Cyber Security Analyst

The Cybersecurity Analyst at the New York Power Authority (NYPA) plays a crucial role in safeguarding NYPA's information technology resources by managing and executing comprehensive cybersecurity measures. This position is responsible for developing and implementing security policies, procedures, and programs. It involves monitoring network traffic and security systems, responding to cyber incidents, and collaborating with business teams to support IT and cybersecurity initiatives. The role ensures that IT investments are aligned with and support NYPA's strategic goals and objectives, thereby contributing to the overall mission of the organization.

To ensure the confidentiality, integrity, and availability of NYPA information, the Cybersecurity Analyst establishes security controls, governance instruments, and associated processes. The role provides governance and oversight to ensure that security measures are integrated into IT solutions and services while identifying and remediating vulnerabilities. Key responsibilities include Security Detection & Monitoring, Incident Response, Threat Hunting, E-Discovery & Digital Forensics, planning and executing drills/exercises, Threat Vulnerability Management (including endpoint scanning and vulnerability management oversight), and Cyber Threat Intelligence. The analyst continually monitors NYPA's technology landscape to detect and respond to threats, maintaining robust protection against potential security breaches.

#LI-JP1

• Ensure the development, implementation and refinement of security policies, procedures, and programs to protect the New York Power Authority's Information Technology cyber assets and enterprise digital ecosystem on premise and in cloud which include computers, networks, telecommunications equipment, data centers, and firewalls.
• Assist with recommendations for IT Solutions based on business requirements; includes understanding and documenting business needs.
• Assist with threat and vulnerability management, remediation, and oversight.
• Assist with Cyber Security Awareness and Education program management.
• Assist with the configuration of and monitoring health of NYPA Cyber Security Services and Technologies.
• Create, maintain, and manage documentation on cyber security assets, tools, and software.
• Collaborate with other IT disciplines as necessary to achieve Cyber Security outcomes.
• Collaborate with Cyber Security Incident Response team on monitoring and responding to incidents or events.

• Understanding of interactions of applications, operating systems, and hardware configurations.
• Ability to understand and communicate IT security and policy planning.
• Understanding of IT industry trends and tools as they apply to providing solutions to stated business issues and opportunities.
• Knowledge of cyber security policies and practices found throughout both the public and private sectors.
• Understanding of the IT system infrastructure and network topology, familiarity with cyber security strategies and Security Information and Event Management (SIEM) tools.
• Demonstrated analytical problem-solving skills and practical cyber security experience.
• Ability to communicate technical and security related concepts to a broad range of technical and non-technical staff.

Associate's Degree / Military Veteran required

Minimum 4 years of experience in Information Technology or Cyber Security

Preferred Education/Experience:

Bachelor's degree with minimum 2 years of experience in Information Technology

Industry Certification such as CISSP or CISM certification, or equivalent

May be required to respond Cyber Security alerts and communicate during off hours.