Position Information

NY HELPNo

AgencyInformation Technology Services, Office of

TitleNYSOC Site Manager, Manager Information Technology Services 2 (Information Security), ref #5729

Occupational CategoryI.T. Engineering, Sciences

Salary Grade29

Bargaining UnitPS&T - Professional, Scientific, and Technical (PEF)

Salary RangeFrom $114976 to $140815 Annually

Employment Type Full-Time

Appointment Type Contingent Permanent

Jurisdictional Class Non-competitive Class

Travel Percentage 0%

Schedule

Workweek Mon-Fri

Hours Per Week 37.5

Workday

From 8 AM

To 5 PM

Flextime allowed? No

Mandatory overtime? No

Compressed workweek allowed? Yes

Telecommuting allowed? Yes

Location

County Albany

Street Address 31 British American Blvd, Latham

OR NYC or other locations statewide*

City TBD

StateNY

Zip Code00000

Job Specifics

Duties Description Under the direction of senior leadership within the Office of Information Technology Services Chief Information Security Office, the incumbent will provide technical direction, vision, and management oversight of all NYS Security Operations Center (NYSOC) functions and personnel in one of the NYSOC locations. The NYSOC is a team of analysts who serve as the primary point for the intake, triage, response, and escalation of a wide variety of security events for NYS systems statewide. The NYSOC is also responsible for the ingestion and response to all forms of vulnerability announcements and threat intelligence received from many third parties such as vendors, DHS CISA, MS-ISAC, NYSP, and other sources of open-source intelligence.
This position requires the incumbent to possess an excellent understanding of the current cyber threat landscape, the tactics, techniques, and procedures commonly leveraged, and the steps necessary to swiftly identify and contain a potential cyber threat. This position also requires the incumbent to have a good understanding of the complexity and architecture design commonly employed in large enterprise IT environments. Additionally, this position requires an incumbent to act with a great deal of independence in alignment with agency and upper-level management strategic direction.
Due to the nature of the work performed by the NYSOC, this position requires availability during off-shift hours to ensure appropriate response to security incidents or other critical activities as needed.
Duties include, but are not limited to:
• Lead and manage operations for the assigned location of the NYS Security Operations Center (NYSOC), providing technical direction and support for the NYSOC program.
• Drive the strategic goals for the NYSOC, aligned with the strategic direction of ITS and CISO.
• Participate in and oversee the security event intake, triage, and response process as a subject matter expert in security event analysis.
• Participate in supporting a robust threat intelligence response and threat hunting program within the NYSOC to ensure a timely and effective response to new cyber threats.
• Provide inputs and feedback to appropriately tune the NYSOC tech stack such as SOAR, endpoint detection and response (EDR) tools, antivirus/antimalware, and security incident and event management (SIEM) to improve the quality of generated alerts.
• Ensure the adherence to NYSOC standard operating procedures and performance standards and provide feedback and suggestions for improvement when appropriate.
• Provide support and mentorship to shift leaders and analysts and track their progress in the NYSOC training program to ensure staff have the skills needed to effectively perform the job.
• Review metrics and key performance indicators for NYSOC operations to identify areas for improvement.
• Coordinate with NYSOC sites and work with the operations and customers on cyber security events monitoring, notification, escalation, and containment.
• Perform the full range of supervisory responsibilities.

Minimum Qualifications Bachelor’s degree* with at least 15 credit hours in cyber security, information assurance or information technology and five years of information technology experience, including four years of information security or information assurance experience and three years at a supervisory level or one year at a managerial level.

* Bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year-for-year basis; an associate's degree requires an additional two years of general information technology experience. Experience solely in information security or information assurance may substitute for the general information technology experience.

Preferred qualifications:
The ideal candidate would possess one or more of the following preferred qualifications:
• Certifications in one or more of the following:
o Cyber Defense (e.g., GCIA, GCIH, GCED, GSOM, GSOC, GMON, GCDA)
o Cyber Threat Intelligence (e.g., GCTI, CTIA, CCIP, GOSI)
o Information Security Management (e.g., CISSP, CISM, CCISO)
• 5+ years’ experience in one or more of the following:
o Working as a senior SOC analyst
o Conducting log analysis (e.g., firewall logs, DNS logs, proxy logs, IDS/IPS logs)
o Using SIEM technologies to support in-depth investigations.
• 3+ years’ experience in one or more of the following:
o Working as a SOC manager or team lead
o Participating in cyber incident response
• Strong understanding of enterprise IT environments, including but not limited to system administration, network architecture, operating systems, endpoint detection and response tools, and network-based security solutions (e.g., IDS/IPS, firewalls).
• Strong understanding of the foundations of Information Security, such as the CIA triad, information classification, identity and access management, risk management, vulnerability management, secure architecture and engineering, network security, software development security, etc.
• Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding.
• Demonstrated critical thinking, problem solving and analytical skills.

Additional Comments Background check and fingerprinting are required.


Additional details on work shift will be discussed at time of interview.


*Please note, this position may be filled in either Latham, NYC, or other locations statewide.

Benefits of Working for NYS
Generous benefits package, worth 65% of salary, including:
• Holiday & Paid Time Off
• Thirteen (13) paid holidays annually
• Up to thirteen (13) days of paid vacation leave annually
• Up to five (5) days of paid personal leave annually
• Up to thirteen (13) days of paid sick leave annually for PEF
• Up to three (3) days of professional leave annually to participate in professional development

Health Care Benefits
• Eligible employees and dependents can pick from a variety of affordable health insurance programs
• Family dental and vision benefits at no additional cost

Additional Benefits
• New York State Employees’ Retirement System (ERS) Membership
• NYS Deferred Compensation
• Access to NY 529 and NY ABLE College Savings Programs, as well as U.S. Savings Bonds
• Public Service Loan Forgiveness (PSLF)
• Up to 50% telecommuting
• And many more.

Some positions may require additional credentials or a background check to verify your identity.

Contact Information

Name Charlene Maroni

Telephone 518-473-0398

Fax 518-402-4924

Email Address PostingResponses@its.ny.gov

Address

Street Office of IT Services Human Resources Management

Empire State Plaza, Swan Street Building, Core 4, 1st Floor

City Albany

State NY

Zip Code 12242

 

Notes on ApplyingTo apply, please submit a resume and cover letter indicating that you are applying for Manager Information Technology Services 2 (Information Security), Ref#5729 and include the vacancy ID in your subject line. Please clearly indicate how you meet the minimum qualifications for this position. Your Social Security number may be required in order to confirm eligibility.

Some positions may require additional credentials or a background check to verify your identity. Selected candidates who are new or returning to NYS service may be required to pay for fingerprinting fees. New York State is an equal opportunity employer.