IT Security Specialist - Manhattan, United States - NYC Careers
Description
IT Security Specialist
- Vulnerability Management & Remediation
- Apply
IT Security Specialist
- Vulnerability Management & Remediation:
- Agency: POLICE DEPARTMENT
- Posted on: 05/11/2024
- Job type: Fulltime
MANHATTAN
- Title Classification: No exam required
INFO TECHNOLOGY BUREAU/CV
- Salary range: $75, $180,000.
00JOB DESCRIPTION:
The mission of the New York City Police Department is to enhance the quality of life in New York City by working in partnership with the community to enforce the law, preserve peace, protect the people, reduce fear, and maintain order.
The NYPD strives to foster a safe and fair city by incorporating Neighborhood Policing into all facets of Department operations, and solve the problems that create crime and disorder through an interdependent relationship between the people and its police, and by pioneering strategic innovation.
The Information Security team within ITB is a highly specialized group of cyber security professionals tasked to oversee the defense and response of cyber security incidents within NYPD.
The Information Security Office seeks an IT Security Specialist who will be responsible for:
- Collaborate with IT and security operations to manage internal
- Conduct continuous discovery, vulnerability assessment and remediation status of enterprisewide assets.
- Prioritize vulnerability remediation based on criticality, exploit probability, rating and business risk exposure.
- Document, prioritize, recommend, validate and report on the state of vulnerabilities.
- Collaborate as a purple team with colleagues in offense, defense, operators, threat intelligence and risk management roles.
- Recommend tactical options to reduce attack surface, containment alternatives and impede attackers.
- Work closely with infrastructure teams to advise and support remediation efforts to close vulnerability exposure to new threats in the wild and verify the organization's security posture against them.
- Remain current with emerging threats and share knowledge with colleagues to improve security posture.
- Maintain active database comprising thirdparty assets, their vulnerability state, remediation recommendations, overall security posture and potential threat to the business.
- Define key performance indicators and metrics to illustrate efficacy with vulnerability management.
- Automate asset inventory and vulnerability discovery and reporting.
- Liaise with the security engineering team to improve monitoring and response workflow.
- Maintain documentation related to vulnerability policies and procedures.
- Serve as a point of contact for new and existing vulnerabilityrelated issues.
- Supervise testing and validation vulnerability remediation and controls.
- Assist with change management operations to ensure vulnerabilities are not introduced.
- Provide vulnerability education and guidance to stakeholders, developers, IT and business leaders as needed.
- Willingness to work nonstandard business hours to respond to and mitigate threats.
- Perform other duties as assigned.
Work Schedule:
Varies
Additional Information:
The Information Security (InfoSec) unit is a twenty-four hour, seven days a week operation.
Qualified applicants will be assigned to a steady platoon with either Friday and Saturday, Saturday and Sunday, or Sunday and Monday as regular days off (RDOs).
In compliance with Federal Law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.
The City of New York offers a comprehensive benefits package including health insurance for the employee and his or her spouse or domestic partner and un-emancipated children under age 26, union benefits such as dental and vision coverage, paid annual leave and sick leave, paid holidays, a pension, and optional savings and pre-tax programs such as Deferred Compensation, IRA, and a flexible spending account.
Education and/or experience which is equivalent to "1" above.
Preferred Skills- Applicants should have several years of cyber security experience with a specialization in vulnerability management, and an applicable knowledge of CVEs, CVSS, MITRE ATT&CK framework, and profieciecy with commercial and open source vulnerability management tools.
- Familiarity with adm
More jobs from NYC Careers
-
Legal Staff Associate
New York, United States - 2 weeks ago
-
Permit Coordinator
Queens, United States - 6 days ago
-
Agency Attorney L1
Manhattan, United States - 1 week ago
-
Deputy Manager
Manhattan, United States - 1 day ago
-
Clerk (Officewide)
Brooklyn, United States - 1 week ago
-
Program Coordinator
Manhattan, United States - 15 hours ago