The New York City Department of Environmental Protection (DEP) protects public health and the environment by supplying clean drinking water, collecting, and treating wastewater, and reducing air, noise, and hazardous materials pollution. DEP is the largest combined municipal water and wastewater utility in the country, with nearly 6,000 employees. We deliver 1.1 billion gallons of high-quality drinking water per day to 8.5 million New York City residents and more than 1 million people in Upstate New York, and we collect and treat an average of 1.3 billion gallons of wastewater per day.

The New York City Department of Environmental Protection’s (DEP) Bureau of Business Information Technology (BIT) is responsible for providing quality business, technical and IT system support to our users. This commitment is realized through collaboration, strong relationships, and a unified vision with our partners at DEP to provide quality technology solutions to our business needs. Providing these services allows us to ensure that DEP continues its tradition of delivering excellent service to the residents of New York City.
The New York City Department of Environmental Protection Bureau of Business Information Technology seeks to hire three (3) Cyber Security analysts to provide support to the State's Security Operation Command (SOC) Center aligning with our Agency’s Information Security Unit.

Main Tasks/Critical Duties are outlined below:

Under the direction of the Information, the Cyber Security Analyst Level II will be responsible for the duties outlined below:
-Identify business needs, design processes, and leverage technology and security best practices to ensure NYC DEP employees continue to deliver first-class services to our customers.
-Serve as a subject matter expert in developing content for cyber defense tools and coordinate with agency-wide cyber defense staff to validate Security Operations Center (SOC) alerts.
- Deliver services and solutions using the suite of Microsoft PowerApps, Power BI, SharePoint, Power Automate, Microsoft Teams, and data integrations.
-Serve as a subject matter expert on characterizing and analyzing network traffic to identify anomalous activity and potential threats to network resources.
-Create, maintain, and administer a library of automated playbooks for common information security threats and customize these plans for specific environments.
-Perform regular updates of existing Playbooks based on requirements provided by operations teams for changes in the Threat Landscape.

1. A baccalaureate degree, from an accredited college including or supplemented by twenty-four (24) semester credits in cyber security, network security, computer science, computer programming, computer engineering, information technology, information science, information systems management, network administration, or a pertinent scientific, technical or related area; or

2. A four-year high school diploma or its equivalent approved by a State’s department of education or a recognized accrediting organization and three years of satisfactory experience in any of the areas described in “1” above; or

3. Education and/or experience equivalent to “1” or “2”, above. College education may be substituted for up to two years of the required experience in “2” above on the basis that sixty (60) semester credits from an accredited college is equated to one year of experience. In addition, twenty-four (24) credits from an accredited college or graduate school in cyber security, network security, computer science, computer programming, computer engineering, information technology, information science, information systems management, network administration, or a pertinent scientific, technical or related area; or a certificate of at least 625 hours in computer programming from an accredited technical school (post high school), may be substituted for one year of experience.

One (1) year plus year of experience with cybersecurity operations. One (1) year plus of experience triaging technical support, research, investigation, and reviewing of system logs and events such as Windows logs, applications logs, antivirus logs, Intrusion Detection/Prevention System, and cybersecurity appliances. One (1) year plus of experience with Wireshark, Endpoint Detection and Response (EDR), and Security information and event management (SIEM). Familiarity with cybersecurity best practices, security assessment methodology, vulnerability management, Cyber Kill Chain and MITRE ATT&CK. Possess good customer service and interpersonal skills.

This position is also open to qualified persons with a disability who are eligible for the 55-a Program. Please indicate at the top of your resume and cover letter that you would like to be considered for the position through the 55-a Program.

As a prospective employee of the City of New York, you may be eligible for federal loan forgiveness programs and state repayment assistance programs. For more information, please visit the U.S. Department of Education’s website at https://studentaid.gov/pslf/

New York City residency is generally required within 90 days of appointment. However, City Employees in certain titles who have worked for the City for 2 continuous years may also be eligible to reside in Nassau, Suffolk, Putnam, Westchester, Rockland, or Orange County. To determine if the residency requirement applies to you, please discuss with the agency representative at the time of interview.

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.