- Job Description
Position Summary: The Cyber Security Specialist is responsible for the design, build, security accreditation, and deployment of cyber security network and host intrusion and protection solutions. This position works closely with the Information Security and Information Technology staff to install and configure cyber security products to defend, monitor, alert, and respond to cyber security events. The Cyber Security Specialist duties will include assessments of the NYCDOE network and applications, investigations into Advanced Persistent Threats (APTs), and producing white papers, presentations, recommendations, and findings for senior management. Performs related work.
Reports to: Director of Security Engineering
Direct Reports: N/A
Key Relationships: Works collaboratively within the areas of Information Technology (IT), Information Security, Office of Legal Services (OLS), Internal Business Units, Office of Special Investigations (OSI), New York Police Department (NYPD), Federal Bureau of Investigation (FBI), Department of Information Technology and Telecommunications (DoITT), and any vendors with whom the Department of Education (DOE) does business.
- Provides operations and engineering support for critical security systems and services, including identity management, intrusion detection/prevention, data leakage prevention, content filtering, firewall compliance, vulnerability, and security event management.
- Defines, manages, and monitors security devices, including procedures for detecting, reporting, and responding to computer security incidents.
- Operates host-based and network-based security systems, firewalls, intrusion prevention systems, intrusion detection systems, other point of presence security tools, virtual private networks, and related security operations.
- Develops and executes security policies, plans, and procedures; designs and implements data network security measures; operates security systems and forensics; conducts performance analysis of Information systems security incidents; develops Business Continuity/Disaster Recovery (DR) plans; and supports certification of information systems and networks.
- Participates or leads a team in planning, designing, implementing, and maintaining highly secure application architecture solutions that include network devices, servers, storage, applications, and virtualization technologies.
- Ensures that products and systems comply with NYCDOE security requirements and Division of Information Technology and Telecommunications (DoITT) security accreditation, information assurance, and cyber security standards and practices through formal verification methods.
- Participates in information security design; implementation of enterprise security solutions and/or management of incident response team or technology such as Security Information and Event Monitoring (SIEM), Data Loss Prevention (DLP), or Intrusion Detection/Prevention Systems (IDS/IPS).
- Participates in design reviews of hardware, software, and applications to ensure that systems will meet NYCDOE and DoITT security requirements.
- Prepares assessments and cyber threat profiles of current and planned products, based on sophisticated testing, research, and analysis.
- Verifies/validates systems with specific emphasis on network operations and cyber warfare tactics, techniques, and procedures, focused on the threat to information networks.
- Reviews and analyzes design and/or accreditation documentation to ensure that appropriate security controls are in place.
- Performs security assessments of systems, applications, and networking infrastructure.
- Collaborates with various Information Technology staff members on a routine basis for purposes of reviewing and providing recommendations for information security, such as patch reports, network design, change management, and other projects as assigned
- Conducts design assistance, research, and evaluation of the technical performance of new software products and overall segments and systems.
- Implements and monitors security measures for communication systems and networks, and advises personnel to adhere to established security standards and agency requirements for these systems.
- Deploys and manages applied IT security technologies and tools such as intrusion detection/prevention systems, network access control, two-factor authentication, centralized endpoint protection, and other tools/technologies.
- Oversees multiple projects and may supervise employees.
- A baccalaureate degree from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the particular position; or
- Education and/or experience which is equivalent to “1” above.
- Experience communicating conceptual and technical information effectively through written and verbal means to peers and senior leadership.
- Background in using statistical data analysis for management reporting.
- In-depth knowledge of application, data, and network security.
- Experience with host and network security technologies such as firewalls, proxies, threat intelligence, and secure web gateways.
- Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.
- Understanding of routing protocols such as BGP, OSPF, HSRP, VRRP, and network based ACLs in addition to switching protocols such as 802.1D, 802.1Q, 802.1ad, QinQ, STP, and MSTP.
- Demonstrable competency in protocol standards such as IPv4, IPv6, Mobile IP, 802.11b/g, GRE, ARP, and IPSEC.
- Knowledge of network traffic analysis methods down to the packet level using network monitoring protocols and tools such as SNMP, RMON, Wireshark, TCPcump, windump, Cacti, Nfdump, and Nfsen.
- Knowledge of network management protocols and tools such as SNMP, LDAP, and AAA.
- Experience performing threat assessments, penetration testing, and vulnerability analysis.
- Experience with various protocols, such as Function Programming (FP), The Domain Name System (DNS), Secure Shell (SSH), Remote Desktop Protocol (RDP), antivirus, proxies, and network protocols, including Transmission Control Protocol/Internet Protocol (TCP/IP), Simple Mail Transfer Protocol (SMTP), Hypertext Transfer Protocol Overview (HTTP), Hypertext Transfer Protocol Secure (HTTPS), and File Transfer Protocol (FTP).
- Hands-on experience with cyber security tools such as NeXpose, Nessus, Symantec Endpoint Protection, Cisco FirePower, and Crowdstrike.
- Hands-on experience with data correlation and analytics tools such as Splunk, Power Bi, Tableau, or other business intelligence tools.
- Scripting using Bash, Chef, Puppet, or Windows PowerShell.
- CISSP, CISM, or GIAC certification.
- Internal candidates preferred.
(Internal candidates who are selected for this position and who currently hold comparable or less senior positions within the DOE will not make less than their current salary.)
Please include a resume and cover letter with your application.
Applications will be accepted through September 20, 2017, until 3:00 p.m.
NOTE: The filling of all positions is subject to budget availability.
AN EQUAL OPPORTUNITY EMPLOYER
It is the policy of the Department of Education of the City of New York to provide educational and employment opportunities without regard to race, color, religion, creed, ethnicity, national origin, alienage, citizenship status, age, marital status, partnership status, disability, sexual orientation, gender (sex), military status, prior record of arrest or conviction (except as permitted by law), predisposing genetic characteristics, or status as a victim of domestic violence, sexual offenses and stalking, and to maintain an environment free of harassment on any of the above-noted grounds, including sexual harassment or retaliation. Inquiries regarding compliance with this equal opportunity policy may be directed to: Office of Equal Opportunity, 65 Court Street, Room 1102, Brooklyn, New York 11201, or visit the OEO website at http://schools.nyc.gov/OEO
- Job Location
- Brooklyn, New York, United States
- Position Type