Cyber Security Analyst
NYC Department of Consumer and Worker Protection
2024-11-04 22:38:38
New York City, New York, United States
Job type: all
Job industry: I.T. & Communications
Job description
This position may be eligible for remote work up to 2 days per week, pursuant to the Remote Work Pilot Program agreed with the City
To Apply: Email your resume and cover letter to with the Job ID number and Position Name in the subject line
The NYC Department of Consumer and Worker Protection (DCWP) protects and enhances the daily economic lives of New Yorkers to create thriving communities. DCWP licenses more than 45,000 businesses in more than 40 industries and enforces key consumer protection, licensing, and workplace laws that apply to countless more. By supporting businesses through equitable enforcement and access to resources and, by helping to resolve complaints, DCWP protects the marketplace from predatory practices and strives to create a culture of compliance. Through its community outreach and the work of its offices of Financial Empowerment and Labor Policy & Standards, DCWP empowers consumers and working families by providing the tools and resources they need to be educated consumers and to achieve financial health and work-life balance. DCWP also conducts research and advocates for public policy that furthers its work to support New York Citys communities. For more information about DCWP and its work, call 311 or visit DCWP at nyc.gov/dcwp or on its social media sites, Twitter, Facebook, Instagram and YouTube.
In 2016, following DCWPs successful implementation of the Citys Paid Sick Leave Law, DCWPs mandate expanded yet again to add the Office of Labor Policy & Standards (OLPS), which is NYCs central resource for workers and a dedicated voice for workers in City government. OLPS is the largest municipal labor standards office in the country and is charged with conducting original data collection and research, policy development, education and outreach on key workplace issues, and advocating for and enforcing a new generation workplace protections. DCWP now stands at the nexus of consumers, businesses, and working families in New York City and is pioneering how city government can protect and enhance the lives of all of players in the marketplace, including consumers, business and workers, and how that work ultimately fosters stronger, more sustainable, and thriving communities. Through its Office of Financial Empowerment, DCWP assists low-income and immigrant New Yorkers to build assets and make the most of their financial resources by providing free financial counseling at Financial Empowerment Centers across the City, access to mainstream banking, and encouraging Earned Income Tax Credit utilization. DCWP is seeking to hire a Cyber Security Analyst Level II to join its IT Services Division. Under the direction of the Executive Director Infrastructure, the Cyber Security Analyst Level II will assist with implementing cybersecurity polices, standards, directives, and guidelines that draws heavily from citywide cyber policies implemented by the City of New York for all agencies.
The Cyber Security Analyst defends against cybersecurity incidents and identifies, analyzes, communicates and contains incidents as they occur. This cybersecurity role requires excellent communication skills, creativity, strong technical background, and familiarity with tradition and emerging security technologies and practices. The activities
of this role will be split between day-to-day operations and working on new and existing cybersecurity related projects.
Major Responsibilities:
Under supervision, with latitude for independent initiative and decision making, assist DoTSS in liaising with the NYC Office of Technology and Innovation (OTI) by ensuring any security threats are mitigated by DCWP in a timely manner.
With an effort to remain proactive and stay ahead of the issues, respond to alerts and events that could threaten the Agencys information technology security posture.
Characterize and analyze network traffic and server/cloud performance metrics to identify anomalous activity and potential threats.
Complete appropriate patching on various systems, including workstations, servers and network equipment such as switches, voice gateways and routers.
Analyze identified malicious activity to determine means, method, and details of exploitations against agency systems and applications.
Evaluate commercial software in conjunction with OTI for safe use by NYC DCWP.
Guide ITOPS in reimage/restore devices and equipment to previous known good states after an incident.
Validate, analyze, investigate and mitigate reported trouble tickets or incidents from OTI.
Follow up to ensure DCWP staff are taking and following Cyber Security Training.
Ensure new software (COTS, on-prem, cloud-based CRM) are being developed following citywide security standards and protocols passes through SDLC and security accreditation (from OTI).
Follow up on incident reports and app scan reports to ensure that proper mitigation is taking place in timely manner.
Conduct network monitoring and intrusion detection analysis using various computer network defense tools, such as intrusion detection/prevention systems, firewalls and host-based security systems; review and adjust ACL as needed based on source/destination/port by requirement.
Conduct log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources
Correlate activity across assets (endpoint, network, apps) and environments (on-premises, cloud) to identify patterns of anomalous or suspicious activity.
Support the creation of business continuity/disaster recovery plans, including conducting disaster recovery tests, publishing test results and making changes necessary to address deficiencies.
Research emerging threats and vulnerabilities to aid in the identification of incidents.
Provide users with incident response support, including mitigating actions to contain activity and facilitating forensic analysis when necessary.
Perform security standards testing against computers or IT equipment before implementation to ensure security
standards are met.
Coordinate with OTI and ITOPS on providing IT inventory, performing DCWP security