- Conducts security monitoring and intrusion detection analysis using various technology and analytic tools, such as web and next generation firewalls, machine and human behavior learning tools, host-based security system, security event and incident monitoring systems, virtual, physical, and cloud platforms, user endpoint (laptop, desktop, mobile, and internet of things (IOT)) systems, etc.
- Provide incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary.
- Performs threat hunting searches across a variety of technologies that are on-prem, cloud-based, and hybrid.
- Identifies the tactics, techniques, and procedures (TTPs) of potential threats through the MITRE ATT&CK or similar frameworks.
- Provide incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary.
- Provides more advanced analytical capability in several security domains.
- Adds new components to a roadmap, documents them effectively, and directs the testing and implementation of changes.
- When provided with an objective to improve security in their security domain(s) and related technology, develops and implements action plans needed to effect the change.
- Research new technologies/products and their impact on the infrastructure, prepares a preliminary evaluation of technologies/products and associated costs, and develops and presents recommendations to support anticipated future business needs.
- Receives security and performance data and analyzes the baselines and efficacy of installed technologies. Proposes and implements any required changes, including identifying and planning for any resulting impacts on other technologies to optimize system availability and continuity.
- Provides ongoing support and troubleshooting for incidents, correlations and reporting to more junior analysts to resolve immediate security threats and/or customer needs.
- Provides technical leadership to project teams in their area of expertise and/or leads teams to complete projects specific to their area(s) of expertise to maximize and share learning.
- Provides guidance and technical coaching to less experienced staff to support effective workflow and develop technical talent.
- Correlates events and activities across systems to identify trends of unauthorized use.
- Reviews alerts and data from sensors and documents formal, technical incident reports
- Responds to computer security incidents according to the computer security incident response policy and procedures.
- Provides technical guidance to first responders for handling information security incidents.
- Provides timely and relevant updates to appropriate stakeholders and decision makers.
- Validates and maintains incident response plans and processes to address potential threats.
- Compiles and analyzes data for management reporting and metrics.
- Works with data sets to identify patterns.
- Understands security orchestration, automation and analysis techniques.
- Monitors threat intelligence feeds to identify a range of threats, including indicators of compromise and advanced persistent threats (APTs)
- Perform Contract management and supply management functions appropriate to reduce security risks.
- May mentor less experienced staff.
- Performs other duties and tasks as assigned.
- Responsible for financial/budgeting/vendor/contract planning and management.
- May need to work outside of normal work hours supporting 24/7 operations (i.e., evenings and weekends).
- Travel may be required to other MTA locations or other external sites.
- Observing the work performed by the contractor.
- Reviewing invoices and approving them if the work has contractual standards.
- Addressing performance issues with the contractor when possible.
- Escalating issues to other parties as needed.
- Education: bachelor's degree
- Experience: At least 5 years of relevant experience. An equivalent combination of education and experience may be considered in lieu of a degree.
- Must possess at least one of the following professional certifications in subject domain including but not limited to: Certified Information Security Professional (CISSP), or Global Information Assurance Certification (GIAC), or Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC), or Certified Information Systems Auditor (CISA), or other related certification(s).
- Must possess an expert/highly proficient in deep understanding of technology and cybersecurity domain principles within the context of Operational Technologies, Signaling Systems and Rolling Stock.
- Expert/Highly Proficient, with the intelligence lifecycle including Direction, Collection, Processing, Analysis, Dissemination, and Feedback
- Expert/Highly Proficient, developing countermeasures for a variety of systems including SIEM, Endpoint Security, Network Defenses, WAF, etc.
- Expert/Highly Proficient, system integrations and automation pertaining to intelligence requirements
- Expert/Highly Proficient proven ability to manage projects and initiatives
- Expert/Highly Proficient ability to fit in with the constant shifting needs and demands of the business Departments.
- Must possess active listening, attention to detail, customer service, prioritization, and problem-solving skills.
- Ability to work independently and strategically.
- Demonstrated expertise in identifying and analyzing risks and developing effective mitigation strategies.
- Strong technical knowledge and diverse skillset to understand various technologies, systems, and potential risks.
- Excellent critical thinking, problem-solving, and decision-making skills.
- Strong interpersonal and verbal and written communication skills, with the ability to effectively collaborate with both technical and non-technical peers.
- Proven ability to manage multiple projects simultaneously and prioritize tasks based on urgency and impact.
- Extensive hands-on experience with related tools.
- Solid working knowledge of IT domains.
- Ability to work under pressure and meet deadlines individually and collaboratively. Think logically, assess problems, and be results-oriented.
- Ability to identify complex business and technology risks and associated vulnerabilities. Prioritize multiple tasks and switch between tasks quickly.
- Ability to communicate effectively, both orally and in writing, to interact with team members, customers, management, and support personnel (technical and non-technical).
- Ability to establish and maintain effective working relationships with employees at all levels within the organization, and with both internal and external customers.
- Collaborates: Building partnerships and working collaboratively with others to meet shared objectives
- Cultivates Innovation: Creating new and better ways for the organization to be successful.
- Customer Focus: Building strong customer relationships and delivering customer-centric solutions.
- Communicates Effectively: Developing and delivering multi-mode communications that convey a clear understanding of the unique needs of different audiences.
- May need to work outside of normal work hours (i.e., evenings and weekends)
- Travel may be required to other MTA locations or other external sites
-
SOC Analyst
3 weeks ago
Shoolin INC Newark, United States**Role: SOC Analyst** · **Location: Newark, CA (5 days a week onsite)** · **Duration: Contract** · We are currently seeking an IT Security Analyst who will be monitoring computer networks for security issues. · This person will also investigate cyber security incidents as well as ...
-
SOC Analyst
2 weeks ago
Penguin Random House LLC New York, United States**We're seeking a talented SOC Analyst (3-5 years of experience) to join our growing team of cyber defenders** You'll be on the front lines, safeguarding our critical assets from ever-evolving threats. · **What you'll do**: · - Execute and enhance operational processes for contin ...
-
SOC Analyst
5 days ago
Wix New York, United StatesTriage, investigate, and escalate alerts as they occur in Wix environments. All analysts review all alert types - we don't want to silo you · - Monitor and analyze Security Information and Event Management (SIEM) to identify security issues for remediation · - Pull data from mult ...
-
Oneit - SOC Analyst
3 weeks ago
WSP New York, United StatesWSP is a global consulting firm assisting public and private clients to plan, develop, design, construct, operate and maintain thousands of critical infrastructure projects around the world. · **Position Summary** · Under the guidance of the Manager SOC Tools, contribute to a tea ...
-
SOC analyst
17 hours ago
Wix New York, United StatesCompany Description · Job Description · As SOC Analyst you will be the first responder to incoming requests on cyber security incidents. As a Security Operations Center Analyst you will: Triage, investigate, and escalate alerts as they occur in Wix environments. All analysts rev ...
-
SOC Analyst
3 weeks ago
P. Chappel Associates Inc New York, United StatesSOC ANALYST (Enterprise Transformation Consultant) – · This is a full-time, permanent position with our client, a growing cyber security professional services organization. Must be able to work in New York City a couple of days per week. · Required Skills / Experience · Experienc ...
-
SOC Analyst
4 weeks ago
ApTask New York, United StatesAbout Client: · The Client is a renowned multinational technology company which has grown to become one of the world's most influential and successful companies in the field of software development, computer hardware, and related services. · The Client's primary focus revolves a ...
-
SOC Analyst
2 weeks ago
2019 New York, United StatesWe're seeking a talented SOC Analyst (3-5 years of experience) to join our growing team of cyber defenders You'll be on the front lines, safeguarding our critical assets from ever-evolving threats. · What you'll do: · Execute and enhance operational processes for continuous monit ...
-
SOC Analyst
2 weeks ago
ApTask New York, United StatesAbout Client: · The Client is a renowned multinational technology company which has grown to become one of the world's most influential and successful companies in the field of software development, computer hardware, and related services. · The Client's primary focus revolves ar ...
-
Senior SOC Analyst
3 weeks ago
Emergent Professional Resources New York, United States**Only candidates currently residing in Houston, TX will be considered for this opportunity** · Our Financial Services Client is looking to add a · Senior Security (SOC) Analyst · to their team here in Houston, TX You will be responsible for leading and coordinating incident r ...
-
Senior SOC Analyst
2 weeks ago
Emergent Professional Resources New York, United States**Only candidates currently residing in Houston, TX will be considered for this opportunity** · Our · Specialty Insurance Client · is looking to add a · Senior Security (SOC) Analyst · to their team here in Houston, TX You will be responsible for leading and coordinating inc ...
-
SOC Senior Threat Analyst
1 week ago
Donnelly & Moore Corporation New York, United StatesOur Governement Client in Brooklyn, NY is looking for a SOC Senior Threat Analyst for a Night Shift role for 12+months: · Shift Schedule: Night shifts will typically occur between the hours of 6:00 PM and 6:00 AM. The night SOC analyst position will include weekend shifts. The po ...
-
Tier II SOC Analyst
3 weeks ago
CFONE, Inc. New York, United StatesWe are looking for a Tier II SOC Analyst to support the Security Operations Center and perform the duties outlined below. These responsibilities are crucial in maintaining an organization's cybersecurity posture and require a combination of technical skills, analytical thinking, ...
-
SOC Senior Threat Analyst
2 days ago
Ariel Partners New York, United StatesThis position is fully onsite · Note: Shift Schedule: Night shifts will typically occur between the hours of 6:00 PM and 6:00 AM. The night SOC analyst position will include weekend shifts. The position requires a total of 35 hours per week. · The Senior Threat Analyst position a ...
-
Senior Cybersecurity SOC Analyst
3 weeks ago
MTA, Inc. New York, United StatesSenior Cybersecurity SOC Analyst · Job ID: 7182 · Business Unit: MTA Headquarters · Location: New York, NY, United States · Regular/Temporary: Regular · Department: IT Cyber Security · Date Posted: May 10, 2024 · Description · JOB TITLE: Senior Cybersecurity SOC Analyst · SALARY ...
-
Senior Cybersecurity SOC Analyst
3 weeks ago
Metropolitan Transportation Authority New York, United StatesJob ID: 7182 · Business Unit: MTA Headquarters · Location: New York, NY, United States · Regular/Temporary: Regular · Department: IT Cyber Security · Date Posted: May 10, 2024 · Description · JOB TITLE: Senior Cybersecurity SOC Analyst · SALARY RANGE: $123,053 - $145,243 · H ...
-
SOC Senior Threat Analyst
2 weeks ago
NYC IT Inc New York, United StatesJob Description · Job Description · SPECIAL REQUIREMENTS: · ***Candidate must be willing to work days, nights and/or weekends depending on coverage or critical incident response needs** · SCOPE OF SERVICES · TASKS: · Perform many critical functions within the Threat Management ...
-
Senior Cybersecurity SOC Analyst
3 weeks ago
MTA, Inc. New York, United StatesSenior Cybersecurity SOC Analyst · Job ID: 7182 · Business Unit: MTA Headquarters · Location: New York, NY, United States · Regular/Temporary: Regular · Department: IT Cyber Security · Date Posted: May 1, 2024 · Description · JOB TITLE: Senior Cybersecurity SOC Analyst · SALARY R ...
-
Senior Cybersecurity SOC Analyst
3 weeks ago
MTA Headquarters New York, United StatesJOB TITLE: Senior Cybersecurity SOC Analyst · SALARY RANGE: $123,053 - $145,243 · HAY POINTS: 551 · DEPT/DIV: Information Technology / Cybersecurity · SUPERVISOR: Cybersecurity Director, IT Cyber Security · LOCATION: Various/ 2 Broadway New York, NY 10004 · HOURS OF WORK: 9 ...
-
Tier 2 SOC Analyst
3 weeks ago
Lynx Technology Partners Inc New York, United StatesJob Description · Company Overview: At Lynx Technology Partners, our mission is to enable organizations to demonstrate mature governance, risk, and compliance practices that integrate security considerations into the business decision-making process. We achieve this by securing ...
Senior Cybersecurity SOC Analyst - New York, United States - Metropolitan Transportation Authority
Description
Position at MTA Headquarters
JOB TITLE: Senior Cybersecurity SOC Analyst
SALARY RANGE: $123,053 - $145,243
HAY POINTS: 551
DEPT/DIV: Information Technology / Cybersecurity
SUPERVISOR: Cybersecurity Director, IT Cyber Security
LOCATION: Various/ 2 Broadway New York, NY 10004
HOURS OF WORK: 9:00 am - 5:30 pm (7.5 hours or as required)
This position is eligible for telework which is currently two day per week. New hires are eligible to apply 30 days after their effective date of hire.
About us:
The MTA transportation network has very large systems and infrastructure for financial, business, automated train, transportation, power, and physical security. The MTA IT Department is centrally responsible for providing a full range of Information and Operational Technology services to the MTA agencies and administrative units through its operating and support units. Services are provided on a 7/24/365 basis in support of the MTA organization and its ridership.
The MTA IT Cybersecurity organization, is responsible for identifying, developing, implementing, and integrating cybersecurity-related processes internal and third-party supplier organizations to reduce the operational risks, reputational risks and financial risks. The organization also has robust cybersecurity operations functions designed to protect the MTA in real-time on a 7/24/365 basis.
Summary of Job
This role plays a vital part in upholding the overall security stance of the MTA's Information Technology (IT)/ Operational Technology (OT) infrastructure by reviewing cybersecurity alerts and events that occur within the security stack on a continuous basis as part of a 7/24/365 security monitoring operation (SOC) identifying suspicious/anomalous activities, vulnerabilities and potential threats across various attack vectors, escalating incidents, and recommending or deploying mitigation tactics.
The main objective of a SOC analyst is to identify, analyze, and escalate alerts and events to safeguard the MTA's Information Technology (IT)/ Operational Technology (OT) critical infrastructure and sensitive information from potential cyber threats by cybercriminals or malicious insiders. Analysis is conducted through the utilization of multiple data analytics tools, such as SIEM, UEBA and Artificial Intelligence (AI)/Machine learning technologies, business processes reviews and collaborate with security engineers, architects, developers, vendors, business units to constantly improve the overall security posture of the MTA. The cybersecurity analyst will focus on specific domains and specialties within cybersecurity with a great degree of specialty to detect, protect and advise the organization proactively and reactively.
Responsibilities
Education and experience:
MTA and its subsidiary and affiliated agencies are Equal Opportunity Employers, including with respect to veteran status and individuals with disabilities.
The MTA encourages qualified applicants from diverse backgrounds, experiences, and abilities, including military service members, to apply.