The New York City Housing Authority (NYCHA) is the largest public housing authority in North America. NYCHA’s mission is to increase opportunities for low- and moderate-income New Yorkers by providing safe, affordable housing and facilitating access to social and community services. Over 500,000 New Yorkers reside in over 300 developments offering residents public housing, Section 8 and PACT/RAD programs. NYCHA IT delivers meaningful, innovative, high-performing, cost-effective technology solutions to enable NYCHA to provide quality housing.

We are looking for an experienced Cyber Security Analyst (Level II) to join an energetic and pioneering team. In this critical role, the selected will help lead efforts to protect vital systems and data by proactively hunting for threats, conducting in-depth analysis of security telemetry and event data and contributing to rapid incident response efforts. Cyber Security team plays a crucial role in safeguarding NYCHA’s data and systems by proactively identifying, analyzing, and responding to cyber threats. Join us in shaping a more resilient, secure future for the nation’s largest public housing authority.

Under general supervision, with latitude for independent initiative and decision making, the Cyber Security Analyst Level II will have the following responsibilities:

- Monitor security events, alerts, and logs from various sources, including security information and event management (SIEM) platforms.
- Build advanced queries, workflows, and dashboards in NYCHA’s SIEM, EDR and other security tools to improve SOC operational efficiency and improve monitoring capabilities.
- Develop and implement new use cases aligned with the MITRE ATT&CK and other best practices frameworks to improve incident response across NYCHA’s security tools; recommend new log sources to enhance threat detection.
- Perform in-depth analysis of complex incidents, including correlating threat data from external sources, analyzing artifacts associated with the incident, and providing recommendations to senior Cyber Security management.
- Develop and implement SOAR (Security Orchestration, Automation, and Response) capabilities to automate routine incident response tasks to provide rapid response to common incident types.
- Provide mentorship and technical guidance to junior analysts by reviewing investigations, sharing best practices, and helping build their skills in threat analysis, incident response, and use of security tools.
- In partnership with the Cyber Security Engineering team, recommend security controls to enhance monitoring capabilities and improve incident response processes.
- Track emerging threats, vulnerabilities, and industry trends to help proactively identify potential risks relevant to NYCHA’s environment and translate threat intelligence into actionable detection logic and preventive measures.
- Develop, refine, and maintain detailed security incident reports, capturing technical findings, response actions, root cause analysis, and post-incident recommendations to strengthen incident response processes and drive continuous improvement.
- Other special projects and duties as assigned.

NOTE: The Department of Citywide Administrative Services (DCAS) administered a civil service exam for the Cyber Security Analyst title on 02/05/2025. Therefore, applicants (candidates) that did not take and pass the exam will potentially not be considered, likewise applicants not reachable on the established civil service list will potentially be in jeopardy of being replaced with an eligible civil service candidate.

NOTE: IF THIS APPOINTMENT IS MADE ON A PROVISIONAL BASIS PURSUANT TO 65 OF THE NYS CIVIL SERVICE LAW, NO TENURE OR PERMANENCE ACCRUES TO AN INCUMBENT IN THIS POSITION BY VIRTUE OF SUCH APPOINTMENT.

NOTE: This position is open to qualified persons with a disability who are eligible for the 55-a Program. Please indicate in your cover letter that you would like to be considered for the position under the 55-a Program. For detailed information regarding the 55-a Program, click on the link below:

https://bit.ly/55aProgram

Additional Information

1. NYCHA employees applying for promotional, title or level change opportunities must have served a period of one year at current location and in current title and level (if applicable).
2. NYCHA residents are encouraged to apply.
3. NYCHA provides benefits that include a choice of medical coverage plans, deferred compensation plans and a defined pension benefit plan as a member of the New York City Employees’ Retirement System (NYCERS).

Please read this posting carefully to make certain you meet the minimum qualification requirements before applying to this position.

CYBER SECURITY ANALYST - 13633

1. A baccalaureate degree, from an accredited college including or supplemented by twenty-four (24) semester credits in cyber security, network security, computer science, computer programming, computer engineering, information technology, information science, information systems management, network administration, or a pertinent scientific, technical or related area; or

2. A four-year high school diploma or its equivalent approved by a State’s department of education or a recognized accrediting organization and three years of satisfactory experience in any of the areas described in “1” above; or

3. Education and/or experience equivalent to “1” or “2”, above. College education may be substituted for up to two years of the required experience in “2” above on the basis that sixty (60) semester credits from an accredited college is equated to one year of experience. In addition, twenty-four (24) credits from an accredited college or graduate school in cyber security, network security, computer science, computer programming, computer engineering, information technology, information science, information systems management, network administration, or a pertinent scientific, technical or related area; or a certificate of at least 625 hours in computer programming from an accredited technical school (post high school), may be substituted for one year of experience.

- Strong familiarity and hands-on experience with security monitoring tools and technologies, such as Splunk and Crowdstrike, A/V systems, intrusion detection systems (IDS), and vulnerability scanners. - Demonstrated experience in incident response, including triaging and investigating complex incidents and providing actional recommendations for containment and remediation strategies. - Strong awareness of common security frameworks, standards, and best practices (e.g., NIST Cybersecurity Framework, ISO 27001, CIS Controls). - Experience with PowerShell, Bash, Python, or other scripting languages. - Solid understanding of network protocols, systems, and security architectures. - Experience in analyzing complex logs and correlating security events across multiple data sources in a large, multi-platform environment. - Strong awareness of threat intelligence, attack vectors, and indicators of compromise (IOCs) pertinent to NYCHA or government entities. - Strong analytical and problem-solving skills, with attention to detail. - Effective communication and teamwork abilities demonstrated experience mentoring less experienced analysts. - Demonstrated passion for cyber security must possess a strong willingness to learn, and a dedicated commitment to staying updated on the latest industry trends and best practices. - Cyber Security certifications from industry organizations such as ISC2, or CompTIA.

This position is also open to qualified persons with a disability who are eligible for the 55-a Program. Please indicate at the top of your resume and cover letter that you would like to be considered for the position through the 55-a Program.

As a prospective employee of the City of New York, you may be eligible for federal loan forgiveness programs and state repayment assistance programs. For more information, please visit the U.S. Department of Education’s website at https://studentaid.gov/pslf/.

NYCHA has no residency requirements.

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.

Apply Shortlist

Cyber Security Analyst