New York Seasonal Jobs

Cybersecurity Analyst Level 1-7 (Stealth watch/Network Security)

Job ID: 104427

Business Unit: MTA Headquarters

Location: New York, NY, United States

Regular/Temporary:

Department: IT Cyber Security

Date Posted: May 4, 2023

Description

Job Title: Cybersecurity Analyst, Network Analytics Levels 1-7

Salary Range: Level 1: $82,857 - $105,000

Level 2: $87,685 - $115,500 Level 3: $95,929 - $127,050 Level 4: $102,760 - $139,755 Level 5: $114,537 - $153,731 Level 6: $124,311 - $169,104 Level 7: $140,917 - $186,014

POINTS: Level 1 - 282

Level 2 - 323 Level 3 - 393 Level 4 - 451 Level 5 – 551 Level 6 – 634 Level 7 – 775

DEPT/DIV: MTA Information Technology/ Office of IT Cyber Security Services

SUPERVISOR: Cyber Security Officer, Monitoring

LOCATION: 2 Broadway, New York, NY 10004

HOURS OF WORK: 12:00am – 8:30am (7.5hours/day)

8:00am – 4:30pm (7.5hours/day) 3:30pm – 12:00am (7.5hours/day)

This position is eligible for telework which is currently 2 days per week. New Hires are eligible to apply 30 days after their effective date of hire.

The purpose of this position is to provide critical technical expertise in the detection, analysis, and response to cybersecurity events primarily network attack vector alerts generated by network analytics tools such as Cisco Stealthwatch.. Cybersecurity Analyst will be responsible for early and accurate detection, prevention response, containment, and guidance to remediation of threats directed against the MTA on a 24/7 basis. The analysis is conducted through technology risk assessments, data analytics tools, business processes reviews and collaborate with security engineers, architects, developers, vendors, business units to constantly improve the overall security of the MTA. The cybersecurity analyst will focus on specific domains and specialties within cybersecurity with a great degree of specialty to detect, protect and advise the organization proactively and reactively.

Level 1

• Understanding of TCP/IP (OSI Layers 1– 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.

• Understanding of Operating Systems

• Scripting or programming skills (PERL, Python, PowerShell, etc.) preferred as needed

  Level 2

  Same as Level 1 with the following additional qualifications

• Proven ability to troubleshoot and support technical issues.

• Proven ability to analyze a security risk assessment

• Understanding of Operating Systems

• Scripting or programming skills (PERL, Python, PowerShell, etc.) preferred as needed.

  Level 3

  Same as Level 2 with the following additional qualifications

• Requires prior experience with installing, maintaining and troubleshooting technology systems.

• Proven ability to troubleshoot and support technical issues using standardized procedures.

• Proven ability to analyze a security risk assessment or conduct one with guidance

• Understanding of Operating Systems and Hardware

• Understanding of TCP/IP (OSI Layers 1– 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.

  Level 4

  Same as Level 3 with the following additional qualifications

• Proven ability to independently evaluate and resolve most problems within an area of infrastructure, applications within a security domain context.

• Proven ability to analyze and/or conduct a security risk assessment

• Advanced understanding of TCP/IP (OSI Layers 1– 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.

• Scripting or programming skills (PERL, Python, PowerShell, etc.).

  Level 5

  Same as Level 4 with the following additional qualifications

• Progressive cybersecurity related accomplishments

• Requires broad technical knowledge of multiple technologies, or an in-depth knowledge of one technology including its impact on other technologies.

Level 6

Same as Level 5 with the following additional qualifications

• Verifiable implementation of security domain controls for enterprise technologies

• Requires seasoned expertise in multiple technologies and strong understanding of the current and future technology architecture, including the inter-operability of technologies.

• Advanced ability to conduct and analyze a security risk assessment

• Expert understanding of TCP/IP (OSI Layers 1– 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.

  Level 7

  Same as Level 6 with the following additional qualifications

• Significant practical expertise in cybersecurity related disciplines.

• Requires proven track record of successful implementation of architectural designs.

• Expert ability to conduct and analyze a security risk assessment

• Advanced understanding of Operating Systems and Hardware

  Level 1

• Associate degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.

• Basic knowledge and familiarity with monitoring, installing, maintaining and/or troubleshooting cybersecurity related issues associated with applications and/or infrastructure systems

  Level 2

• Associate degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree and 2+ years of relevant experience, or a bachelor’s degree in Computer Science or related fields.

• Basic knowledge and familiarity with installing, maintaining and troubleshooting technology systems.

• 6 months of experience in a specific (Cloud, Applications, Infrastructure, Security Technology, etc.) cybersecurity domain is preferred

  Level 3

• Bachelor’s Degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.

• CISSP or other advanced security-related certification preferred but not required.

• Certifications in technology subdomains preferred but not required (ie. Cloud, Applications, Infrastructure, Security Technology, etc.)

• 2+ years of relevant experience.

• 1 year of experience in a specific (Cloud, Applications, Infrastructure, Security Technology, etc.) cybersecurity subdomain is preferred

  Level 4

• Bachelor’s Degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.

• 3+ years of relevant experience or 18 months of experience in a specific cybersecurity subdomain (Cloud, Applications, Infrastructure, Security Technology, etc.).

• Current CISSP or other advanced security-related certification preferred but not required.

• Certifications in technology subdomains preferred but not required (ie. Cloud, Applications, Infrastructure, Security Technology, etc.)

  Level 5

• Bachelor’s Degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.

  5+ years of relevant experience or 2.5 years of experience in a specific cybersecurity subdomain (Cloud, Applications, Infrastructure, Security Technology, etc.)

  Current CISSP or other advanced security-related certification preferred

  Certifications in technology subdomains preferred but not required (ie. Cloud, Applications, Infrastructure, Security Technology, etc.).

  Level 6

• Bachelor’s Degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.

• 8+ years of relevant experience or 4 years of experience in a specific cybersecurity subdomain (Cloud, Applications, Infrastructure, Security Technology, etc.).

• CISSP or other advanced security-related certification preferred

• Certifications in technology subdomains preferred (ie. Cloud, Applications, Infrastructure, Security Technology, etc.).

  Level 7

• Bachelor’s Degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.

• 10+ years of relevant technology based or cybersecurity experience or 5 years of experience in a specific cybersecurity subdomain (Cloud, Applications, Infrastructure, Security Technology, etc.).

• CISSP and other advanced security-related certification preferred.

• Certifications in technology subdomains preferred (ie. Cloud, Applications, Infrastructure, Security Technology, etc.).

  As an employee of MTA Headquarters, you may be required to complete an annual financial disclosure statement with the State of New York, if your position earns more than $108,632 (this figure is subject to change) per year or if the position is designated as a policy maker.

  MTA employees must apply via My MTA Portal (http://www.mymta.info/) . You can submit an online application by logging into My MTA Portal, clicking the My Job Search ribbon, and selecting the “Careers” link.

  Logging in through My MTA Portal will link your BSC ID number to your job application to identify you as an internal applicant.

  MTA and its subsidiary and affiliated agencies are Equal Opportunity Employers, including with respect to veteran status and individuals with disabilities.

  The MTA encourages qualified applicants from diverse backgrounds, experiences, and abilities, including military service members, to apply.