Vacancy expired!
CERT SpecialistSCOPE OF SERVICESThe CERT Specialist will perform security event and incident detection, handle multiple operational environments working with various cyber intelligence teams.TASKS:
- Engage in malware analysis, digital forensics, and campaign assessments; and harmonizes response activities among NYC3, City departments, and state, federal, and private partners.
- Assist NYC agencies to improve cyber incident response
- Design and participate in cyber tabletop exercises with City departments to identify capability gaps, procedural weaknesses, and critical infrastructure
- Design, build and enhance cyber-incident detection tools and capabilities
- Work with cyber intelligence teams to identify new cyber threats and campaigns and proactively deploy countermeasures
- Serve as the escalation point for high-profile cybersecurity incidents
- Prioritize incident response activities and coordinate response efforts among City departments and external partners
- Investigate cybersecurity incidents through log, file, and malware analysis
- Perform memory, network, and disk forensics
- Devise appropriate remediation strategies and assist affected City agencies in containing, eradicating, and recovering from cybersecurity incidents
- Develop post-incident action plans to improve Mean Time to Recover/Restore
- Maintain knowledge of current cyber threat campaigns and tradecraft
- Participate in on-call rotation
- Minimum 4 years of experience in Threat Management/SOC/Incident Response environment performing security event and incident detection and handling in an operational environment.
- Knowledge of and experience with packet analysis, IDS/IPS technology, and experience reviewing and analyzing security events from monitoring and logging sources
- Excellent verbal and written communication skills
- Previous experience working as a part of an IT Security team
- Formal education or a strong background in Computer Science, Computer Engineering or similar experience
- Incident response experience
- Active knowledge of current trends in computer security, software/hardware vulnerabilities
- Active interest in current security research
- Ability to work as part of a CERT which may require rotational weekday/weekend on-call coverage
- Strong sense of teamwork, an inquisitive mind, and the desire to share knowledge
- Ability to understand and implement technical vulnerability corrections
- Experience in website and web application security assessment or penetration testing
- Experience conducting malware analysis
- Experience with automation, scripting (Python, Perl, Ruby, etc.)
- Understanding of intrusion analysis
- Knowledge of multiple operating systems (Windows, Linux, OS X)
- Security product assessments
- Host and network forensics
- Development of security tools
Vacancy expired!