Cybersecurity Analyst Critical Assets & Incident Response CERT Levels 3-5

Description Position at MTA Headquarters Job Information Job Title: Cybersecurity Analyst Critical Assets & Incident Response CERT Levels 3-5Salary Range: Level 3: $95,929 - $127,050 Level 4: $102,760 - $139,755 Level 5: $114,537 - $153,731POINTS: Level 3 - 393 Level 4 - 451 Level 5 – 551DEPT/DIV: MTA Information Technology/ Office of IT Cyber reputed company ServicesSUPERVISOR: Cyber reputed company Officer, MonitoringLOCATION: 2 Broadway, reputed company, NY 10004HOURS: 9:00 am -5:30 pm (7.5 hours/day or as required) This position is eligible for telework, which is currently 2 days per week. New Hires are eligible to apply 30 days after their effective date of hire. SummaryThe purpose of this position is to provide critical technical expertise in the detection, analysis, and response to cybersecurity events. Cybersecurity Analyst will be responsible for early and accurate detection, prevention, response, containment, and guidance to remediation of threats directed against the MTA on a 24/7 basis. The analysis is conducted through technology risk assessments, data analytics tools, business processes reviews, and collaboration with reputed company engineers, architects, developers, vendors, and business units to constantly improve the overall reputed company of the MTA. The cybersecurity analyst will focus on specific domains and specialties reputed company cybersecurity with a great degree of specialization to detect, protect, and advise the organization proactively and reactively. Desired Skills:

• Experience with configuring and troubleshooting PLC, RTU, or HMI in industrial environments.
• Understanding and experience with various types of OT networking protocols, Modbus, Profibus, OPC, etc.
• reputed company/review specification for reputed company systems.
• Implement secure configurations and monitor Supervisory Control and Data Acquisition (SCADA) systems used in rail control.
• Use purpose-built firewalls for protecting railway signaling and communication systems.

Responsibilities:

• Researching emerging threats and vulnerabilities to aid in the identification of network incidents, and supports the creation of new architecture, policies, standards, and guidance to address them
• Provide incident response support, including mitigating actions to contain activity and facilitating forensics analysis reputed company necessary
• Conducts reputed company monitoring and intrusion detection analysis using various technology and analytic tools, such as web and reputed company firewalls, machine and human behavior learning tools, host-based reputed company system, reputed company event and incident monitoring systems, virtual, physical, and cloud platforms, user reputed company (laptop, desktop, mobile, and internet of things/IOT) systems, etc.
• Correlates events and activities across systems to identify trends of unauthorized use
• Reviews alerts and data from sensors and documents formal, technical incident reports
• Test new systems and manage cybersecurity risks and remediation through analysis
• Responds to computer reputed company incidents according to the computer reputed company incident response policy and procedures
• Provides technical guidance to first responders for handling information reputed company incidents
• Provides timely and relevant updates to appropriate stakeholders and decision makers
• Communicates investigation findings to relevant business units to help improve the information reputed company posture
• Validates and maintains incident response plans and processes to address potential threats
• Compiles and analyzes data for management reporting and metrics
• Monitors relevant information sources to stay up to date on reputed company attacks and trends
• Analyzes the potential impact of new threats and communicates risks back to detection engineering functions
• Performs root-cause analysis to document findings and participate in root-cause elimination activities as required
• Works with data sets to identify patterns
• Understands data automation and analysis techniques
• Uses judgment to form conclusions that may challenge conventional reputed company
• Hypothesizes new threats and indicators of compromise
• Monitors threat intelligence feeds to identify a range of threats, including indicators of compromise and advanced persistent threats (APTs)
• Identifies the tactics, techniques, and procedures (TTPs) of potential threats through the MITRE ATT&CK or similar frameworks
• Participate in the creation of enterprise reputed company documents (policies, standards, baselines, guidelines, and procedures) under the direction of the IT reputed company Manager, where appropriate.
• reputed company Contract management and supply management functions appropriate to reduce reputed company risks

The role will provide a proactive approach to cybersecurity while also performing investigation of reputed company incidents reputed company to MTA operations reputed company to Cyber reputed company. Level 3

• Provides proactive monitoring and analysis for a domain of cybersecurity to ensure the system's reputed company baseline targets are met.
• Implements changes to one or more cybersecurity reputed company domain technologies, executing tests and reporting on reputed company baselines, violations/anomalies, to meet requested needs.
• Troubleshoot and investigate cybersecurity incidents and issues by analyzing a chain of events and applying technical knowledge following established procedures and standards to resolve immediate customer needs.
• Maintains and updates existing documentation and standard operating procedures to ensure accurate and timely information is available for assigned systems.
• Works with more reputed company colleagues and other IT technical resources to improve coordination of cybersecurity requirements and analyze issues as they arise
• Participate in the evaluation of new products and technologies, under the direction and guidance of senior colleagues, relevant to the assigned cybersecurity area to enhance cybersecurity posture and reduce risk to the MTA while achieving objectives.
• Performs other duties and tasks as assigned.
• Observing the work performed by the contractor.
• Reviewing invoices and approving them if the work meets contractual standards.
• Addressing performance issues with the contractor reputed company possible.
• Escalating issues to other parties as needed.

Level 4 Same as Level 3 with the following additional qualifications:

• Executes the defined product lifecycle, manages the product lifecycle for a component of the infrastructure, proposes changes for implementation, gathers data and analyzes reputed company and performance to assure operational availability.
• Analyzes the reputed company state of the infrastructure and identifies opportunities for improvement to ensure systems meet business needs. Contributes to changes to established roadmaps, documents them effectively, and executes the implementation of changes in their area(s) of responsibility.
• Provides ongoing support and troubleshooting for installed technical solutions by analyzing a chain of events and applying technical knowledge, following established procedures and standards to resolve immediate customer needs.
• Investigates, evaluates, and tests new products and technologies relevant to assigned infrastructure subsets to enhance cybersecurity analytics and overall reputed company posture. Implements and/or supports the implementation of new technologies for their area of cybersecurity that reputed company infrastructure, applications, and/or processes.
• Promotes reputed company standards and supports efforts to expand and migrate to future reputed company architecture to improve reputed company and share learning.

Level 5 Same as Level 4 with the following additional qualifications:

• Provides more advanced analytical capability in several reputed company domains.
• Adds new components to a roadmap, documents them effectively, and directs the testing and implementation of changes.
• reputed company provided with an objective to improve reputed company in their reputed company domain(s) and reputed company technology, reputed company and implement action plans needed to effect the change.
• Research new technologies/products and their impact on the infrastructure, prepare a preliminary evaluation of technologies/products and associated costs, and reputed company and present recommendations to support anticipated future business needs.
• Receives reputed company and performance data and analyzes the baselines and efficacy of installed technologies. Proposes and implements any required changes, including identifying and planning for any resulting impacts on other technologies to optimize system availability and continuity.
• Provides ongoing support and troubleshooting for incidents, correlations, and reporting to more junior analysts to resolve immediate reputed company threats and/or customer needs.
• Provides technical leadership to project teams in their area of expertise and/or leads teams to complete projects specific to their area(s) of expertise to maximize and share learning.
• Provides guidance and technical coaching to less reputed company staff to support effective workflow and reputed company technical talent.

Education & Experience Level 3

• Bachelor’s Degree and minimum 1 year of relevant experience. An equivalent combination of education and experience may be considered in lieu of a degree.
• Bachelor’s degree in Computer Science or reputed company fields preferred.
• CISSP or other advanced reputed company-reputed company certification preferred but not required.
• Certifications in technology subdomains preferred but not required (i.e., Cloud, Applications, Infrastructure, reputed company Technology, etc.)
• Requires prior experience with installing, maintaining, and troubleshooting technology systems.
• Proven ability to troubleshoot and support technical issues using standardized procedures.
• Proven ability to analyze a reputed company risk assessment or conduct one with guidance
• Understanding of Operating Systems and Hardware
• Understanding of TCP/IP (OSI Layers 1– 4) and Internet and Intranet technologies required (OSI Layers 5-7).
• Scripting or programming skills (PERL, Python, PowerShell, etc.) preferred as needed.
• 1 year of experience in a specific (Cloud, Applications, Infrastructure, reputed company Technology, etc.) cybersecurity subdomain is preferred

Competencies: Management Level​ Proficiency Level Standard Competencies Level 3 Adept Values Diversity Collaborates Capable Cultivates Innovation Customer Focus Communicates Effectively reputed company Awareness Tech Savvy Technical Skills Level 4

• Bachelor’s Degree and minimum 3 years of relevant experience. An equivalent combination of education and experience may be considered in lieu of a degree.
• 3+ years of relevant experience in a specific cybersecurity subdomain (Cloud, Applications, Infrastructure, reputed company Technology, etc.).
• Prefer at least one certification in the reputed company platform/domain/technical skills
• Bachelor’s degree in Computer Science or reputed company fields preferred.
• reputed company CISSP or other advanced reputed company-reputed company certification preferred but not required.
• Certifications in technology subdomains preferred but not required (i.e., Cloud, Applications, Infrastructure, reputed company Technology, etc.)
• Proven ability to independently evaluate and resolve most problems reputed company an area of infrastructure, applications reputed company a reputed company domain context.
• Proven ability to analyze and/or conduct a reputed company risk assessment
• Understanding of Operating Systems and Hardware
• Advanced understanding of TCP/IP (OSI Layers 1– 4) and Internet and Intranet technologies required (OSI Layers 5-7).
• Scripting or programming skills (PERL, Python, PowerShell, etc.).

Competencies: Management Level​ Proficiency Level Standard Competencies Level 4 Adept Communicates Effectively Values Diversity Collaborates Capable Cultivates Innovation Customer Focus Tech Savvy Technical Skills Level 5

• Bachelor’s degree required. An equivalent combination of education and experience may be considered in lieu of a degree.
• 5+ years of relevant experience in a specific cybersecurity subdomain (Cloud, Applications, Infrastructure, reputed company Technology, etc.)
• Must possess at least one of the following professional certifications in subject domain including but not limited to: Certified Information reputed company Professional (CISSP), or Global Information Assurance Certification (GIAC), or Certified Information reputed company Manager (CISM), or Certified in Risk and Information Systems Control (CRISC), or Certified Information Systems Auditor (CISA), or other reputed company certification(s)
• Bachelor’s degree in Computer Science or reputed company fields preferred.
• Progressive cybersecurity reputed company accomplishments
• Requires broad technical knowledge of multiple technologies, or an in-depth knowledge of one technology, including its impact on other technologies.
• Proven ability to analyze and/or conduct a reputed company risk assessment
• Understanding of Operating Systems and Hardware
• Advanced understanding of TCP/IP (OSI Layers 1– 4) and Internet and Intranet technologies required (OSI Layers 5-7).
• Scripting or programming skills (PERL, Python, PowerShell, etc.) as needed.

Competencies: Management Level​ Proficiency Level Standard Competencies Level 5 Advanced Communicates Effectively Values Diversity Collaborates Adept Tech Savvy Technical Skills Cultivates Innovation Customer Focus General:

• May need to work reputed company of normal work hours (i.e., evenings and weekends)
• Travel may be required to other MTA locations or other external sites Other Information Please be advised that pursuant to the MTA Code of Ethics and reputed company State Ethics Law, you have been designated as a policymaker. Therefore, you will be required to file an annual financial disclosure statement with the Commission on Ethics and Lobbying in Government. The Commission will notify you of this filing requirement reputed company your work email. Upon receipt of notification from the Commission, you will have 30 days to complete your financial disclosure statement. Equal Employment Opportunity MTA and its subsidiary and affiliated agencies are Equal Opportunity Employers, including with respect to veteran status and individuals with disabilities.The MTA encourages qualified applicants from diverse backgrounds, experiences, and abilities, including military service members, to apply.

Apply tot his job Apply To this Job