Senior CERT Specialist

About the role

The Office of Technology and Innovation (OTI) leverages technology to drive opportunity, improve public safety, and help government run better across New York City. From delivering affordable broadband to protecting against cybersecurity threats and building digital government services, OTI is at the forefront of how the City delivers for New Yorkers in the 21st century. Follow us on social media @NYCOfficeofTech, and visit www.nyc.gov/oti to learn more. At OTI, we offer great benefits, and the chance to work on projects that have a meaningful impact on millions of people. You'll have the opportunity to work with cutting-edge technology and collaborate with other passionate professionals who share your drive and commitment to making a difference through technology. New York City Cyber Command is seeking a Senior Computer Emergency Response Team (CERT) Specialist to serve the City of New York as an advanced-level cybersecurity Digital Forensics and Incident Response (DFIR) practitioner. Reporting to the CERT Lead and serving as a senior technical authority above CERT Specialists, the Senior CERT Specialist guides the development, enhancement, and deployment of citywide incident response policies, procedures, and capabilities. This role is a primary technical escalation point for high-profile cybersecurity incidents impacting City agencies, particularly during identification, containment, and eradication phases, and provides technical mentorship to junior CERT Specialists. The CERT team engages in malware analysis, digital forensics, campaign assessments, and threat hunts, harmonizing response activities among OTI-Cyber Command, City agencies, state/federal government, and private entities. The Senior CERT Specialist will work alongside internal teams including cyber threat intelligence, counter-threat automation, urban technology, and data science to innovate detection, investigation, response, and remediation methods and capabilities. Responsibilities will include: - Serve as a senior technical escalation point for high-profile cybersecurity incidents, supporting the CERT Lead in ensuring 24x7 operational readiness; - Lead complex incident response engagements end-to-end, coordinating activities among City departments, external partners, and state, federal, and private entities; - Provide technical mentorship, peer review, and on-the-job training to CERT Specialists, including guidance on forensic methodology, analytical rigor, and report quality; - Act as a subject matter expert in investigating cybersecurity incidents through advanced log, file, and malware analysis; - Perform and oversee memory, network, disk, and cloud forensics across enterprise environments (AWS, Azure, GCP); - Devise and validate remediation strategies and assist affected City agencies in containing, eradicating, and recovering from cybersecurity incidents; - Lead the development of post-incident action plans and root-cause analyses to improve Mean Time to Detect, Respond, and Recover/Restore; - Design, build, and enhance cyber-incident detection tools, automation, and response capabilities, including custom tooling and detection content; - Partner with cyber threat intelligence teams to operationalize indicators, TTPs, and campaign intelligence into proactive countermeasures and threat hunts; - Design, lead, and facilitate cyber tabletop exercises with City departments to identify capability gaps, procedural weaknesses, and critical infrastructure dependencies; - Contribute to the development, review, and continuous improvement of citywide incident response policies, playbooks, and standard operating procedures; - Assist NYC agencies in maturing their cyber incident response programs through direct consultation and capability assessments; - Maintain current knowledge of cyber threat campaigns, adversary tradecraft, and emerging vulnerabilities, and share that knowledge across the team; - Participate in on-call rotation, which may require rotational weekday/weekend coverage; - Handle special projects and initiatives as assigned. HOURS/SHIFT Day - Due to the necessary technical duties of this position in a 24/7 operation, candidate may be required to work various shifts such as weekends and/or nights/evenings. WORK LOCATION Brooklyn, NY TO APPLY * Interested applicants with other civil service titles who meet the preferred requirements should also submit a resume for consideration Please go to www.cityjobs/jobs/search and search for Job ID #781696 SUBMISSION OF A RESUME IS NOT A GUARANTEE THAT YOU WILL RECEIVE AN INTERVIEW APPOINTMENTS ARE SUBJECT TO OVERSIGHT APPROVAL OTI participates in E-Verify IT SECURITY SPECIALIST - 95622 A baccalaureate degree from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the particular position; or, Education and/or experience which is equivalent to "1" above. The City of New York is an inclusive equal opportunity emplo