About Cyber Command
New York City Office of Technology and Innovation (OTI) Cyber Command is committed to protecting City systems that provide vital services to New Yorkers from cyber threats, and helping residents become safer in their digital lives.

As the organization defending the largest municipality in the country, OTI-Cyber Command is charged with directing citywide incident response, setting citywide cyber-security policies and standards and working with city agencies to strengthen their cyber defenses.

Mission Statement
"To lead and execute an innovative, intelligence-driven, risk-informed cyber defense and response strategy -- with the support of key partners and allies -- that enables the city government to properly function and provide services to New Yorkers."

Vision Statement
"New York City the most cyber-resilient city in the world"

Job Description
Cyber Command's Threat Management College Aide will be assigned to work in one of Threat Management's six (6) divisions (Security Operations Center (SOC), Computer Emergency Response Team (CERT), Cyber Threat Intelligence (CTI), Counter Threat Automation (CTA), Vulnerability Management (VM), or Agency Incident Response Readiness (AIRR) teams and will be assigned to:
- Lead, execute, and advise on prevention, detection, response, and recovery strategies, through incident response planning and engagement, continuous monitoring and triage, integrated cyber threat intelligence, and counter threat automation and orchestration;
- Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity;
- Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings);
- Maintain knowledge of the current security threats and actors and their relevance to the City by monitoring reports and intel sources;
- Build metrics utilizing a data security approach to gain insight into attacks and responses to incidents within the City of New York;
- Participate and assist in testing new technologies and products to determine their effectiveness within the OTI infrastructure;
- Build detection rules with the log management solution to alert on anomalous behavior indicative of a malicious threat actor;
- Deliver recommendations and actions to improve the detection, escalation, containment and resolution of incidents;
- Build, develop, and deploy playbooks that will enable effective triaging of incidents;
- Assist in root cause analysis of high severity incidents.

For Assignment Level I:
Matriculation at an accredited college or graduate school. Employment is conditioned upon continuance as a student in a college or graduate school.
For Assignment Level II (Information Technology):
Matriculation at an accredited college or graduate school. Employment is conditioned upon continuance as a student in a college or graduate school with a specific course of study in information technology, computer science, management information systems, data processing, or closely related field, including or supplemented by 9 semester credits in an acceptable course of study.
For Assignment Level III (Information Technology Fellow):
Matriculation at an accredited college or graduate school. Employment is conditioned upon continuance as a student in a college or graduate school with a specific course of study in information technology, computer science, management information systems, data processing, or other area relevant to the information technology project(s) assigned, including or supplemented by 9 semester credits in an acceptable course of study. Appointments to this Assignment Level will be made by the Technology Steering Committee through the Department of Information Technology and Telecommunications.

SPECIAL NOTE
Maximum tenure for all Assignment Levels in the title of College Aide is 6 years. No student shall be employed more than half-time in any week in which classes in which the student is enrolled are in session. Students may be employed full-time during their vacation periods.

The preferred candidates should possess the following: - Ability to work independently and creatively in a fast-paced environment - Strong organizational and data management skills related to tracking, reporting and data based needs assessment - Ability to conduct research in at least one or more the following subjects: managed security services, incident response, network forensics, threat research and monitoring, platform engineering, vulnerability management - Knowledge of G-Suite and O365 platforms - Effective communication, customer relations, and interpersonal skills - Experience working with all levels of the organization - Familiarity with Cyber Threat Management concepts - Ability to handle multiple tasks under tight deadlines - Ability to maintain confidentiality - Experience in managing expectations and relations with multiple stakeholders.

New York City residency is generally required within 90 days of appointment. However, City Employees in certain titles who have worked for the City for 2 continuous years may also be eligible to reside in Nassau, Suffolk, Putnam, Westchester, Rockland, or Orange County. To determine if the residency requirement applies to you, please discuss with the agency representative at the time of interview.

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.