SOC Analyst (IT Sr Associate 1) - Provisional_

New York

SOC Analyst (IT Sr Associate 1) - Provisional

**GENERAL DUTIES**

I.T. Senior Associates perform highly complex professional work in technology-related disciplines. While areas of specialization vary, typically I.T. Senior Associates perform a range of work in development/programming, communications, technical support, or similar functions depending on the needs of the Information Technology area to which they report. Work tasks include diagnosing, evaluating, overseeing and resolving highly complex projects. They have wide latitude for independent initiative and judgment and may serve in lead roles on complex programs or projects, and/or serve as a direct supervisor of a unit or group.

I.T. Senior Associates should demonstrate mastery of one or more technology-related disciplines, decision-making ability in situations related to those disciplines, and be able to serve as a resource in these areas. They may contribute to decisions on I.T. policies and technical standards.

This job is in CUNY's Classified Civil Service. The full specification is available on our web site at uny.edu/about/administration/offices/hr/classified-civil-service/ccsjobs/

**CONTRACT TITLE**

IT Senior Associate

**FLSA**

Exempt

**CAMPUS SPECIFIC INFORMATION**

The Office of Computing and Information Services (CIS) at the City University of New York (CUNY) supports the IT and telecommunications needs of CUNY's 25 colleges. CIS supports enterprise IT and applications, develops new technologies that advance the University's core mission, builds, upgrades and maintains the University's network, and operates the University's Data Center and Service Desk. Additionally, CIS manages the processes of safeguarding the University’s IT assets, operates the Cyber Security Operations Center (SOC), develops disaster recovery plans for business continuity, maintains the security of the University’s IT assets, and maintains the CUNYfirst Enterprise Resource Planning (ERP) solution that integrates student administration, financial management, and human resources operations across CUNY’s 25 colleges. Lastly, CIS provides strategic and operational IT leadership with respect to the maintenance, enhancement, and expansion of the CUNY network spanning across all CUNY campuses.

The (SOC), a centralized unit within CUNY, is responsible for monitoring, detecting, analyzing, and responding to cybersecurity threats and incidents in real-time. Consisting of a team of cybersecurity professionals who use specialized tools and technologies to continuously monitor the enterprise's networks, systems, and applications for any signs of malicious activity or security breaches, the SOC's primary goal is to protect CUNY's IT assets, critical systems, research data, and sensitive information from cyberattacks by promptly identifying and mitigating security incidents. SOC teams are also involved in threat intelligence gathering, incident response planning, and security policy enforcement to strengthen the organization's overall cybersecurity posture.

Reporting to the SOC Director, Cybersecurity Analyst will be responsible for continuously assessing, securely designing, maintaining, and sustaining CUNY’s wide area network and local area networks. The incumbent will also be tasked with implementing any remediation of identified security gaps and breaches to protect the enterprise and its users. Additionally, as part of the mission to modernize CUNY’s network infrastructure to combat cybersecurity threats, they will be an active participant in this critical strategic project to protect CUNY’s network and data.

Key responsibilities include, but are not limited to the following:

+ Coordinates computer security incident responses with and for colleges, and the CUNY enterprise; aligns incident response procedures and makes recommendations regarding business processes and practices to reduce risks and fosters a strong technology risk management culture throughout the enterprise; writes detailed incident response reports and documents nature of incidents and actions taken.

+ Provides support to both campus IT staff and Information Security customers and assists with reducing incidents and vulnerabilities by performing campus security risk assessments.

+ Partners with management to establish consistent processes to ensure health and stability of cybersecurity platforms and configurations based on observed security patterns and builds monitoring capabilities as needed to proactively identify potential issues.

+ Analyzes security logs to determine and identify threats and potential patterns of malicious activity.

+ Develops tools, scripts, and queries to look for certain anomalous behavior on the network.

+ Creates documentation and runbooks for Security Operations Center (SOC) activities.

+ Provides and maintains service to users and website operators, and incident response team to help share cybersecurity knowledge; operates and reviews maintenance of all cybersecurity tools, software suites, devices, appliances, and systems.

+ Coordinates development of cyber security assessment practice services and simulates security threats with the intent of achieving a specific goal or accessing sensitive and private user information; participates in incident response drills and exercises.

+ Collaborates proactively with technology partners/stakeholders and service/platform owners to ensure all technology security components are integrated into CUNY enterprise architecture and any control gaps are addressed; consults on regulatory compliance requirements, reporting, and questions.

+ Develops ongoing technology risk reports, monitors key trends, and defines metrics to regularly measure control effectiveness for own area.

NOTES:

1. Until further notice, this is a hybrid position, eligible to work remotely and work on-site in the office.

2. An appointment to this Competitive title/position in the Classified Civil Service Title Series will be made with a Provisional status. Employees in provisional status must pass a competitive civil service examination and be appointed from a civil service list to remain in the title/position.

**MINIMUM QUALIFICATIONS**

1. High School Diploma, G.E.D., or equivalent

2. An equivalent of ten years of experience post-high school that can be met by one of the following: ten years of full-time work experience in a computer or technology related position; an Associate's degree plus eight years of full-time work experience in a computer or technology-related position; or a Bachelor's degree from an accredited institution plus six years of full-time work experience in a computer or technology-related position

3. Demonstrated English Language proficiency

4. A Motor Vehicle Driver's license, valid in New York State, may be required for some, but not all positions.

This title has three levels. In addition to the minimum qualifications above, To qualify for Levels 2 and 3, additional qualifications, such as education, experience, or certification relevant to the area of specialization are required.

**OTHER QUALIFICATIONS**

**PREFERRED**

The ideal candidate should demonstrate or possess:

+ General knowledge of application installation, configurations, and deployments in enterprise environments

+ Knowledge of cybersecurity systems design process, technical mitigation, risk management tools, techniques, methodologies, frameworks, evaluations, assessments, and reporting

+ Knowledge of network, applications, and information security technical vulnerability testing and tools.

+ Ability to work effectively in designing, building, and deploying automation to scale for vulnerability discovery efforts and device security compliance

+ Relevant soft skills to influence a cross-functional team to accomplish goals

+ Strong written and verbal skills with the ability to effectively and accurately report relevant risks to the appropriate constituents of diverse groups (technical and non-technical audiences), across all levels of university constituencies

+ Proficiency with all Microsoft Office Suite tools (Word, Excel, Visio, Outlook, PowerPoint, and Teams)

**COMPENSATION**

The salary is **$91,298.**

CUNY's benefits contribute significantly to total compensation, supporting health and wellness, financial well-being, and professional development. We offer a range of health plans, competitive retirement/pension benefits and savings plans, tuition waivers for CUNY graduate study, and generous paid time off. Our staff also benefits from the extensive academic, arts, and athletic programs on our campuses and the opportunity to participate in a lively, diverse academic community in one of the greatest cities in the world.

**HOW TO APPLY**

For full consideration, submit a cover letter and resume online via CUNY's web-based job system, addressing how your experience and credentials fulfill the responsibilities and qualifications outlined. The direct link to the job opening from external sources is:

unyfirst.cuny.edu/psc/erecruit/EMPLOYEE/HRMSCG/c/HRS\_HRAM\_FL.HRS\_CG\_SEARCH\_FL.GBL?Page=HRS\_APP\_JBPST\_FL&Action=U&FOCUS=Applicant&SiteId=1&JobOpeningId=28637&PostingSeq=1

Current CUNY employees must apply through CUNYfirst Employee Self Service using your login credentials. After you login to CUNYfirst, navigate to job openings by following the path from the Main Menu: Employee Self Service –>Careers

**CLOSING DATE**

Open until filled.

**JOB SEARCH CATEGORY**

CUNY Job Posting: Information Technology/Technical

**EQUAL EMPLOYMENT OPPORTUNITY**

CUNY encourages people with disabilities, minorities, veterans and women to apply. At CUNY, Italian Americans are also included among our protected groups. Applicants and employees will not be discriminated against on the basis of any legally protected category, including sexual orientation or gender identity. EEO/AA/Vet/Disability Employer.

Job ID

28637

Location

Central Office