Specialist Cybersecurity SOC Analyst

About the position

The Specialist Cybersecurity SOC Analyst plays a crucial role in maintaining the security posture of the Metropolitan Transportation Authority's (MTA) Information Technology (IT) and Operational Technology (OT) infrastructure. This position is part of a 24/7 Security Operations Center (SOC) that continuously monitors cybersecurity alerts and events. The analyst is responsible for identifying suspicious activities, vulnerabilities, and potential threats across various attack vectors, escalating incidents, and recommending or deploying mitigation tactics. The primary objective is to safeguard the MTA's critical infrastructure and sensitive information from cyber threats posed by cybercriminals or malicious insiders. In this role, the analyst will utilize multiple data analytics tools, including Security Information and Event Management (SIEM), User and Entity Behavior Analytics (UEBA), and Artificial Intelligence (AI) technologies, to conduct thorough analyses. The analyst will collaborate with security engineers, architects, developers, vendors, and business units to enhance the overall security posture of the MTA. The position requires a focus on specific domains within cybersecurity, allowing the analyst to proactively and reactively detect, protect, and advise the organization on security matters. The responsibilities include conducting security monitoring and intrusion detection analysis using various technologies, providing incident response support, performing threat hunting across diverse environments, and identifying tactics, techniques, and procedures (TTPs) of potential threats. The analyst will also document formal incident reports, validate incident response plans, and compile data for management reporting. This role may require working outside of normal hours to support the 24/7 operations and may involve travel to other MTA locations or external sites.