks and identify potential opportunities to reduce vulnerabilities.
• Collaborating with all parties and the city's Cyber Command Center to obtain cloud solution dispositions and update agency inventory lists.

Experience and Organizational Capability :

The contractor / cybersecurity analyst would have the following credentials, organizational capability, and / or experience :

• A bachelor's degree in information technology or Computer Science.
• An industry recognized certification within the domains of information security and privacy (e.g., CISSP, GIAC, CISM, CISA, CIPP, CTPRP, CCSP, etc.).
• A minimum of three (3) years of experience working in an IT or computer-related field. Greater consideration will be given to contractors with greater than 5 years of experience.
• A minimum of three (3) years of hands-on technical experience in cloud administration.
• At least 1 year of experience :

with Cloud Cybersecurity efforts and emerging technology aligned with the Risk Management Framework (RMF).

In an Information & Network Security occupation preferred.