Cybersecurity Analyst Levels 1-7 IT/OT Cybersecurity Awareness

MTA
New york city, NY
06 Apr 2024

Vacancy expired!

Description

Job Title:

Cybersecurity Analyst Levels 1-7 IT/OT Cybersecurity Awareness

Salary Range: Level 1:

$82,857.04 - $105,000

Level 2:

$87,685.20 - $115,500

Level 3: $95,929.32 - $127,050

Level 4: $102,760.32 -$139,755

Level 5: $114,537.24 -$153,731

Level 6: $124,311.32 -$169,104

Level 7: $140,917.09 -$186,014

POINTS:

Level 1 - 282

Level 2 - 323

Level 3 - 393

Level 4 - 451

Level 5 - 551

Level 6 - 634

Level 7 - 775

DEPT/DIV: MTA IT/ Office of IT Cyber Security Services

SUPERVISOR:

Deputy Chief Cybersecurity Officer • IT Cyber Security

LOCATION: 2 Broadway, New York, NY 10004

HOURS OF WORK: 9:00 am-5:30pm (7.5 hours/day)

This position is eligible for telework. New Hires are eligible to apply 30 days after their effective date of hire.

In order to protect our employees and continue to provide safe and reliable service to our communities, as of November 14, 2021, we are requiring all new MTA hires to be fully vaccinated against COVID-19 prior to their start date. MTA will consider exceptions for religious and medical reasons, where appropriate. "Fully vaccinated" means you must have both doses of a 2-dose vaccine and two weeks have elapsed since the second dose or have received 1 dose of a 1-dose vaccine and two weeks have elapsed since the dose. Proof of your vaccination status in the form of a CDC vaccine card must be submitted prior to your start date.

The purpose of this position is to provide critical technical expertise in managing and analyzing cybersecurity risks. Cybersecurity Analyst will be responsible for conducting risk assessments, designing, and executing the Cybersecurity Awareness program at the MTA for both Information and Operational Technology units. The Cybersecurity analyst will manage and develop cybersecurity awareness activities related to corporate, 3 rd party and operational technology risks in the various security domains such as email management, data security, identity management, secure computing, system administration, application development, compliance, practical training of Cybersecurity policies and best practices that promote compliance and good cyber hygiene techniques.

The analyst will conduct and/or manage technology risk assessments, data analytics tools, business processes reviews and collaborate with security engineers, architects, developers, vendors, business units to constantly improve the overall security of the MTA. The cybersecurity analyst will focus on specific domains and specialties within cybersecurity with a great degree of specialty to detect, protect and advise the organization proactively and reactively.

Level 1
  • Basic knowledge and familiarity with monitoring, installing, maintaining and/or troubleshooting cybersecurity related issues associated with applications and/or infrastructure systems
  • Understanding of TCP/IP (OSI Layers 1- 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.
  • Understanding of Operating Systems
  • Scripting or programming skills (PERL, Python, PowerShell, etc.) preferred as needed

Level 2
  • Basic knowledge and familiarity with installing, maintaining and troubleshooting technology systems.
  • Proven ability to troubleshoot and support technical issues.
  • Proven ability to analyze a security risk assessment
  • Understanding of Operating Systems
  • Understanding of TCP/IP (OSI Layers 1- 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.
  • Scripting or programming skills (PERL, Python, PowerShell, etc.) preferred as needed.

Level 3
  • Requires prior experience with installing, maintaining and troubleshooting technology systems.
  • Proven ability to troubleshoot and support technical issues using standardized procedures.
  • Proven ability to analyze a security risk assessment or conduct one with guidance
  • Understanding of Operating Systems and Hardware
  • Understanding of TCP/IP (OSI Layers 1- 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.
  • Scripting or programming skills (PERL, Python, PowerShell, etc.) preferred as needed.

Level 4
  • Proven ability to independently evaluate and resolve most problems within an area of infrastructure, applications within a security domain context.
  • Proven ability to analyze and/or conduct a security risk assessment
  • Understanding of Operating Systems and Hardware
  • Advanced understanding of TCP/IP (OSI Layers 1- 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.
  • Scripting or programming skills (PERL, Python, PowerShell, etc.).

Level 5
  • Progressive cybersecurity related accomplishments
  • Requires broad technical knowledge of multiple technologies, or an in-depth knowledge of one technology including its impact on other technologies.
  • Proven ability to analyze and/or conduct a security risk assessment
  • Understanding of Operating Systems and Hardware
  • Advanced understanding of TCP/IP (OSI Layers 1- 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.
  • Scripting or programming skills (PERL, Python, PowerShell, etc.) as needed.

Level 6
  • Verifiable implementation of security domain controls for enterprise technologies
  • Requires seasoned expertise in multiple technologies and strong understanding of the current and future technology architecture, including the inter-operability of technologies.
  • Advanced ability to conduct and analyze a security risk assessment
  • Understanding of Operating Systems and Hardware
  • Expert understanding of TCP/IP (OSI Layers 1- 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.
  • Some scripting or programming skills (PERL, Python, PowerShell, etc.) as needed.

Level 7
  • Significant practical expertise in cybersecurity related disciplines.
  • Requires seasoned expertise in multiple security domains, technologies and strong understanding of the current and future technology and security architecture, including the inter-operability of security solutions and technologies.
  • Requires proven track record of successful implementation of architectural designs.
  • Expert ability to conduct and analyze a security risk assessment
  • Advanced understanding of Operating Systems and Hardware
  • Expert understanding of TCP/IP (OSI Layers 1- 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.
  • Some scripting or programming skills (PERL, Python, PowerShell, etc.) as needed

Level 1
  • Associate degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.

Level 2
  • Associate degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree and 2+ years of relevant experience, or a bachelor's degree in Computer Science or related fields.
  • 6 months of experience in a specific (Cloud, Applications, Infrastructure, Security Technology, etc.) cybersecurity domain is preferred

Level 3
  • Bachelor's Degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.
  • CISSP or other advanced security-related certification preferred but not required.
  • Certifications in technology subdomains preferred but not required (ie. Cloud, Applications, Infrastructure, Security Technology, etc.)
  • 2+ years of relevant experience.
  • 1 year of experience in a specific (Cloud, Applications, Infrastructure, Security Technology, etc.) cybersecurity subdomain is preferred

Level 4
  • Bachelor's Degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.
  • 3+ years of relevant experience or 18 months of experience in a specific cybersecurity subdomain (Cloud, Applications, Infrastructure, Security Technology, etc.).
  • Current CISSP or other advanced security-related certification preferred but not required.
  • Certifications in technology subdomains preferred but not required (ie. Cloud, Applications, Infrastructure, Security Technology, etc.)

Level 5
  • Bachelor's Degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.
5+ years of relevant experience or 2.5 years of experience in a specific cybersecurity subdomain (Cloud, Applications, Infrastructure, Security Technology, etc.)

Current CISSP or other advanced security-related certification preferred

Certifications in technology subdomains preferred but not required (ie. Cloud, Applications, Infrastructure, Security Technology, etc.).

Level 6
  • Bachelor's Degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.
  • 8+ years of relevant experience or 4 years of experience in a specific cybersecurity subdomain (Cloud, Applications, Infrastructure, Security Technology, etc.).
  • CISSP or other advanced security-related certification preferred
  • Certifications in technology subdomains preferred (ie. Cloud, Applications, Infrastructure, Security Technology, etc.).

Level 7
  • Bachelor's Degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.
  • 10+ years of relevant technology based or cybersecurity experience or 5 years of experience in a specific cybersecurity subdomain (Cloud, Applications, Infrastructure, Security Technology, etc.).
  • CISSP

    • ID: #49639158
    • State: New York New york city 10001 New york city USA
    • City: New york city
    • Salary: USD TBD TBD
    • Job type: Permanent
    • Showed: 2023-04-06
    • Deadline: 2023-06-04
    • Category: Et cetera