The Metropolitan Transportation Authority (MTA) Information technology (IT) department is seeking candidates who able to perform Cyber Security Forensic Investigations and malware reverse engineering in support of maintaining an efficient Cyber Security Operations Center (CSOC) at the MTA. Potential candidates will also perform security monitoring, threat hunting, and administration support for various Security Systems managed by the Security Monitoring and Threat Intelligence teams. Technologies include but are not limited to (Splunk, various Intelligence feeds from ISACs, UBA, VPN, Case Management Systems, and various software products).

Requirements:

1. Expert ability to perform malware reverse engineering to examine how the program interact with the MTA environment.

2. Expert ability to examine malicious software (bots, worms, and trojans) to understand the nature of the threats.

3. Must possess professional documentation skills to accurately detail the attack capabilities, understand the characteristics, and define signatures to detect malware.

4. Ability to work with partners, vendors, MTA departments and law enforcement agencies to maintain an understanding of security threats, vulnerabilities, and exploits that could impact systems, networks, and assets.

5. Provide real time monitoring, threat hunting, interpretation of threat intelligence, analytics, security incident handling and investigation on perimeter/internal infrastructure and applications security events

6. Expert ability to develop and maintain the IT security incident response process, including all required supporting materials.

7. Administration of all associated Security Monitoring devices & tools which includes but are not limited to Security Events and Incident Management (SIEM), Splunk, firewall, IDS / IPS, DLP, Proxy, LDAP, AD, UBA, Remote Access / VPN, Wireless etc. for all MTA network 24x7x365 to make sure all MTA critical (PCI/PPSI/HIPPA) and non-critical infrastructure and applications are secure.

8. Responsible to provide 24x7x365 security operation support as it relates to all security technologies managed by Cyber Security Operation Center at MTA.

9. Assist, train, mentor and serve as backup to other staff members including union staff in supporting Cyber Security Operation Center 24x7x365.

10. Escalate complex issues to next level security support and report it to CSOC lead.

11. Ensure execution of the incident response process to the resolution of the incident.

12. Organize, participate in and, if required, chair post incident reviews for presentation to the senior management including technical and non-technical audiences.

13. Must have strong oral and written communications skills.

14. Must have strong analytical abilities.

15. Must have strong customer service skills.

Education and Experience: Bachelor’s degree in Computer Science, Information Technology or related discipline or equivalent work experience. Cyber Security Certifications from SANS or GIAC are preferred.

To apply for MTA IT Network Support Analyst opportunities and to view complete job details including responsibilities and qualifications for these opportunities, please visit MTA’s employment site at www.mta.info/employment and select JOB ID # 90518