NYISO is hiring a
Cybersecurity Operations Center Analyst

Summary

Join the New York Independent System Operator (NYISO) as a Cybersecurity Operations Center Analyst and contribute to providing a central point for 24x7x365 continuous security monitoring of NYISO's computing environments. This role involves collaborating with IT groups, responding to cyber threats and incidents, and keeping stakeholders informed of evolving threats and vulnerabilities.

Requirements

• At least 1 year of experience as a Cyber Security Analyst or related role
• Knowledge of various security methodologies and processes, and technical security solutions (firewall, intrusion detection systems, and Security Information and Event Management (SIEM) platforms)
• Knowledge of TCP/IP Protocols, network analysis, and network/security
• Knowledge of common Internet protocols and web
• Ability to multi-task, prioritize, and manage time
• Strong attention to detail
• Excellent interpersonal skills and professional
• Excellent verbal and written communication
• Excellent customer service
• Proficient in Microsoft Office

Responsibilities

• Provide around the clock monitoring, analysis, and response to cyber security events and trends of security log data
• Maintain records of security monitoring and incident response activities, utilizing case management and ticketing technologies
• Provide incident response support, including triage, remediation and
• Investigate and document events to aid incident responders, managers and other CSOC team members on security issues and the emergence of new
• Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event information. Escalate intrusions and compromises to NYISO’s network infrastructure, applications, and operating systems to the CSIRT as
• Analyze sourced intelligence of attacker tactics, techniques, and procedures (TTPs)
• Provide threat and vulnerability research and analysis
• Execute defined standard operating procedures, event and job aides required for successful task completion
• Integrate and share information with other analysts and other
• Recommend changes to Standard Operating Procedures and other similar
• Generate end-of-shift reports for documentation and knowledge transfer to subsequent on-shift
• Other duties as assigned. 

Preferred Qualifications

• Experience administrating various operating systems (e.g., Windows, OS X, Linux, etc.) commonly deployed in enterprise networks. A conceptual understanding of Windows Active Directory is also
• Working knowledge of network communications and routing protocols (e.g., TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g., SMTP, DNS, DHCP, SQL, HTTP, HTTPS, )
• Experience working with various event logging systems and be proficient with security event log analysis. Previous experience with Security Information and Event Monitoring (SIEM) platforms that perform log collection, analysis, correlation, and alerting is also
• Experience in analyzing net flow data and packet capture (PCAP)

Benefits

• The NYISO takes pride in recruiting, developing and retaining highly talented individuals. In addition to competitive salaries, we offer a comprehensive benefits package and innovative reward programs
• The NYISO offers the flexibility to work both in the office and remotely, providing our employees with an enhanced work life balance. While the majority of the responsibilities of this role can be performed remotely, in most cases, employees will have periodic on-site requirements based on business needs