The responsibilities include, but are not limited to, the following:
· Serving as a primary point of contact for MTA CSOC & MSSP Cybersecurity Incident escalations
· Interfaces directly with vendors & third parties for notified/observed compromises
· Forensics on memory, disks, and logs
· Malware analysis (dynamic & static)
· Involvement in full incident response lifecycle
· Processes evidence in accordance with Chain of Custody
· Creates Incident reports to brief to executive management
· Provide recommendations to prevent similar incidents
· Assist the Threat Intelligence group in other functions including:
o Incident Response & Forensics
o Threat Readiness
o Cyber Content Engineering & Automation
Mandatory Skills
· Bachelor's degree in Computer Science, Information Services, or IT Security related field –Or- A satisfactory equivalent with at least 3 years of IT-Security experience.
· Minimum of 3 years of experience Tier 1 & 2 support for cyber security operation center.
· Minimum of 3 years’ experience with performing incident response functions & investigations.
· Excellent communication skills.
· Strong experience with digital forensic tools.
· Strong understanding and analysis of code such as Powershell, PERL, Python.
Preferred Skill
· Cybersecurity certifications.
· Experience with OT & PCI technologies.