Senior CERT Specialist | City of New York Jobs

The Office of Technology and Innovation (OTI) leverages technology to drive opportunity, improve public safety, and help government run better across New York City. From delivering affordable broadband to protecting against cybersecurity threats and building digital government services, OTI is at the forefront of how the City delivers for New Yorkers in the 21st century. Follow us on social media @NYCOfficeofTech, and visit www.nyc.gov/oti to learn more.

At OTI, we offer great benefits, and the chance to work on projects that have a meaningful impact on millions of people. You'll have the opportunity to work with cutting-edge technology and collaborate with other passionate professionals who share your drive and commitment to making a difference through technology.

New York City Cyber Command is seeking a Senior Computer Emergency Response Team (CERT) Specialist to serve the City of New York as an advanced-level cybersecurity Digital Forensics and Incident Response (DFIR) practitioner. Reporting to the CERT Lead and serving as a senior technical authority above CERT Specialists, the Senior CERT Specialist guides the development, enhancement, and deployment of citywide incident response policies, procedures, and capabilities. This role is a primary technical escalation point for high-profile cybersecurity incidents impacting City agencies, particularly during identification, containment, and eradication phases, and provides technical mentorship to junior CERT Specialists.

The CERT team engages in malware analysis, digital forensics, campaign assessments, and threat hunts, harmonizing response activities among OTI-Cyber Command, City agencies, state/federal government, and private entities. The Senior CERT Specialist will work alongside internal teams including cyber threat intelligence, counter-threat automation, urban technology, and data science to innovate detection, investigation, response, and remediation methods and capabilities.

Responsibilities will include:
-Serve as a senior technical escalation point for high-profile cybersecurity incidents, supporting the CERT Lead in ensuring 24x7 operational readiness;
-Lead complex incident response engagements end-to-end, coordinating activities among City departments, external partners, and state, federal, and private entities;
-Provide technical mentorship, peer review, and on-the-job training to CERT Specialists, including guidance on forensic methodology, analytical rigor, and report quality;
-Act as a subject matter expert in investigating cybersecurity incidents through advanced log, file, and malware analysis;
-Perform and oversee memory, network, disk, and cloud forensics across enterprise environments (AWS, Azure, GCP);
-Devise and validate remediation strategies and assist affected City agencies in containing, eradicating, and recovering from cybersecurity incidents;
-Lead the development of post-incident action plans and root-cause analyses to improve Mean Time to Detect, Respond, and Recover/Restore;
-Design, build, and enhance cyber-incident detection tools, automation, and response capabilities, including custom tooling and detection content;
-Partner with cyber threat intelligence teams to operationalize indicators, TTPs, and campaign intelligence into proactive countermeasures and threat hunts;
-Design, lead, and facilitate cyber tabletop exercises with City departments to identify capability gaps, procedural weaknesses, and critical infrastructure dependencies;
-Contribute to the development, review, and continuous improvement of citywide incident response policies, playbooks, and standard operating procedures;
-Assist NYC agencies in maturing their cyber incident response programs through direct consultation and capability assessments;
-Maintain current knowledge of cyber threat campaigns, adversary tradecraft, and emerging vulnerabilities, and share that knowledge across the team;
-Participate in on-call rotation, which may require rotational weekday/weekend coverage;
-Handle special projects and initiatives as assigned.

HOURS/SHIFT
Day - Due to the necessary technical duties of this position in a 24/7 operation, candidate may be required to work various shifts such as weekends and/or nights/evenings.

WORK LOCATION
Brooklyn, NY

TO APPLY
* Interested applicants with other civil service titles who meet the preferred requirements should also submit a resume for consideration

Please go to www.cityjobs/jobs/search and search for Job ID #781696

SUBMISSION OF A RESUME IS NOT A GUARANTEE THAT YOU WILL RECEIVE AN INTERVIEW
APPOINTMENTS ARE SUBJECT TO OVERSIGHT APPROVAL

OTI participates in E-Verify

IT SECURITY SPECIALIST - 95622

Minimum Qualifications

A baccalaureate degree from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the particular position; or,

Education and/or experience which is equivalent to "1" above.

Preferred Skills

The preferred candidate should possess the following: -Significant experience performing security events and incident detection, handling, and response in an operational environment such as SOC, CSIRT, or CERT, including experience leading incidents. -Demonstrated experience mentoring or providing technical leadership to junior analysts or responders. -Advanced experience reviewing and analyzing security events from diverse monitoring and logging sources, including SIEM, EDR, and cloud-native telemetry. -Deep knowledge of packet analysis and IDS/IPS technology. -Proven experience conducting host, network, memory, and disk forensics in enterprise environments. -Proven experience conducting incident response and forensics in cloud environments (AWS, Azure, and/or GCP) -Experience conducting malware analysis, including static and dynamic analysis and reverse engineering. -Strong understanding of intrusion analysis, attacker tradecraft, and frameworks such as MITRE ATT&CK and the Cyber Kill Chain.-Experience designing and facilitating tabletop exercises or incident response training. -Experience with website and web application security assessment or penetration testing

Public Service Loan Forgiveness

As a prospective employee of the City of New York, you may be eligible for federal loan forgiveness programs and state repayment assistance programs. For more information, please visit the U.S. Department of Education’s website at https://studentaid.gov/pslf/.

Residency Requirement

New York City Residency is not required for this position

Additional Information

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.