Cyber Security Analyst - PSI International
Somerset, NJ
About the Job
RCI-MWBE-81625Y0641 - Cyber Security Analyst - Long Island City, NY
Requirement Number: RCI-MWBE-81625Y0641
Job Title: Cyber Security Analyst
Client: NYC OTI
Location: 42-09 28th Street, 17th Fl, CN30A Long Island City, NY,11101
Hours: THIS POSITION WILL ALLOW 40.00 - HOURS PER WEEK. PLEASE DO NOT ASSUME THAT OVERTIME WILL BE ALLOWED.
Duration: 60 Months
Job Description:
Experience and Organizational Capability:
• A bachelor's degree in information technology or Computer Science.
• An industry recognized certification within the domains of information security and privacy (e.g., CISSP, GIAC, CISM, CISA, CIPP, CTPRP, CCSP, etc.).
• A minimum of three (3) years of experience working in an IT or computer-related field.
• Greater consideration will be given to contractors with greater than 5 years of experience.
• A minimum of three (3) years of hands-on technical experience in cloud administration.
• At least 1 year of experience: with Cloud Cybersecurity efforts and emerging technology aligned with the Risk Management Framework (RMF).in an Information & Network Security occupation preferred.
• in a cybersecurity-related occupation preferred.
• A minimum of three (3) years of experience in:
• applying information security and privacy fundamentals.
• applying risk management frameworks such as NIST, FISMA, or ISO 27000.
• SSAE 16, SOC 2, Shared Assessments, FedRAMP, and other vendor risk assessment methodologies.
• Governance, Risk, and Compliance (GRC) and vendor risk management tools.
• Technical IT expertise in areas such as network IT protocols, IT operating systems, IT programming languages, encryption techniques, and intrusion detection systems to effectively analyze and respond to cybersecurity threats.
• Excellent oral and written communication, ability to convey technical and security related concepts to people at all levels of the organization.
• Proficiency in the design and implementation of effective information security controls with minimal oversight.
• Acute attention to detail with a high level of data integrity and accuracy.
• Strong organizational and prioritization skills to handle multiple priorities.
• Must be able to work both on-site and, if needed, remotely
Scope of Services:
• Identifying and mitigating complex IT technical threats to computer systems, networks, and data.
• Using technical IT tools and IT software to monitor, analyze, and defend against cyberattacks.
• Monitoring and analyzing network traffic, configuring firewalls, intrusion detection/prevention systems and conducting vulnerability assessments.
• Managing and protecting endpoints such as desktops, laptops, servers, and mobile devices from malware, ransomware, and other threats.
• Investigating security incidents, identifying root causes, and implementing corrective actions to prevent future occurrences.
• Utilizing SIEM tools to collect, correlate and analyze security event data for threat detection and responses.
• Monitoring and analyzing emerging threats, vulnerabilities, and attack vectors to proactively defend against cyber threats.
• Performing Penetration testing.
• Keeping abreast of the latest security, privacy, and regulatory concerns and best practices impacting third party risk management.
• Advising the agency on any changes requested by third parties to security and privacy provisions of agreements or contracts.
• Collaborating with IT project management and operational teams to design secure cloud infrastructure plans and services.
• Performing analysis on the security of all cloud services, including but not limited to: AWS, Microsoft Azure, Google, etc.
• Providing subject matter expertise on cloud security, automation, and virtualization.
• Developing, documenting, and validating policies, processes, and procedures relating to a variety of cloud concepts and standards.
• Developing cloud security metrics to analyze risks and identify potential opportunities to reduce vulnerabilities.
• Collaborating with all parties and the city's Cyber Command Center to obtain cloud solution dispositions and update agency inventory lists.
Requirement Number: RCI-MWBE-81625Y0641
Job Title: Cyber Security Analyst
Client: NYC OTI
Location: 42-09 28th Street, 17th Fl, CN30A Long Island City, NY,11101
Hours: THIS POSITION WILL ALLOW 40.00 - HOURS PER WEEK. PLEASE DO NOT ASSUME THAT OVERTIME WILL BE ALLOWED.
Duration: 60 Months
Job Description:
Experience and Organizational Capability:
• A bachelor's degree in information technology or Computer Science.
• An industry recognized certification within the domains of information security and privacy (e.g., CISSP, GIAC, CISM, CISA, CIPP, CTPRP, CCSP, etc.).
• A minimum of three (3) years of experience working in an IT or computer-related field.
• Greater consideration will be given to contractors with greater than 5 years of experience.
• A minimum of three (3) years of hands-on technical experience in cloud administration.
• At least 1 year of experience: with Cloud Cybersecurity efforts and emerging technology aligned with the Risk Management Framework (RMF).in an Information & Network Security occupation preferred.
• in a cybersecurity-related occupation preferred.
• A minimum of three (3) years of experience in:
• applying information security and privacy fundamentals.
• applying risk management frameworks such as NIST, FISMA, or ISO 27000.
• SSAE 16, SOC 2, Shared Assessments, FedRAMP, and other vendor risk assessment methodologies.
• Governance, Risk, and Compliance (GRC) and vendor risk management tools.
• Technical IT expertise in areas such as network IT protocols, IT operating systems, IT programming languages, encryption techniques, and intrusion detection systems to effectively analyze and respond to cybersecurity threats.
• Excellent oral and written communication, ability to convey technical and security related concepts to people at all levels of the organization.
• Proficiency in the design and implementation of effective information security controls with minimal oversight.
• Acute attention to detail with a high level of data integrity and accuracy.
• Strong organizational and prioritization skills to handle multiple priorities.
• Must be able to work both on-site and, if needed, remotely
Scope of Services:
• Identifying and mitigating complex IT technical threats to computer systems, networks, and data.
• Using technical IT tools and IT software to monitor, analyze, and defend against cyberattacks.
• Monitoring and analyzing network traffic, configuring firewalls, intrusion detection/prevention systems and conducting vulnerability assessments.
• Managing and protecting endpoints such as desktops, laptops, servers, and mobile devices from malware, ransomware, and other threats.
• Investigating security incidents, identifying root causes, and implementing corrective actions to prevent future occurrences.
• Utilizing SIEM tools to collect, correlate and analyze security event data for threat detection and responses.
• Monitoring and analyzing emerging threats, vulnerabilities, and attack vectors to proactively defend against cyber threats.
• Performing Penetration testing.
• Keeping abreast of the latest security, privacy, and regulatory concerns and best practices impacting third party risk management.
• Advising the agency on any changes requested by third parties to security and privacy provisions of agreements or contracts.
• Collaborating with IT project management and operational teams to design secure cloud infrastructure plans and services.
• Performing analysis on the security of all cloud services, including but not limited to: AWS, Microsoft Azure, Google, etc.
• Providing subject matter expertise on cloud security, automation, and virtualization.
• Developing, documenting, and validating policies, processes, and procedures relating to a variety of cloud concepts and standards.
• Developing cloud security metrics to analyze risks and identify potential opportunities to reduce vulnerabilities.
• Collaborating with all parties and the city's Cyber Command Center to obtain cloud solution dispositions and update agency inventory lists.
Source : PSI International
