Brooklyn, NY (Onsite)
Estimated Best in Market
Posted on: 01/17/2023
NG911 - IT Security Analyst
- Conduct firewall system security and vulnerability analyses and risk assessments for NG911.
- Perform Cyber Security and technical threat analysis.
- Develop and maintain Security Incident and Event Manager.
- Evaluate security system controls and monitoring for vulnerabilities.
- Determine security requirements by evaluating strategies and business requirements.
- Analyze potential impact of new threats, develop, and implement expert firewall solutions to mitigate those threats, and communicate risks to public safety agencies.
- Review risks to critical applications and recommend security controls.
- Experience implementing and Maintaining Security Frameworks for Existing and New Systems. (Highly desired)
- Familiarity with cyber threat intelligence and MITRE's ATT&CK framework. (Highly desired)
- Knowledgeable of penetration/vulnerability assessment methodologies and the cyber kill chain. (Highly desired)
- Possess one of the following: CISSP, CSSLP, CEH, CCSK, CompTIA Security+ and/or other IT Security Certs. (Highly desired)
- At least 12 years of experience with Intrusion Prevention Systems and Tools.
- Extensive experience performing Cyber and Technical Threat Analyses.
- Familiarity with Security Regulations and Standards.
- Monitoring and responding to malicious activity, and perform cybersecurity investigations
- Perform technical and forensic investigations.
- Create playbook for security events.
- Analyze system services, operating systems, networks, and applications to address possible cyber attacks
- Automate processes leveraging scripts (Python, batch, etc.).
- Run reports to gather data from SQL databases (SQL).
- Creation of SIEM dashboards to help visualize data and events.
- Set the program strategy and develop approaches to integrate automation/orchestration services into existing and future processes that will support the verticals within Threat Management.
- Respond and resolve basic operational technical Incidents and Requests.