Internet Storm Center

Job Description

Job Description
Computer Emergency Response Team (CERT) Specialists serve the City of New York as a senior-level cybersecurity advisor and practitioner, whose expertise will guide the development, enhancement, and deployment of City-wide incident response policies and procedures. This team is the escalation point for high-profile cybersecurity incidents impacting City agencies. The CERT team engages in malware analysis, digital forensics, and campaign assessments; and harmonizes response activities among OTI- Cyber Command, City departments, and state, federal, and private partners. Specialists work alongside internal teams such as, but not limited to, cyber threat intelligence, counter-threat automation, urban technology, and data science teams to innovate detection, investigation, response, and remediation methods and capabilities.

Responsibilities include:
• Assist NYC agencies in improving cyber incident response;
• Design and participate in cyber tabletop exercises with City departments to identify capability gaps, procedural weaknesses, and critical infrastructure;
• Design, build and enhance cyber-incident detection tools and capabilities;
• Work with cyber intelligence teams to identify new cyber threats and campaigns and proactively deploy countermeasures;
• Serve as the escalation point for high-profile cybersecurity incidents;
• Prioritize incident response activities and coordinate response efforts among City departments and external partners;
• Investigate cybersecurity incidents through log, file, and malware analysis;
• Perform memory, network, and disk forensics;
• Devise appropriate remediation strategies and assist affected City agencies in containing, eradicating, and recovering from cybersecurity incidents;
• Develop post-incident action plans to improve Mean Time to Recover/Restore;
• Maintain knowledge of current cyber threat campaigns and tradecraft;
• Participate in on-call rotation;
• Handle special projects and initiatives as assigned.