Senior Cyber Security Analyst (IAM)
White Plains, US
Full Time Senior-level / Expert USD 108K - 140K
New York Power Authority
Summary
The Senior Cyber Security Analyst – Identity and Access Management, in conjunction with the Identity and Access Management Program Lead and organizational business units, is responsible for the delivery and support of NYPA’s critical identity infrastructure. Ensures the confidentiality, integrity, and availability of NYPA information through the establishment of security controls, governance instruments (policies, standards), and associated identity processes. Facilitates the use of technology-based tools or methodologies to review, design and/or implement products and services to provide a strong IAM program that balances access with compliance and confidentiality.
- Collaborate with the IAM Program Lead on the design, implementation and management of key IAM systems (Active Directory, Azure, PAM)
- Enforce the principle of least privilege, ensuring users only have access to what they need
- Work closely with Cyber Governance teams on the development and maintenance of IAM policies and procedures to ensure compliance with NYPA Cyber standards and policies
- Oversee user account lifecycle, including provisioning, updates, deactivation, and deletion
- Collaborate with key NYPA Cyber Operations team members to investigate and troubleshoot IAM-related incidents to identify root causes and prevent future occurrences
- Identity management familiarity in one or more of the following areas
- Industry leading Privileged Access Management (PAM) solutions, specifically Privilege Cloud Implementations
- Safe Design and Account Privileged Account onboarding
- Experience with Customer Identity Management Solutions preferred
- Familiarity with Access Management concepts with industry leading Multi-Factor authentication and passwordless authentication solutions
#LI-JP1
Responsibilities
- Ensure the development, implementation and refinement of security policies, procedures, and programs to protect the New York Power Authority’s Information Technology cyber assets and enterprise digital ecosystem on premise and in cloud which include computers, networks, telecommunications equipment, data centers, and firewalls.
- Develop recommendations for IT Solutions based on business requirements; includes understanding and documenting business needs.
- Develop, implement, and monitor and enforce appropriate cyber security policies and standards pertaining to security, account access and control, incident and escalation reporting, intrusion detection, data protection and threat vulnerability management.
- Threat and vulnerability management, remediation, and oversight.
- Cyber Security Awareness and Education program management.
- Assist with the configuration of and monitoring health of NYPA Cyber Security Services and Technologies.
- Create, maintain, and manage documentation on cyber security assets, tools, and software.
- Collaborate with other IT disciplines as necessary to achieve Cyber Security outcomes.
Knowledge, Skills and Abilities
- Strong understanding of interactions of applications, operating systems, and hardware configurations to produce high quality technically sound solutions.
- Robust understanding of IT industry trends and tools as they apply to providing solutions to stated business issues and opportunities.
- Comprehensive understanding of the IT system infrastructure and network topology, familiarity with cyber security strategies and Security Information and Event Management (SIEM) tools.
- Strong knowledge of cyber security policies and practices found throughout both the public and private sectors.
- Ability to understand and communicate complex IT security and policy planning.
- Demonstrated analytical problem-solving skills and practical cyber security experience.
- Ability to communicate complex technical and security related concepts to a broad range of technical and non-technical staff.
- Demonstrated ability to assist in managing complex projects as required.
Education, Experience and Certifications
- Associate's Degree / Military Veteran required with minimum 7 years of experience in Information Technology or Cyber Security
Preferred Education/Experience:
- Bachelor’s degree with minimum 5 years of experience in Information Technology
- Industry Certification such as CISSP or CISM certification, or equivalent
Physical Requirements
May be required to respond Cyber Security alerts and communicate during off hours.
The New York Power Authority is committed to providing fair, competitive, and market-informed compensation. The target salary range for this position is: $108,060.00 - $140,000.00. The salary offered will be determined based on the successful candidates’ relevant experience, knowledge, skills, and abilities.
The New York Power Authority and Canal Corporation believes that diversity, equity, and inclusion drive our success, and we encourage women, people of color, LGBTQIA+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents and veterans to apply. As an equal opportunity employer, NYPA/Canals is committed to building inclusive, innovative work environments with employees who reflect communities across New York and enthusiastically serve them. We proudly celebrate diversity and do not discriminate based on race/color, creed/religion, national origin, citizenship or immigration status, age, disability, military status, gender/sex, sexual orientation, gender identity/expression, pregnancy and related conditions, familial/marital status, domestic violence victim status, predisposing genetic characteristics, arrest/criminal conviction record or any other category protected by law.
NYPA/Canals will also provide reasonable accommodations during the hiring process related to candidates’ disabilities, pregnancy-related conditions, religious observances/practices and/or domestic violence concerns. To request an accommodation, please email accessibility@nypa.gov.
Tags: Active Directory Azure CISM CISSP Cloud Compliance Firewalls Governance IAM Intrusion detection Monitoring SIEM Vulnerability management
Perks/benefits: Competitive pay Equity
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Editor jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Java-related jobs
- Open Forensics-related jobs
- Open EDR-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs