Job Title: Senior Threat Analyst 1 (Nights/Weekends)

Location: Onsite at 11 MetroTech Center, 5th Floor, Brooklyn, NY 11201

Rate: $70/Hour

Night SOC Analyst Hours: Typically, 6:00 PM-6:00 AM. Will include weekend shifts.

SCOPE OF SERVICES TASKS:

• Perform many critical functions within the Threat Management discipline including staffing 24x7x365 coverage at the City’s Security Operations Center (SOC) augmenting FTE shift schedules including days, nights, weekends, and holidays.

• Interface with OTI Cyber Command teams internally, with City agencies, vendors, and information-sharing partners.

• Monitor City networks and security alerts for intrusion, attempted compromise, and anomalous behavior; apply mitigation techniques or escalation factors; correlate threat intelligence across various logs collected by established security controls.

• Produce routine SOC metrics & reporting.

• Maintain situation reports (SITREPS) • Perform weekly quality control checks.

• Works closely with SOC Director on incident preparation including the continuous development of new SOC playbooks and runbooks.

MANDATORY SKILLS/EXPERIENCE Note: Candidates who do not have the mandatory skills will not be considered

Minimum 8 years of experience in Threat Management/SOC/Incident Response environment.

• For a senior position, leadership this includes the ability to lead and mentor junior analysts, coordinate team activities, and manage SOC operations effectively.

• Prior experience working in a SOC environment is mandatory. This includes familiarity with SOC operations, procedures, and tools such as SIEM (Security Information and Event Management) systems, intrusion detection/prevention systems (IDS/IPS), and endpoint detection and response (EDR) tools.

DESIRABLE SKILLS/EXPERIENCE:

• Knowledge of cybersecurity principles, practices, and procedures

• Strong understanding of network and host technologies

• Experience applying techniques for detecting host and network-based intrusion using IDS methods and technologies.

• Experience with SIEM technologies, malware analysis and mitigation techniques

• Apply cybersecurity and privacy principles to organizational requirements (confidentiality, integrity, availability, authentication, non-repudiation)

• Interpret information collected by diagnostic network tools (Netflow, security event logs, IDS systems, etc.)

• Ability to investigate and solve complex problems.

• Excellent communication skills are crucial for effectively communicating security incidents, risks, and recommendations to technical and non-technical stakeholders, including SOC Director and senior management.

• Threat Hunting: Proactive threat hunting capabilities to identify and investigate potential security threats or anomalies within the environment before they escalate into incidents.

• Incident Response: Experience in incident response procedures and methodologies, including the ability to analyze security incidents, contain threats, mitigate risks, and recover from security breaches effectively and efficiently.

SPECIAL REQUIREMENTS: ***Candidate must be willing to work days, nights and/or weekends depending on coverage or critical incident response needs***