Cyber Threat Analyst

New York City DEPT OF INFO TECH & TELECOMM – Manhattan, NY

$75,000 - $95,000 a yearAbout New York City Cyber CommandNYC Cyber Command was created in 2017 by Executive Order to lead the Citys cyber defense efforts, working across more than 100 agencies and offices to prevent, detect, respond, and recover from cyber threats. NYC Cyber Command is committed to protecting NYC infrastructure and critical systems from malicious attacks through the use of the latest technologies, public-private partnerships, and regular training and exercises for City employees. Job DescriptionThreat Analysts within NYC Cyber Command perform many critical functions within the Threat Management discipline. Chief among these functions is providing 24x7x365 coverage within the Security Operations Center. For this reason, Threat Analysts, must be able and willing to fill night and weekend shifts. Responsibilities will include:

  • Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources;
  • Coordinate with enterprise-wide cyber defense staff to validate network alerts;
  • Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level;
  • Document and escalate incidents (including events history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment;
  • Perform cyber defense trend analysis and reporting;
  • Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack;
  • Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy;
  • Plan and recommend modifications or adjustments based on exercise results or system environment;
  • Provide daily summary reports of network events and activity relevant to cyber defense practices;
  • Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts;
  • Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities;
  • Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity;
  • Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information;
  • Determine tactics, techniques, and procedures (TTPs) for intrusion sets;
  • Examine network topologies to understand data flows through the network;
  • Recommend computing environment vulnerability corrections;
  • Identify and analyze anomalies in network traffic using metadata;
  • Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings);
  • Work with stakeholders to resolve computer security incidents and vulnerability compliance;
  • Provide advice and input for Disaster Recovery, Contingency, and Continuity of Operations Plans.
  • Minimum Qual Requirements 1. A baccalaureate degree from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the particular position; or2. Education and/or experience which is equivalent to 1 above.

    Preferred Skills The preferred candidate should possess the following:
  • Excellent verbal and oral communication skills;
  • Ability to analyze malware;
  • Ability to conduct vulnerability scans and recognize vulnerabilities in security systems;
  • Ability to accurately and completely source all data used in intelligence, assessment and/or planning products;
  • Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation);
  • Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies;
  • Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).
  • To Apply
  • Interested applicants with similar civil service titles who meet the preferred requirements should also submit a resume for consideration
  • For City employees, please go to Employee Self Service (ESS), click on Recruiting Activities > Careers, and search for Job ID #390870For all other applicants, please go to and search for Job ID #390870 SUBMISSION OF A RESUME IS NOT A GUARANTEE THAT YOU WILL RECEIVE AN INTERVIEWAPPOINTMENTS ARE SUBJECT TO OVERSIGHT APPROVAL Department of Information Technology & Telecommunications and the City of New York are equal opportunity employers. DoITT participates in E-Verify

    Hours/Shift Day - Due to the necessary technical support duties of this position in a 24/7 operation, candidate may be required to work various shifts such as weekends and/or nights/evenings. Day - Due to the necessary technical support duties of this position in a 24/7 operation, candidate may be required to work various shifts such as weekends and/or nights/evenings.

    Work Location Brooklyn, NY

    Residency Requirement New York City Residency is not required for this position

    All Jobs in Manhattan, NY

    • Threat Analyst

      Rangam Consultants Inc. Brooklyn, NY

      View Job
    • Senior Information Security Analyst (contract)

      ASCAP New York, NY

      View Job
    • Bilingual Russian Cybercrime Intelligence Analyst

      New York District Attorney's Office New York, NY

      View Job
    • Cyber Security Analyst

      Layer 7 Data Solutions Brooklyn, NY

      View Job
    • Threat Analyst

      Layer 7 Data Solutions Brooklyn, NY

      View Job
    • Threat Analyst

      beejAUM Technology Group, Inc Brooklyn, NY

      View Job
    • Cyber Security SOC Analyst - Level 2

      NBCUniversal Englewood Cliffs, NJ

      View Job
    • Security Operations Analyst (Englewood, CO)

      Cognizant Teaneck, NJ

      View Job
    • SOC Incident Response Analyst L1

      Refinitiv New York, NY

      View Job
    • Analyst, Security Operation Center

      Interpublic Group Jersey City, NJ

      View Job
    • Cyber Response Analyst

      Configuration Management, Inc. Englewood Cliffs, NJ

      View Job

    Featured Articles

    Best Oracle Fusion Online Training in USA

    03 May 2016

    Oracle Fusion is a combination of two parts: OFA (Oracle Fusion Applications) and OFM (Oracle Fusion Middleware). OFA and OFM are used to develop different types of business applications. OFM offers technology to deploy, develop, and manage SOA; it also helps in developing JAVA applications. Orac

    read more..

    SAP BPC Online Training By Qualified Trainers

    27 April 2016

    SAP Business Planning and Consolidation (BPC) is a tool that supports financial and operational activities in an organization. It helps an organization in forecast, consolidation, and streamlining business forecast activities. The key benefits provided by SAP BPC include: (1) data collaboration a

    read more..

    Tips For Consulting Companies Before Sponsoring H1B Petition

    22 September 2015

    International candidates who want to work with the foreign companies or international students who want to continue their work in USA after the expiration of F1 visa can apply for the H1B visa. Through the H1B visa these people can enter USA or continue their stay in

    read more..

    Appearing For H1B Visa Interview? Here Are The Tips!

    09 September 2015

    The H1B visa program is the primary method for employers to recruit and hire International professionals and International students to work in the USA. The H1B visa enables US employers to hire foreign professionals for a specified period of time. The

    read more..

    Thanks For Your Feedback

    Attach A Resume First