NYU LANGONE HEALTH is a world-class, patient-centered, integrated academic medical center, known for its excellence in clinical care, research, and education. It comprises more than 200 locations throughout the New York area, including five inpatient locations, a children's hospital, three emergency rooms and a level 1 trauma center. Also part of NYU Langone Health is the Laura and Isaac Perlmutter Cancer Center, a National Cancer Institute designated comprehensive cancer center, and NYU Grossman School of Medicine, which since 1841 has trained thousands of physicians and scientists who have helped to shape the course of medical history. For more information, go to nyulangone.org, and interact with us on LinkedIn, Glassdoor, Indeed, Facebook, Twitter, YouTube and Instagram.

To protect the safety of our patients, staff, and the community at large effective August 16, 2021, NYU Langone Health requires COVID-19 vaccination of all faculty, staff, voluntary attending physicians, HHMI employees who are on-site, non-compensated faculty, students, clinical or academic observers, and volunteers who provide services on-site at any of our locations, unless granted an approved exemption. 

POSITION SUMMARY

The Senior Analyst will be a key member of the IT Security team responsible for performing critical functions within the Cyber Threat and Incident Response discipline.  The main function is to respond to and investigate potential incidents using security tools and platforms.  The Senior Analyst is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.

JOB RESPONSIBILITIES

• Provide first level and on-call support to analyze and triage potential incidents.
• Analyze and investigative large scale and complex security incidents.
• Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the impact of an incident.
• Conduct analysis of security incidents to improve existing processes and procedures.
• Assist with projects that focus on enhancing detection and incident response capabilities and other improvements to the technologies used by the team.
• Support, administer, and fine tune in-place security solutions for efficient and appropriate operations.
• Review external threat intelligence and determine relevance for our organization; evaluate content for consumption into threat intelligence platform.
• Research, identify, and verify new cyber threat adversary tools, tactics, and processes (TTPs).

MINIMUM QUALIFICATIONS:

• Bachelor’s degree with a focus in Information Security, Computer Science or Computer Engineering

PREFERRED QUALIFICATION:

• CISSP or GCFA
• Splunk Certification
• Experience with Anomali, Splunk, Proofpoint, Tanium, Cylance, Crowdstrike

KNOWLEDGE & EXPERIENCE

 FORMAL EDUCATION & CERTIFICATION

• CISSP or GCIH Preferred

KNOWLEDGE & EXPERIENCE

• 3+ years of recent operational experience in Security Operations Centers or Incident Response.
• 3+ years in threat intelligence tools (Anomali), SIEM tools (i.e. Splunk), Endpoint Security tools (i.e. Sophos, Cylance, Crowdstrike, Tanium).
• Understanding of the TCP/IP networking stack and network technologies.
• Experience with tools such as Proofpoint, Domain Tools, VirusTotal, Wireshark, Snort, NMAP.
• Excellent technical knowledge of mainstream operating systems (for example, Microsoft Windows, Mac OS, and Linux).
• Familiarity with technologies such as VPN, Active Directory, Virtualization Platforms, Cloud Platforms
• Ability to correlate technical information from threat intelligence sources and other disparate security systems to draw conclusions about incidents.
• Strong understanding of industry security best practices and standards.

 PERSONAL ATTRIBUTES

• Proven analytical and problem-solving abilities. Able to think out of the box.
• Ability to effectively prioritize and execute multiple tasks in a high-pressure environment.
• Good written, oral, and interpersonal communication skills.
• Ability to conduct research into IT security issues and products as required.
• Ability to present ideas in business-friendly and non-technical language.
• Highly self motivated and directed.
• Keen attention to detail.
• Team-oriented and skilled in working within a collaborative environment.

WORK CONDITIONS

• 40-hour on-site work week with on-call availability to provide support remotely
• Sitting for extended periods of time.
• Sufficient dexterity of hands and fingers to efficiently operate a computer keyboard, mouse, and other computer components.
• Lifting and transporting of moderately heavy objects, such as computers and peripherals.

Qualified candidates must be able to effectively communicate with all levels of the organization. NYU Langone Health provides its staff with far more than just a place to work. Rather, we are an institution you can be proud of, an institution where you'll feel good about devoting your time and your talents. NYU Langone Health is an equal opportunity and affirmative action employer committed to diversity and inclusion in all aspects of recruiting and employment. All qualified individuals are encouraged to apply and will receive consideration without regard to race, color, gender, gender identity or expression, sex, sexual orientation, transgender status, gender dysphoria, national origin, age, religion, disability, military and veteran status, marital or parental status, citizenship status, genetic information or any other factor which cannot lawfully be used as a basis for an employment decision. We require applications to be completed online. If you wish to view NYU Langone Health's EEO policies, please click here. Please click here to view the Federal "EEO is the law" poster or visit https://www.dol.gov/ofccp/regs/compliance/posters/ofccpost.htm for more information. To view the Pay Transparency Notice, please click here.

Required Skills Required Experience