Incident Response Analyst, Office of Chief Information Officer

The Office of Information Security (OIS) leads the implementation of an integrated, modern, framework-based security program across the Department of Health and Mental Hygiene to preserve the integrity of agency services and protect sensitive business data from current and emerging cyber threats, and to preserve the reputation of the agency and its ability to protect and promote the health of all New Yorkers. The Cyber Incident Response team provide detection and response to cybersecurity events, events of interest, and incidents for DOHMH. It also collects forensic user evidence requested by legal and investigative entities. DUTIES WILL INCLUDE BUT NOT BE LIMITED TO: -Automate processes leveraging scripts (Python, batch, etc.). Run reports to gather data from SQL databases (SQL). Run penetration testing tools (AppScan). - Responsible for vulnerability management. - Knowledge of SOAR responses and their implementation. - Create SIEM dashboards to help visualize data and events. - Set the program strategy and develop approaches to integrate automation/orchestration services into existing and future processes that will support the verticals within Threat Management. - Perform technical and forensic investigations. - Analyze system services, operating systems, networks, and applications to address possible cyber-attacks. Remain current on cybersecurity trends and intelligence to enhance the security analysis and the identification capabilities for the IR Team. Respond and resolve basic operational technical Incidents and Requests. - Summarize events/incidents effectively to different constituencies such as legal counsel, executive management, and technical staff, both in written and verbal forms. - On-call availability as needed/required. Schedules may include several days per month, after hours and weekend support. PREFERRED SKILLS: - Self-starter, detail-oriented, reliable and accountable- Excellent organizational, time-management and multi-tasking skills, including the ability to take initiative, prioritize duties, and work both independently and within a team- Applicant should be able to work with little or no supervision- Familiarity with SIEM and creation of relevant dashboards- Knowledge of cyber security tools and protocols- Knowledge of Windows and Linux operating systems- Knowledge of security best practices- Knowledge of Windows desktop/server environments, Azure and Microsoft O- Excellent written and verbal communication skills- Knowledgeable of penetration/vulnerability assessment methodologies and the cyber kill chain- Familiarity with cyber threat intelligence and MITRE's ATT&CK framework- Knowledgeable of cyber incident handling and response processes- Familiarity of vulnerability management and remediation- Experienced in integrated cybersecurity assessment frameworks and lifecycles.Why you should work for us: - Benefits: City employees are entitled to unmatched benefits such as:o a premium-free health insurance plan that saves employees over $10K annually, per a assessment. o additional health, fitness, and financial benefits may be available based on the position’s associated union/benefit fund. o a public sector defined benefit pension plan with steady monthly payments in retirement.o a tax-deferred savings program ando a robust Worksite Wellness Program that offers resources and opportunities to keep you healthy while serving New Yorkers.- Work From Home Policy: Depending on your position, you may be able to work up to two days during the week from home. - Job Security - you could enjoy more job security compared to private sector employment and be able to contribute to making NYC a healthy place to live and work. Established in , the New York City Department of Health and Mental Hygiene (NYC Health Department) is the oldest and largest health department in the U.S., dedicated to protecting and improving the health of NYC. Our mission is to safeguard the health of every resident and cultivate a city where everyone, regardless of age, background, or location, can achieve their optimal health. We provide a wide array of programs and services focused on food and nutrition, anti-tobacco support, chronic disease prevention, HIV/AIDS treatment, family and child health, environmental health, mental health, and social justice initiatives. As the primary population health strategist and policy authority for NYC, with a rich history of public health initiatives and scientific advancements, from addressing the yellow fever outbreak to the COVID-19 pandemic, we serve as a global leader in public health innovation and expertise. Come join us and help to continue our efforts in making a difference in the lives of all New Yorkers The NYC Health Department is an inclusive equal opportunity employer committed to providing access and reasonable accommodation to all individuals. To request reasonable accommodation to participate in the job application or interview process, contact Sye-Eun Ahn, Director of the Office of Equal Employment Opportunity, at or --.CYBER SECURITY ANALYST - Minimum Qualifications1. A baccalaureate degree, from an accredited college including or supplemented by twenty-four semester credits in cyber security, network security, computer science, computer programming, computer engineering, information technology, information science, information systems management, network administration, or a pertinent scientific, technical or related area; or2. A four-year high school diploma or its equivalent approved by a State’s department of education or a recognized accrediting organization and three years of satisfactory experience in any of the areas described in “1” above; or3. Education and/or experience equivalent to “1” or “2”, above. College education may be substituted for up to two years of the required experience in “2” above on the basis that sixty semester credits from an accredited college is equated to one year of experience. In addition, twenty-four credits from an accredited college or graduate school in cyber security, network security, computer science, computer programming, computer engineering, information technology, information science, information systems management, network administration, or a pertinent scientific, technical or related area; or a certificate of at least hours in computer programming from an accredited technical school (post high school), may be substituted for one year of experience.55a ProgramThis position is also open to qualified persons with a disability who are eligible for the 55-a Program. Please indicate at the top of your resume and cover letter that you would like to be considered for the position through the 55-a Program.Residency RequirementNew York City residency is not required for this title.