The Office of Technology and Innovation (OTI) oversees all Citywide technology, privacy, cybersecurity, infrastructure, and telecommunications to ensure the security of, and enhance, City operations and service delivery to New York City's residents, businesses, employees, and visitors. As the City's technology and innovation leader, OTI is responsible for operating, maintaining and securing IT infrastructure and systems that touch every aspect of City life from public safety to human services, from education to economic development crossing the full spectrum of governmental operations.

At OTI, we offer great benefits, and the chance to work on projects that have a meaningful impact on millions of people. You'll have the opportunity to work with cutting-edge technology, transition our existing data infrastructure to a cloud-centric platform, and collaborate with other passionate professionals who share your drive and commitment to making a difference through technology.

About New York City Cyber Command
The New York City Office of Technology and Innovation (OTI) Cyber Command is committed to protecting City systems and technology infrastructure that provide and enable vital services to New Yorkers from cyber threats, and helping residents become safer in their digital lives.

As the organization defending the largest municipality in the country, OTI Cyber Command is charged with directing citywide incident response, setting citywide cybersecurity policies and standards and working with city agencies to strengthen their cyber defenses.

Mission Statement
"To lead and execute an innovative, intelligence-driven, risk-informed cyber defense and response strategy -- with the support of key partners and allies -- that enables the city government to properly function and provide services to New Yorkers”.

Vision Statement
"New York City the most cyber-resilient city in the world"

Job Description
Computer Emergency Response Team (CERT) Specialists serve the City of New York as a senior-level cybersecurity advisor and practitioner, whose expertise will guide the development, enhancement, and deployment of City-wide incident response policies and procedures. This team is the escalation point for high-profile cybersecurity incidents impacting City agencies. The CERT team engages in malware analysis, digital forensics, and campaign assessments; and harmonizes response activities among OTI- Cyber Command, City departments, and state, federal, and private partners. Specialists work alongside internal teams such as, but not limited to, cyber threat intelligence, counter-threat automation, urban technology, and data science teams to innovate detection, investigation, response, and remediation methods and capabilities.

Responsibilities include:
- Assist NYC agencies in improving cyber incident response;
- Design and participate in cyber tabletop exercises with City departments to identify capability gaps, procedural weaknesses, and critical infrastructure;
- Design, build and enhance cyber-incident detection tools and capabilities;
- Work with cyber intelligence teams to identify new cyber threats and campaigns and proactively deploy countermeasures;
- Serve as the escalation point for high-profile cybersecurity incidents;
- Prioritize incident response activities and coordinate response efforts among City departments and external partners;
- Investigate cybersecurity incidents through log, file, and malware analysis;
- Perform memory, network, and disk forensics;
- Devise appropriate remediation strategies and assist affected City agencies in containing, eradicating, and recovering from cybersecurity incidents;
- Develop post-incident action plans to improve Mean Time to Recover/Restore;
- Maintain knowledge of current cyber threat campaigns and tradecraft;
- Participate in on-call rotation;
- Handle special projects and initiatives as assigned.

A baccalaureate degree from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the particular position; or,

Education and/or experience which is equivalent to "1" above.

The preferred candidate should possess the following: - Experience in performing security event and incident detection and handling in an operational environment such as SOC, CSIRT, CERT, etc. - Experience reviewing and analyzing security events from various monitoring and logging sources - Knowledge of and experience with packet analysis and IDS/IPS technology - Experience in website and web application security assessment or penetration testing - Previous experience working as a part of an IT Security team - Formal education or a strong background in Computer Science, Computer Engineering or similar experience - Incident response experience - Active knowledge of current trends in computer security, software/hardware vulnerabilities - Active interest in current security research - Ability to work as part of a CERT which may require rotational weekday/weekend on-call coverage - Strong sense of teamwork, an inquisitive mind, and the desire to share knowledge - Ability to understand and implement technical vulnerability corrections - Experience conducting malware analysis - Experience with automation, scripting (Python, Perl, Ruby, etc.) - Understanding of intrusion analysis - Knowledge of multiple operating systems (Windows, Linux, OS X) - Security product assessments - Host and network forensics - Cloud security - Excellent verbal and written communication skills - Development of security tools.

As a prospective employee of the City of New York, you may be eligible for federal loan forgiveness programs and state repayment assistance programs. For more information, please visit the U.S. Department of Education’s website at https://studentaid.gov/pslf/

New York City Residency is not required for this position

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.