CERT Specialist

Role: CERT Specialist

Location: Brooklyn, NY

Duration: Long Term

Job Description:

Tasks:

• Salesforce Serve as the escalation point for high-profile cybersecurity incidents
• Engage in malware analysis, digital forensics, and campaign assessments; and harmonizes response activities in the JSOC among OTI, City departments, and state, federal, and private partners.
• Work with cyber intelligence teams to identify new cyber threats and campaigns and proactively deploy countermeasures
• Prioritize incident response activities and coordinate response efforts among City departments and external partners
• Investigate cybersecurity incidents through log, file, and malware analysis
• Perform memory, network, and host forensics
• Devise appropriate remediation strategies and assist affected City agencies in containing, eradicating, and recovering from cybersecurity incidents
• Develop post-incident action plans to improve Mean Time to Detect and Mean Time to Respond
• Maintain knowledge of current cyber threat campaigns and tradecraft
• Proactive threat hunting to identify, counter, and recover from advanced adversaries
• Design, build and enhance cyber-incident detection tools and capabilities
• Participate in on-call rotation

Mandatory Skills:

• Minimum Minimum 4 years of experience in Threat Management/SOC/Incident Response environment performing security event and incident detection and handling in an operational environment.

Preferred Skills:

• BA/BS Excellent verbal and written communication skills
• Previous experience working as a part of an IT Security team
• Formal education or a strong background in Computer Science, Computer Engineering or similar experience
• Incident response experience responding to advanced adversaries
• Active knowledge of current trends in computer security, software/hardware vulnerabilities
• Active interest in current security research
• Ability to work as part of a CERT which may require rotational weekday/weekend on-call coverage
• Strong sense of teamwork, an inquisitive mind, and the desire to share knowledge
• Ability to understand and implement technical vulnerability corrections
• Experience in web application security assessment and/or penetration testing
• Experience with hybrid cloud environments
• Experience conducting static and dynamic malware analysis
• Experience with automation, scripting (Python, PowerShell, etc.)
• Understanding of intrusion analysis
• Knowledge of multiple operating systems internals (Windows, Linux, OS X)
• Host and network forensics
• At least one of the following industry certifications:
  • SANS GIAC: GCIA, GCIH, GCFA, GCFE, GNFA, GREM, GPEN, GWAPT, GXPN, GDAT
  • Offensive Security: OSCP