The Office of Technology and Innovation (OTI) leverages technology to drive opportunity, improve public safety, and help government run better across New York City. From delivering affordable broadband to protecting against cybersecurity threats and building digital government services, OTI is at the forefront of how the City delivers for New Yorkers in the 21st century. Watch our welcome video to see our work in action, follow us on social media @NYCOfficeofTech, and visit oti.nyc.gov to learn more.

At OTI, we offer great benefits, and the chance to work on projects that have a meaningful impact on millions of people. You'll have the opportunity to work with cutting-edge technology and collaborate with other passionate professionals who share your drive and commitment to making a difference through technology.

Job Description
Cyber Command’s Cyber Threat Intelligence (CTI) program focuses on collecting, processing, analyzing, and disseminating actionable intelligence to stakeholders to provide the context needed to make informed decisions to respond to threats and mitigate risks to City systems and data. Senior Technical Intelligence Analysts within NYC Cyber Command perform many critical functions in support of the program’s areas of focus, mainly by providing direct support to key verticals of the Threat Management team by consuming and analyzing technical and operational intelligence in order to respond to stakeholder needs and requests, coordinating between intelligence analysts and the CTI Director, and acting as the liaison between security operators and the CTI team and providing intelligence support to security operators in the form of assistance to hunt missions, augmentation of detection capabilities, support for response efforts from a technical perspective, extracting and correlating indicators or artifacts to primary operators, and directly assisting or executing investigative efforts or tasks.

Responsibilities will include:
- Lead the creation of strategic, operational, and tactical intelligence relevant to stakeholders within the City of New York and its dissemination in briefings and written reports;
- Lead in the development of relevant, timely, and accurate threat intelligence support to network defenders at NYC3: provide analyst support to NYC3 operators and disseminate analysis through threat intelligence platform;
- Lead the delivery of products and services in alignment with intelligence requirements: capture intelligence requirements and capture metrics on intelligence requirements serviced;
- Oversee the college aid and internship programs and provide use cases for project development;
- Manage operation and improvement of the threat intelligence and analysis platform in coordination with the Content Manager and other analysts: carry out upkeep activities and disseminate indicators from platform;
- Lead cross team collaboration for emerging threat workstreams;
- Create and document detailed standard operating procedures and playbooks;
- Lead the intake and implementation of relevant feedback for technical intelligence products and services and map feedback to Intelligence Requirements;
- Lead the research and tracking of threat actors, malware, and campaigns: ensure analysts are properly tracking threats tied to intelligence requirements and coordinate with intelligence analysts and other teams within NYC3;
- Maintain relationships with existing and new vendors that provide intelligence support, analytical support, and toolsets;
- Handle special projects and initiatives as assigned.

HOURS/SHIFT
Day - Due to the necessary technical duties of this position in a 24/7 operation, candidate may be required to work various shifts such as weekends and/or nights/evenings.

WORK LOCATION
Brooklyn, NY

TO APPLY
* Interested applicants with other civil service titles who meet the preferred requirements should also submit a resume for consideration

Please go to www.cityjobs.nyc.gov and search for Job ID #768148

SUBMISSION OF A RESUME IS NOT A GUARANTEE THAT YOU WILL RECEIVE AN INTERVIEW
APPOINTMENTS ARE SUBJECT TO OVERSIGHT APPROVAL

OTI participates in E-Verify

IT SECURITY SPECIALIST - 95622

A baccalaureate degree from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the particular position; or,

Education and/or experience which is equivalent to "1" above.

The successful candidate should possess the following: - Ability to work independently and function effectively as part of a team in a dynamic environment - Extensive experience working in a security environment and/or supporting security teams from a technical standpoint - Extensive experience in the extraction and analysis of tactical intelligence from investigations - Prior experience working in intelligence and knowledge of intelligence tradecraft, including the intelligence cycle, structured analytic techniques, and intelligence writing and briefing - Strong written and verbal communication skills including organization, presentation and facilitation skills - Proficient analytical qualities that include logical reasoning, critical thinking, and problem solving - Proficient with applications such as Microsoft Office or comparable products - Demonstrate a clear understanding of the component parts of intelligence-driven threat hunting - Knowledge of the current cyber threat landscape, with a specific focus on the technical aspects of adversarial Tactics, Techniques and Procedures (TTPs) and their relation to the cyber kill chain and other analytical models - Knowledge of standard monitoring, detection, and response security functions - Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, and non-repudiation) - Understanding of foundational threat intelligence analysis frameworks, including the Diamond Model and Kill Chain - Working knowledge of intelligence analysis applications, tools, and systems including Maltego and OpenCTI - Familiarity with various technologies such as SIEM, IDS/IPS, Proxy, Endpoint, and enterprise incident management systems - Understanding of vulnerability and exploitation concepts, or experience in penetration testing - Extensive experience in host and network-based forensics, or Incident Response best practices - Strong understanding of dynamic/behavioral malware analysis methods and technology - Extensive experience in host and network-based defense, or monitoring and detection best practices - Demonstrate an ability to actively work with vendors who provide intelligence support, analytical support, and toolsets - Ability to obtain a security clearance

As a prospective employee of the City of New York, you may be eligible for federal loan forgiveness programs and state repayment assistance programs. For more information, please visit the U.S. Department of Education’s website at https://studentaid.gov/pslf/.

New York City Residency is not required for this position

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.