Senior Cyber Security Engineer

at  Queens District Attorneys Office

The Office of the Queens County District Attorney (QDA) is seeking an experienced Senior Cyber Security Engineer whose responsibilities will include, but are not limited to:

• Process and analyze cyber threats, establishing the extent of the threat and its impact on the environment.
• Perform detailed analysis of threats during the incident process, combining sound analytical skills with advanced knowledge of IT security and network threats.
• Perform postmortem analysis on logs, traffic flows, and other activities to identify malicious activity.
• Develop and present regular updates and reports for technical audiences on cyber threats and activity.
• Participate in security incident response efforts including off-hours/on-call support.
• Contribute to the development of policies and documentation to support ongoing IT security activities (run books, procedure documentation, etc.).
• Assist in deploying security monitoring tools and countermeasures; detect all threats facing the environment from the everyday to the advanced persistent threats.
• Research, analyze, and understand log sources, particularly security and networking devices (such as firewalls, routers, anti-virus products, and operating systems).
• Work to implement the Security Incident Event Management system.

PREFERRED EDUCATION AND QUALIFICATION REQUIREMENTS:

• A baccalaureate degree from an accredited college or university in Computer Science or related field and four years of satisfactory full-time experience related to projects and policies required by the position; or
• Education and/or experience which is equivalent to “1” above.
  Must have excellent communication skills and experience in handling confidential information.
  Strong preference given to candidates with an understanding of networking protocols and infrastructure designs; understanding of routing, firewall functionality, host and network intrusion detection systems including encryption and load balancing; network protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols) and topologies; experience in monitoring both commercial and open-source IDS/IPS; and knowledge of network forensic techniques.
  For current City employees, a permanent civil service title is preferable.

• Process and analyze cyber threats, establishing the extent of the threat and its impact on the environment.
• Perform detailed analysis of threats during the incident process, combining sound analytical skills with advanced knowledge of IT security and network threats.
• Perform postmortem analysis on logs, traffic flows, and other activities to identify malicious activity.
• Develop and present regular updates and reports for technical audiences on cyber threats and activity.
• Participate in security incident response efforts including off-hours/on-call support.
• Contribute to the development of policies and documentation to support ongoing IT security activities (run books, procedure documentation, etc.).
• Assist in deploying security monitoring tools and countermeasures; detect all threats facing the environment from the everyday to the advanced persistent threats.
• Research, analyze, and understand log sources, particularly security and networking devices (such as firewalls, routers, anti-virus products, and operating systems).
• Work to implement the Security Incident Event Management system