Counter Threat Automation (CTA) Engineer Intern
ABOUT NEW YORK CITY CYBER COMMAND
New York City Cyber Command (NYC3) is committed to protecting City systems that provide vital services to New Yorkers from cyber threats, and helping residents become safer in their digital lives.
As the organization defending the largest municipality in the country, NYC3 is charged with directing citywide incident response, setting citywide cybersecurity policies and standards and working with city agencies to strengthen their cyber defenses.
The Counter Threat Automation - Content Engineering Intern within NYC Cyber Command (NYC3) performs many critical functions within the Threat Management discipline. Chief among these functions is providing the key verticals of the Threat Management team with adequate support and proactive development and deployment of security-driven content. Security-driven content should enable the improvement of the security posture, quality of alerts and detections. This role is explicitly for a content engineering intern with interest in data correlation and content engineering as well as developing and deploying security content to improve the security posture of tools, technologies, and processes. Following are the expected responsibilities:
-Design and implement solutions that enhances the security posture of tools across multiple platforms;
-Develop security content for tools and technologies that the Threat Management team relies on to ensure business as usual functioning;
-Integrate innovative and custom technology to improve accuracy of alerts and notifications received by teams within Threat Management;
-Create well documented and clearly articulated code, process and services documentation;
-Understanding REST and SOAP API usage and implementing solutions utilizing APIs from NYC3 utilized solutions, that enhance detection and response capabilities of the NYC3 Threat Management;
- Proficient in Python;
- Experience building security driven content on key infrastructures such as email appliances; endpoint platforms, network appliances including firewalls, proxies and IPS/IDS systems;
- Experience using Next-Gen SIEM’s such as Splunk, Elastic to create rules and alerts;
- Experience building correlation rules and alerts on log management platforms;
- Experience building policies and rules on email and network platforms;
- Proficient in git version control and git life-cycle development;
- Excellent verbal and written communication skills are required.
MINIMUM QUALIFICATION REQUIREMENTS
All candidates must be enrolled in a degree bearing program at an accredited institution.
- A basic understanding of Agile development model.
- Basic proficiency in front-end technologies : React.js, CSS3, and HTML5
- Understanding of fundamental design principles behind scalable applications.
- Understanding of cyber security incident response and willingness to assist in incident response duties.
- Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Due to the current COVID-19 crisis, this opportunity will be remote and unpaid.
Summer Internships are full time internships for students in degree bearing programs at an accredited institution. This classification of interns must show either proof of their university giving academic credit, or funding from their university or an authorized 3rd party.
The length of the internship cannot exceed 13 weeks and must take place between the start of June and the end of August. Students are required to work a minimum of 17 hours per week.
NYC3 will provide a computer for this internship period, students will be required to have their own internet connectivity.