Full-time / Part-time Full-time Employee Status Regular Overtime Status Exempt Job Type Experienced Travel Yes, 5 % of the Time Shift Day JobWork Hours7am to 3pm ET Target Start Date Jun 25, 2018 Target End Date Dec 31, 2018 The National Incident Response Team (NIRT), a national service provider for the Federal Reserve System, delivers effective and efficient national intrusion detection, incident response, security intelligence, threat assessment, and vulnerability assessment services for the Federal Reserve System. The mission of the National Incident Response Team is to play a leading role in the Federal Reserve Systemu2019s efforts to protect its information systems against unauthorized use. The mission of NIRTu2019s Incident Detection and Analysis team is to be an agile team that effectively detects, analyses and investigates information security incidents for its customers. The team is focused on ensuring the security and integrity of critical enterprise systems and environments through the use of various analytical data mining techniques and automated tactics. As a member of the team, this role will analyze a large volume of security event data from a variety of sources with the goal of identifying suspicious and malicious activity; perform post mortem analysis of traffic flows, conduct network forensics; perform follow up analysis throughout the incident life cycle; and complete projects and tasks associated with security monitoring, detection, and incident response. The role will interact directly with NIRTu2019s technical and business customers located across the United States. Required Skills: The candidate should possess in-depth knowledge and understanding of a breadth of information technologies and information security topics. Specifically, this should include the following: u2022u00a0Strong security platform and technology capabilities; SIEM utilization skills with the ability to review and analyze security events from various monitoring and logging sources to identify and/or confirm suspicious activity. u2022u00a0Ability to analyze large data sets and unstructured data for the purpose of identifying trends and anomalies indicative of malicious activity, as well as demonstrated capability to learn and develop new techniques. u2022u00a0Knowledge of, and experience with, TCP/IP protocol and network/packet analysis. u2022u00a0Strong knowledge of current security threats, techniques, and landscape, as well as a dedicated and self-driven desire to research current information security landscape u2022u00a0Strong conceptual and practical understanding of IT Infrastructure designs, technologies, products, and services. This should include knowledge of networking protocols, firewall functionality, host and network intrusion detection systems, operating systems, databases, encryption, load balancing, and other technologies. u2022u00a0Perform acquisition and basic to moderate static/behavioral analysis of malware specimens to determine the effects on internal systems at both the host and network level. u2022u00a0Ability to work weekends and holidays on a rotational basis with the rest of the team to ensure 24x7 coverage of Threat Analysis Center (TAC) u2013 Normal hours would be 7am to 3pm ET. u2022u00a0Ability to obtain and maintain National Security Clearance. Top 5 Required Technical Skills: 1.u00a0Network forensics 2.u00a0Linux OS/Unix utilization and forensics 3.u00a0Windows utilization and forensics 4.u00a0SIEM utilization 5.u00a0Anomaly detection Preferred Skills: u2022u00a0Hands on experience performing incident detection and analysis in a 24x7 operational environment or educational equivalent. u2022u00a0Certified Information Systems Security Professional (CISSP) or Associate (ISC)2 certified/qualified or ability to actively work towards obtaining certification. u2022u00a0GIAC Certified Intrusion Analyst (GCIA) or demonstrated skills and ability to obtain certification. Education/Certifications: u00a0Typically requires 5 years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, systems administration and over 3 yearsu2019 experience in computer network defense, computer network exploitation,u00a0incident response, computer forensics, malware reversing,u00a0cyber intelligence or engineering principles discipline. The Federal Reserve Bank of New York is committed to a diverse workforce and to providing equal employment opportunity to all persons without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, age, genetic information, disability, or military service. This position requires access to FOMC information, which is limited to Protected Individuals as defined in the U.S. federal immigration law. Protected Individuals include, but are not limited to, U.S. citizens, U.S. nationals, U.S. permanent residents who are not yet eligible to apply for naturalization and U.S. permanent residents who have applied for naturalization within six months of being eligible to do so.