About the New York City Police Pension Fund
The New York City Police Pension Fund (NYCPPF or the “Fund”) is dedicated to providing superior service to its 36,000 active members and 43,000 retired members of the New York City Police Department (NYPD). We remain committed to providing courteous, professional service by providing customized attention throughout our lifelong partnership with the uniformed staff of the NYPD and their families. We are looking for individuals with passion, dedication and commitment to excellence and innovation who are interested in adding to our dynamic and collaborative work environment. Please visit us at www.nyc.gov/nycppf to learn more.

Job Description
The Cyber Security Analyst will be responsible for ensuring the security and integrity of the agency’s information systems and data. The Cyber Analyst will be responsible for monitoring network activity, conducting security assessments, implementing security measures, and responding to security incidents in a timely manner. While this person will be reporting to the Director of IT Operations, they will be working directly with PPF’s virtual Chief Information Security Officer. The duties and responsibilities of this candidate will include, but are not limited to, the following:
- Monitoring network and security systems for potential security threats, including intrusion detection and prevention systems, firewalls, and anti-virus software;
- Investigating and responding to security incidents, including malware outbreaks, network intrusions, and unauthorized access attempts;
- Performing vulnerability assessments and penetration testing to identify and remediate security risks;
- Conducting security audits and risk assessments to identify and evaluate potential security risks to the organization;
- Developing and implementing security policies and procedures, including access controls, incident response plans, data backup and recovery strategies;
- Keeping up to date with the latest security trends, threats, and technologies, and making recommendations for improving the organization's security posture;
- Collaborating with other IT and security teams to ensure the seamless integration of security measures into existing systems and infrastructure;
- Providing technical guidance and support to other IT staff on security-related issues;
- Providing security awareness training and education to employees and stakeholders to promote a culture of security;
- Staying informed of new threats and vulnerabilities and making recommendations for updating the organization's security measures to address them;
- Other projects and assignments, as assigned.

1. A baccalaureate degree, from an accredited college including or supplemented by twenty-four (24) semester credits in cyber security, network security, computer science, computer programming, computer engineering, information technology, information science, information systems management, network administration, or a pertinent scientific, technical or related area; or

2. A four-year high school diploma or its equivalent approved by a State’s department of education or a recognized accrediting organization and three years of satisfactory experience in any of the areas described in “1” above; or

3. Education and/or experience equivalent to “1” or “2”, above. College education may be substituted for up to two years of the required experience in “2” above on the basis that sixty (60) semester credits from an accredited college is equated to one year of experience. In addition, twenty-four (24) credits from an accredited college or graduate school in cyber security, network security, computer science, computer programming, computer engineering, information technology, information science, information systems management, network administration, or a pertinent scientific, technical or related area; or a certificate of at least 625 hours in computer programming from an accredited technical school (post high school), may be substituted for one year of experience.

- A solid understanding of cybersecurity principles, concepts, and best practices. This includes knowledge of various types of cyber threats, attack vectors, and common vulnerabilities. Familiarity with security best practices and industry standards, such as the principle of least privilege, defense-in-depth, secure remote access, and security auditing - Understanding of threat landscapes, emerging attack vectors, and knowledge of threat intelligence sources to stay updated about the latest cyber threats - Basic knowledge of analyzing and dissecting malware samples to understand their behavior and potential impact - Proficiency in working with SIEM tools such as Splunk, ELK Stack, or IBM QRadar to collect, correlate, and analyze security events for early threat detection - Being able to effectively respond to and manage security incidents - Security Certification such as CISM, CISSP, CISA, CCSP.

This position is also open to qualified persons with a disability who are eligible for the 55-a Program. Please indicate at the top of your resume and cover letter that you would like to be considered for the position through the 55-a Program.

As a prospective employee of the City of New York, you may be eligible for federal loan forgiveness programs and state repayment assistance programs. For more information, please visit the U.S. Department of Education’s website at https://studentaid.gov/pslf/.

New York City residency is generally required within 90 days of appointment. However, City Employees in certain titles who have worked for the City for 2 continuous years may also be eligible to reside in Nassau, Suffolk, Putnam, Westchester, Rockland, or Orange County. To determine if the residency requirement applies to you, please discuss with the agency representative at the time of interview.

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.