Job ID: 2020-7190 Type: NYU IT (WS1170) # of Openings: 1 Category: Technology New York University
Reporting directly to NYU's Global CIO, the Associate VP Global Chief Information Security Officer leads the Office of Information Security (OIS) which is a high performance and highly technical team charged with the responsibility of mitigating cyber risks, minimizing the likelihood of a breach, and maintaining compliance with information security regulatory requirements for all of NYU. OIS aims to evolve the maturity of the NYU Information Security Program through people, process and technology while maintaining alignment with university initiatives, IT goals and core beliefs. OIS is made up of several functional areas including Operations Planning & Strategy, Security Architecture & Engineering, IT Risk Management, Detect Response & Forensics, IT Policy & Compliance and Security Awareness & Outreach. The Senior Cyber Forensic Analyst is the key source for proactive advanced detection of threats, cyber forensic investigations if a security incident is suspected and/or occurs, and derives useful intelligence to advise on mitigation of overall risks and specific remediation actions regarding vulnerabilities. This vital role necessitates deep understanding of the multi-step process of hacker's exploitation techniques, malware analysis, and leverages the use of information sources, for example, network infrastructure and log data, source code, and threat feeds. A Senior Cyber Forensic Analyst is expected to mentor, coach, train and lead other team members to establish potential coverage when the incumbent is away from the office. The incumbent will also manage a virtual team during a crisis investigation.
Required Education: Master's Degree Digital Forensics and Cybersecurity
Required Experience: 7+ years Relevant experience in Digital Forensics and Cybersecurity/Information Security 5+ years Leading teams through forensic investigations.
Required Skills, Knowledge and Abilities: Ability to follow industry standard methods of properly identifying , collecting, preserving and analyzing digital evidence with an emphases on network, email, and host-based forensic artifacts. Identify and collect malicious artifacts and identify techniques, tactics and procedures to help formulate indicators of compromise (IOC's) that can be applied to current and future investigations. Formulate new detection mechanisms and create new sensors to identify malicious processes. Build scripts, tools, or methodologies to enhance incident investigation processes. Knowledge of best practice security frameworks and application of framework in work experience. Excellent communications, organizational, analytical, planning, and problem solving skills. Ability to conduct presentations and to provide technical advice to a non-technical audience. Strong knowledge of information systems security standards and practices (e.g., access control, system hardening, system audit and log file monitoring, security policies, and incident handling). Strong conceptual and practical understanding of IT Infrastructure designs, technologies, products, and services. This should include knowledge of networking protocols, firewall functionality, host and network intrusion detection systems, operating systems, databases, encryption, load balancing, and other technologies. Knowledge of best practice security frameworks and application of framework in work experience. Ability to understand the implications of new information for both current and future problem-solving and decision-maning and demonstrates a high commitment to quality Knowledge of processes that build and sustain an environment that adheres to the highest standards of integrity, ethics and confidentiality Ability to work in a fast-paced and dynamic environment, simultaneously handling multiple priorities.
Preferred Skills, Knowledge and Abilities: Additional KSA: Expertise with implementation and operation of End Point Security Tools, including Antivirus, Anti-malware, host Firewall and Host IDS (intrusion detection system). Ability to effectively prioritize and execute multiple tasks in a high-pressure environment. Ability to conduct research into IT security issues and products as required. Ability to present ideas in business-friendly and non-technical language. Highly self-motivated and directed. Team-oriented and skilled in working within a collaborative environment.
NYU aims to be among the greenest urban campuses in the country and carbon neutral by 2040. Learn more at nyu.edu/sustainability.
Founded in 1831, New York University is now one of the largest private universities in the United States. Of the more than 3,000 colleges and universities in America, New York University is one of only 60 member institutions of the distinguished Association of American Universities.