ABOUT NEW YORK CITY CYBER COMMAND
New York City Cyber Command (NYC3) is committed to protecting City systems that provide vital services to New Yorkers from cyber threats, and helping residents become safer in their digital lives.
As the organization defending the largest municipality in the country, NYC3 is charged with directing citywide incident response, setting citywide cybersecurity policies and standards and working with city agencies to strengthen their cyber defenses.
The mission of the NYC3 is to Prevent, Detect, Respond and Recover from cyber threats against the data and infrastructure of the City of New York, in collaboration with public and private sector partners. Computer Emergency Response Team (CERT) Analysts within NYC Cyber Command perform many critical functions within the Threat Management discipline. As a CERT Analyst, you will work closely with the CERT, Security Operations Center (SOC), Counter Threat Automation (CTA) team, and Cyber Intelligence team on triaging, responding, remediating and recovering from high severity incidents involving over 140 agencies of the City of New York. The spring intern will assist in incident response projects to improve the detection and response capabilities of the city. Responsibilities will include:
– Build detection rules with the log management solution to alert on anomalous behavior indicative of a malicious threat actor.
– Deliver recommendations and actions to improve the detection, escalation, containment and resolution of incidents.
– Maintain knowledge of the current security threats and actors and their relevance to the City by monitoring reports and intel sources.
– Build metrics utilizing a data security approach to gain insight into attacks and responses to incidents within the City of New York.
– Assist in root cause analysis of high severity incidents.
– Work with NYC3 Data Sciences team to ensure accuracy of the alerts being generated from their machine learning algorithms in relation with the threats observed and correlation.
MINIMUM QUALIFICATION REQUIREMENTS
All candidates must be enrolled in a degree bearing program at an accredited institution.
– An active knowledge of current trends in computer security, software/hardware vulnerabilities.
– A general knowledge on security fundamentals and an inquiring mind.
– An active interest in current security research.
– Knowledge in network analysis, host analysis and IDS/IPS technology.
– Experience reviewing and correlating logs from various sources.
– Familiarity with Cyber Kill Chain, MITRE ATT&CK techniques.
Due to the current COVID-19 crisis, this opportunity will be remote.
Spring Internships are full time internships for students in degree bearing programs at an accredited institution. This classification of interns must show either proof of their university giving academic credit, or funding from their university or an authorized 3rd party.
The length of the internship cannot exceed 13 weeks and must take place between the start of Jan and the end of May. Students are required to work a minimum of 17 hours per week.
NYC3 will provide a computer for this internship period. The students will be required to have their own internet connectivity.