Job Title: Cyber Security Analyst Location: Harlem, NY 10039 Job Type: Contract Work schedule: Normal business hours Monday-Friday 35 hours/week (not including mandatory unpaid meal break after 6 hours of work). Duration: 6 Years Pay Rate: $65-$70 per hour Scope of Services: The Contractor/cybersecurity analyst would perform a variety of services, both in-person at NYC Health Department locations and, if needed, remotely, including but not limited to: Location: These analysts are needed for assistance with designing secure cloud infrastructure and managing standard cybersecurity review, response, and maintenance for the networks and software solutions currently being installed at the new Public Health Laboratory (PHL) facility currently undergoing construction in the Harlem neighborhood and at all NYC Health Department locations. • Identifying and mitigating complex IT technical threats to computer systems, networks, and data. • Using technical IT tools and IT software to monitor, analyze, and defend against cyberattacks. • Monitoring and analyzing network traffic, configuring firewalls, intrusion detection/prevention systems and conducting vulnerability assessments. • Managing and protecting endpoints such as desktops, laptops, servers, and mobile devices from malware, ransomware, and other threats. • Investigating security incidents, identifying root causes, and implementing corrective actions to prevent future occurrences. • Utilizing SIEM tools to collect, correlate and analyze security event data for threat detection and responses. • Monitoring and analyzing emerging threats, vulnerabilities, and attack vectors to proactively defend against cyber threats. • Performing Penetration testing. • Keeping abreast of the latest security, privacy, and regulatory concerns and best practices impacting third party risk management. • Advising the agency on any changes requested by third parties to security and privacy provisions of agreements or contracts. • Collaborating with IT project management and operational teams to design secure cloud infrastructure plans and services. Performing analysis on the security of all cloud services, including but not limited to: AWS, Microsoft Azure, Google, etc. • Providing subject matter expertise on cloud security, automation, and virtualization. • Developing, documenting, and validating policies, processes, and procedures relating to a variety of cloud concepts and standards. • Developing cloud security metrics to analyze risks and identify potential opportunities to reduce vulnerabilities. • Collaborating with all parties and the city's Cyber Command Center to obtain cloud solution dispositions and update agency inventory lists. Experience and Organizational Capability: The contractor/cybersecurity analyst would have the following credentials, organizational capability, and/or experience:
- A bachelor's degree in information technology or Computer Science.
- An industry recognized certification within the domains of information security and privacy (e.g., CISSP, GIAC, CISM, CISA, CIPP, CTPRP, CCSP, etc.).
- A minimum of three (3) years of experience working in an IT or computer-related field. Greater consideration will be given to contractors with greater than 5 years of experience.
- A minimum of three (3) years of hands-on technical experience in cloud administration.
- At least 1 year of experience:
with Cloud Cybersecurity efforts and emerging technology aligned with the Risk Management Framework (RMF). In an Information & Network Security occupation preferred.