What are the responsibilities and job description for the Cybersecurity Analyst Levels 1-7 (User Behavior Analytics) position at Metropolitan Transportation Authority?
Description
Job Title: Cybersecurity Analyst, User Behavior Analytics (UBA) Levels 1-7
Salary Range: Level 1: $82,857 - $105,000
Level 2: $87,685 - $115,500
Level 3: $95,929 - $127,050
Level 4: $102,760 - $139,755
Level 5: $114,537 - $153,731
Level 6: $124,311 - $169,104
Level 7: $140,917 - $186,014
POINTS: Level 1 - 282
Level 2 - 323
Level 3 - 393
Level 4 - 451
Level 5 – 551
Level 6 – 634
Level 7 – 775
DEPT/DIV: MTA Information Technology/ Office of IT Cyber Security Services
SUPERVISOR: Cyber Security Officer, Monitoring
LOCATION: 2 Broadway, New York, NY 10004
HOURS OF WORK: 12:00am – 8:30am (7.5hours/day)
8:00am – 4:30pm (7.5hours/day)
3:30pm – 12:00am (7.5hours/day)
This position is eligible for telework which is currently 2 days per week. New Hires are eligible to apply 30 days after their effective date of hire.
In order to protect our employees and continue to provide safe and reliable service to our communities, as of November 14, 2021, we are requiring all new MTA hires to be fully vaccinated against COVID-19 prior to their start date. MTA will consider exceptions for religious and medical reasons, where appropriate. “Fully vaccinated” means you must have both doses of a 2-dose vaccine and two weeks have elapsed since the second dose or have received 1 dose of a 1-dose vaccine and two weeks have elapsed since the dose. Proof of your vaccination status in the form of a CDC vaccine card must be submitted prior to your start date.
The purpose of this position is to provide critical technical expertise in the detection, analysis and response to cybersecurity events primarily alerts generated by User and entity behavior analytics (UEBA) tools such as Exabeam. In addition, the analyst should be able to develop and tune UEBA rules/policies as needed. Cybersecurity Analyst will be responsible for early and accurate detection, prevention response, containment, and guidance to remediation of threats directed against the MTA on a 24/7 basis. The analysis is conducted through technology risk assessments, data analytics tools, business processes reviews and collaborate with security engineers, architects, developers, vendors, business units to constantly improve the overall security of the MTA. The cybersecurity analyst will focus on specific domains and specialties within cybersecurity with a great degree of specialty to detect, protect and advise the organization proactively and reactively.
Level 1
Associate degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.
Basic knowledge and familiarity with monitoring, installing, maintaining and/or troubleshooting cybersecurity related issues associated with applications and/or infrastructure systems
Understanding of TCP/IP (OSI Layers 1– 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.
Understanding of Operating Systems
Scripting or programming skills (PERL, Python, PowerShell, etc.) preferred as needed
Level 2
Associate degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree and 2 years of relevant experience, or a bachelor’s degree in Computer Science or related fields.
Basic knowledge and familiarity with installing, maintaining and troubleshooting technology systems.
Proven ability to troubleshoot and support technical issues.
Proven ability to analyze a security risk assessment
Understanding of Operating Systems
Understanding of TCP/IP (OSI Layers 1– 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.
Scripting or programming skills (PERL, Python, PowerShell, etc.) preferred as needed.
6 months of experience in a specific (Cloud, Applications, Infrastructure, Security Technology, etc.) cybersecurity domain is preferred
Level 3
Bachelor’s Degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.
CISSP or other advanced security-related certification preferred but not required.
Certifications in technology subdomains preferred but not required (ie. Cloud, Applications, Infrastructure, Security Technology, etc.)
2 years of relevant experience.
Requires prior experience with installing, maintaining and troubleshooting technology systems.
Proven ability to troubleshoot and support technical issues using standardized procedures.
Proven ability to analyze a security risk assessment or conduct one with guidance
Understanding of Operating Systems and Hardware
Understanding of TCP/IP (OSI Layers 1– 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.
Scripting or programming skills (PERL, Python, PowerShell, etc.) preferred as needed.
1 year of experience in a specific (Cloud, Applications, Infrastructure, Security Technology, etc.) cybersecurity subdomain is preferred
Level 4
Bachelor’s Degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.
3 years of relevant experience or 18 months of experience in a specific cybersecurity subdomain (Cloud, Applications, Infrastructure, Security Technology, etc.).
Current CISSP or other advanced security-related certification preferred but not required.
Certifications in technology subdomains preferred but not required (ie. Cloud, Applications, Infrastructure, Security Technology, etc.)
Proven ability to independently evaluate and resolve most problems within an area of infrastructure, applications within a security domain context.
Proven ability to analyze and/or conduct a security risk assessment
Understanding of Operating Systems and Hardware
Advanced understanding of TCP/IP (OSI Layers 1– 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.
Scripting or programming skills (PERL, Python, PowerShell, etc.).
Level 5
Bachelor’s Degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.5 years of relevant experience or 2.5 years of experience in a specific cybersecurity subdomain (Cloud, Applications, Infrastructure, Security Technology, etc.)Current CISSP or other advanced security-related certification preferredCertifications in technology subdomains preferred but not required (ie. Cloud, Applications, Infrastructure, Security Technology, etc.).
Progressive cybersecurity related accomplishments
Requires broad technical knowledge of multiple technologies, or an in-depth knowledge of one technology including its impact on other technologies.
Proven ability to analyze and/or conduct a security risk assessment
Understanding of Operating Systems and Hardware
Advanced understanding of TCP/IP (OSI Layers 1– 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.
Scripting or programming skills (PERL, Python, PowerShell, etc.) as needed.
Level 6
Bachelor’s Degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.
8 years of relevant experience or 4 years of experience in a specific cybersecurity subdomain (Cloud, Applications, Infrastructure, Security Technology, etc.).
CISSP or other advanced security-related certification preferred
Certifications in technology subdomains preferred (ie. Cloud, Applications, Infrastructure, Security Technology, etc.).
Verifiable implementation of security domain controls for enterprise technologies
Requires seasoned expertise in multiple technologies and strong understanding of the current and future technology architecture, including the inter-operability of technologies.
Advanced ability to conduct and analyze a security risk assessment
Understanding of Operating Systems and Hardware
Expert understanding of TCP/IP (OSI Layers 1– 4) and Internet and Intranet technologies required (OSI Layers 5-7) required.
Some scripting or programming skills (PERL, Python, PowerShell, etc.) as needed.
Level 7
Bachelor’s Degree in Computer Science or related fields. An equivalent combination of education and experience may be considered in lieu of a degree.
10 years of relevant technology based or cybersecurity experience or 5 years of experience in a specific cybersecurity subdomain (Cloud, Applications, Infrastructure, Security Technology, etc.).
CISSP and other advanced security-related certification preferred.
Certifications in technology subdomains preferred (ie. Cloud, Applications, Infrastructure, Security Technology, etc.).
Significant practical expertise in cybersecurity related disciplines.
Requires seasoned expertise in multiple security domains, technologies and strong understanding of the current and future technology and security architecture, including the inter-operability of security solutions and technologies.
As an employee of MTA Headquarters, you may be required to complete an annual financial disclosure statement with the State of New York, if your position earns more than $105,472 (this figure is subject to change) per year or if the position is designated as a policy maker
Qualified applicants can submit an online application by clicking on the 'APPLY NOW' button from either the CAREERS page or from the JOB DESCRIPTION page.
If you have previously applied on line for other positions, enter your User Name and Password. If it is your first registration, click on the CLICK HERE TO REGISTER hyperlink and enter a User Name and Password; then click on the REGISTER button.
MTA and its subsidiary and affiliated agencies are Equal Opportunity Employers, including with respect to veteran status and individuals with disabilities.
The MTA encourages qualified applicants from diverse backgrounds, experiences, and abilities, including military service members, to apply.
Salary : $82,857 - $105,000
