BACKGROUND

The Cybersecurity Infrastructure Analyst shall coordinate cybersecurity assessment and remediation of IT/OT systems supporting World Trade Center operations. The Cybersecurity Analyst shall work and coordinate with the Technology Department performing vulnerability & Risk Assessment of IT/OT systems including applications, databases and logical security of networking environment supporting operations.
The role of the Cybersecurity IT Analyst is to protect IT/OT systems, networks, and data from unauthorized access, damage or theft. This includes cybersecurity assessment to prevent cyberattacks and respond to cybersecurity security incidents. The cybersecurity analyst shall assess risks, review system design submittals and recommend security strategies to mitigate potential threats.
The cybersecurity analyst’s primary role is to assess the operating system, application and networking infrastructure supporting IT/OT systems, coordinate scanning, generate vulnerability reports and coordinate cyber remediation and compliance with operations and property management team and system owners.
The cybersecurity analyst ensures the department IT requirements are aligned with the agency strategy leveraging and protecting information technology assets.

The responsibility of the Cybersecurity IT analyst is to assist implementing the agency cybersecurity strategy, and processes to support the department IT strategy, and documents this using logical working models or views that show how the current and future needs of the department will be met in an efficient, sustainable, agile, and adaptable manner including,

• Assessment of OT Industrial Control Systems
• Cyber Incident response workflows
• Vulnerability Assessment - Data Organization and Analysis
• Countermeasures & Controls - Data Organization and Analysis
• Identification of End-of-Life Physical Assets
• Malware Protection of IT/OT Systems
• Adheres to agency policy requiring a safe, respectful professional atmosphere in the workplace.

Candidates must present the following qualifications to be considered eligible for this position:

• Knowledge of Microsoft, Linux operating systems and network security components.
• Conduct detailed endpoint investigations identifying and containing IOCs and creating event timelines.
• Developing solutions to protect endpoints whether on- or off-premises, outside the network, or behind network address translation (NAT).
• Creating business solutions using IT resources in response to business requirements.
• Develop full-scale project plans and associated communications documents.
• Reviewing and coordinating responding to design requests from World Trade Center Department and operations partners.
• Communicate project expectations to team members and stakeholders in a timely and clear fashion
• Preparation of workflows, incident response and project documentation
• Preparation of PowerPoint presentations including preparation of Microsoft project schedule and workflow process
• Participate in work sessions to validate system requirements, concept of operations and transferring of knowledge to support property management and vendors responsible for IT/OT systems.
• Manage and coordinate cybersecurity response and procedures led by the Cybersecurity Incident Response (CSOC) & Technology Department CISO.
• Work with the technology department Cybersecurity manager to recommend end point protection for systems off PAWANET and devices that effectively reflect business needs, service-level and availability requirements and other technology parameters.
• Develop forensic evaluation principles, models, plans, internal cybersecurity standards and processes based on industry best practices.
• Lead teams of other cybersecurity engineers implement system administration and remediation plan for systems.
• Communicate the role and values of cybersecurity and present the business case for technology investments.
• Continually update understanding of business and technology status and objectives and respond to strategic cybersecurity improvement requests as the business evolves.
• Set and continually manage project expectations with team members and other stakeholders.
• Plan and schedule project timelines and milestones using appropriate tools

Candidates must present the following qualifications to be considered eligible for this position:

• Knowledge of Microsoft, Linux operating systems and network security components.
• Conduct detailed endpoint investigations identifying and containing IOCs and creating event timelines.
• Developing solutions to protect endpoints whether on- or off-premises, outside the network, or behind network address translation (NAT).
• Creating business solutions using IT resources in response to business requirements.
• Develop full-scale project plans and associated communications documents.
• Reviewing and coordinating responding to design requests from World Trade Center Department and operations partners.
• Communicate project expectations to team members and stakeholders in a timely and clear fashion
• Preparation of workflows, incident response and project documentation
• Preparation of PowerPoint presentations including preparation of Microsoft project schedule and workflow process
• Participate in work sessions to validate system requirements, concept of operations and transferring of knowledge to support property management and vendors responsible for IT/OT systems.
• Manage and coordinate cybersecurity response and procedures led by the Cybersecurity Incident Response (CSOC) & Technology Department CISO.
• Work with the technology department Cybersecurity manager to recommend end point protection for systems off PAWANET and devices that effectively reflect business needs, service-level and availability requirements and other technology parameters.
• Develop forensic evaluation principles, models, plans, internal cybersecurity standards and processes based on industry best practices.
• Lead teams of other cybersecurity engineers implement system administration and remediation plan for systems.
• Communicate the role and values of cybersecurity and present the business case for technology investments.
• Continually update understanding of business and technology status and objectives and respond to strategic cybersecurity improvement requests as the business evolves.
• Set and continually manage project expectations with team members and other stakeholders.
• Plan and schedule project timelines and milestones using appropriate tools,

Track project milestones and deliverables.

• Reports to WTCD Operations manager and coordinate providing IT support to CBRE and mentor IT colleagues.
• Deliver progress reports, required documentation, and presentations.
• Proactively manage changes in project scope, identify potential crises, and devise contingency plans.