The Office of Technology and Innovation (OTI) oversees all Citywide technology, privacy, cybersecurity, infrastructure, and telecommunications to ensure the security of, and enhance, City operations and service delivery to New York City's residents, businesses, employees, and visitors. As the City's technology and innovation leader, OTI is responsible for operating, maintaining, and securing IT infrastructure and systems that touch every aspect of City life from public safety to human services, from education to economic development crossing the full spectrum of governmental operations.

About Threat Management
Technical Intelligence Analysts within Cyber Command perform many critical functions within the Threat Management discipline. Chief among these functions is providing the key stakeholders of the Threat Management team with direct operational support by consuming and analyzing tactical and technical intelligence, as well as coordinating between operators and the CTI Director. The Cyber Intel Analysts tasks are described below:

Responsibilities will include:
- Provide intelligence support to primary operators, and also to directly assist or execute investigative efforts or tasks;
- Assist hunt missions to augment detection capabilities to identify threats across Cyber Command operating environment;
- Responsible for the collection, processing, analysis, and dissemination of tactical intelligence (IOC’s) and products (finished reports) throughout Cyber command and partner organizations;
- Develop, maintain, and execute threat and risk communication processes that advise NYC3 network defenders;
- Responsible for pushing indicators to security defenses from Cyber Command’s Threat Intelligence Platform (TIP) and coordinating activity with defensive operators;
- Perform network, host, and kill chain analysis on malware behavior and intrusion sets;
- Conduct research for tracking certain code families, campaigns, or actors through technical analysis of data, malicious codes, and infrastructure;
- Employ predictive analytic methods to determine changes in adversary’s capabilities, motivations, and intent, while providing recommendations to reduce risk before exposure to threats occur;
- Provide direct analytic support to the Security Operations Center, including Incident Response and Risk Analysts, to add context to active investigations and threats using intelligence;
- Create and present custom threat briefing materials for Cyber Command’s operational teams to provide tactical situational awareness.

1. A baccalaureate degree, from an accredited college including or supplemented by twenty-four (24) semester credits in cyber security, network security, computer science, computer programming, computer engineering, information technology, information science, information systems management, network administration, or a pertinent scientific, technical or related area; or

2. A four-year high school diploma or its equivalent approved by a State’s department of education or a recognized accrediting organization and three years of satisfactory experience in any of the areas described in “1” above; or

3. Education and/or experience equivalent to “1” or “2”, above. College education may be substituted for up to two years of the required experience in “2” above on the basis that sixty (60) semester credits from an accredited college is equated to one year of experience. In addition, twenty-four (24) credits from an accredited college or graduate school in cyber security, network security, computer science, computer programming, computer engineering, information technology, information science, information systems management, network administration, or a pertinent scientific, technical or related area; or a certificate of at least 625 hours in computer programming from an accredited technical school (post high school), may be substituted for one year of experience.

The preferred candidate should possess the following: - Excellent verbal and written communication skills are required - Experience working in a security environment and/or supporting security teams from a technical standpoint - In-depth knowledge of the current cyber threat landscape, with a specific focus on the technical aspects of adversarial Tactics, Techniques and Procedures (TTPs) and their relation to the cyber kill chain and other analytical models - Fundamental analytic tradecraft skill sets, with extensive experience in the extraction and analysis of tactical intelligence from investigations - Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, and non-repudiation) - Strong understanding of vulnerability and exploitation concepts, or experience in penetration testing - Expertise in host and network-based forensics, or Incident Response best practices - Strong understanding of dynamic/behavioral malware analysis methods and technology - Experience in host and network-based defense, or monitoring and detection best practices - Ability to obtain a security clearance is strongly preferred.

This position is also open to qualified persons with a disability who are eligible for the 55-a Program. Please indicate at the top of your resume and cover letter that you would like to be considered for the position through the 55-a Program.

New York City residency is generally required within 90 days of appointment. However, City Employees in certain titles who have worked for the City for 2 continuous years may also be eligible to reside in Nassau, Suffolk, Putnam, Westchester, Rockland, or Orange County. To determine if the residency requirement applies to you, please discuss with the agency representative at the time of interview.

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.