Please note: State agencies that contact job applicants do not usually request personal or financial information via text message or over the phone in connection with your response to a job posting. If you are contacted for such information by these methods, or any other method, please verify the identity of the individual before transmitting such information to that person.
Note: For questions about the job posting, please contact the agency that posted this position by using the contact information provided on the "Contact" tab for the position.

Review Vacancy

Date Posted 03/16/23

Applications Due04/06/23

Vacancy ID126462

AgencyInformation Technology Services, Office of

TitleInformation Technology Specialist 3 (Information Security) Ref #30476

Occupational CategoryI.T. Engineering, Sciences

Salary Grade23

Bargaining UnitPS&T - Professional, Scientific, and Technical (PEF)

Salary RangeFrom $79325 to $100342 Annually

Employment Type Full-Time

Appointment Type Permanent

Jurisdictional Class Non-competitive Class

Travel Percentage 0%

Workweek Mon-Fri

Hours Per Week 37.50


From 6 AM

To 6 PM

Flextime allowed? No

Mandatory overtime? No

Compressed workweek allowed? Yes

Telecommuting allowed? Yes

County To Be Determined

Street Address Harriman State Office Campus Bldg 5, 4th Fl

Albany or NYC

City TBD


Zip Code00000

Minimum Qualifications Bachelor’s degree* with at least 15 credit hours in cyber security, information assurance, or information technology; and two years of information technology experience, including one year of information security or information assurance experience**.

*Substitution: bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year-for-year basis; an associate's degree requires an additional two years of general information technology experience.

**Experience solely in information security or information assurance may substitute for the general information technology experience.

Preferred Qualifications:
The ideal candidate would possess one or more of the following preferred qualifications:

• Associate’s Degree with a concentration or major in Information Security, Cyber Security, Digital Forensics, Information Assurance, or a comparable IT major such as Computer Science or Computer Systems Engineering, OR 4 or more years experience in Information Security or Information Technology.
• Applicable Information Security certificate(s), including but not limited to:
- Certified Information Systems Security Professional (CISSP)
- Certificate in Information Security Fundamentals (e.g., Security+, GSEC, CISF, GISF)
- Certificate in Information Security Management (e.g., GSLC, GSTRT, GCEIT, CISM, CCISO)
- Certificate in Information Security Risk Management (e.g., CRISC, CAP, GCCC, CCSLP)
• Working knowledge of:
- computer networks, intrusion detection systems, routers, firewalls, operating systems, network vulnerability assessments, web application vulnerability assessments, computer programming and scripting
- government security and privacy mandates/regulatory compliance (e.g., HIPAA, PCI, IRS Pub 1075, CJIS)
- Information Security (CIA triad, Information Classification, Risk Management, Incident Response, Vulnerability Management, Security Architecture & Engineering)
• 4+ years’ experience in the following areas:
- applying and implementing network and/or system security, independently or as part of the responsibilities as an IT professional working in an area such as software development, identity management, networking, or database management.
- technical writing
• 2+ years’ experience in the following areas:
- information security incident response
- security policy/standard/guideline development, implementation, or interpretation
- conducting risk assessments and evaluating information technology systems for security controls (SSDLC)
- compliance assessments, audit support/response, and compliance/audit remediation
• 1+ year experience in the following areas:
- process development and process improvement
- leading an information security team
• Good oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding
• Demonstrated critical thinking, problem solving and analytical skills
• Demonstrated skill in facilitating meetings, listening, and negotiating between multiple stakeholders to drive results

Duties Description Under the direction of senior team members within the Chief Information Security Office/Information Security Engineering/Secure Architecture and Engineering section, the position will be a member of a Security Architecture team that provides security services to one or more ITS groups, and other CISO teams. The incumbent may supervise subordinate staff and will act as a lead team member providing in-depth information security consulting and services aligned with business needs of the client agencies to ensure confidentiality, integrity, and availability of information and systems.

The position requires communicating orally and in writing with various individuals including management, users, vendors, and other IT staff. The incumbent will have to work with ITS teams and upper-level agency management to resolve technically complex and politically sensitive issues under pressure.

The position requires availability during off-shift hours to ensure appropriate response to security incidents or other critical activities that may impact sensitive information, critical systems, NYS agencies, or ITS.

Specific duties include, but are not limited to:

• Assist in technical security reviews of systems and architecture.
• Identify risks in new and existing system design and architecture.
• Participate in workgroups to develop solutions and standards for IT systems.
• Provide recommendations for secure/hardened configurations of servers, platforms, networks, and other IT systems.
• Assist with resolving security threats to ITS systems.
• Serve as information security expert and evaluate systems and contracts for alignment with agency and State information security policies.
• Supervise staff and resources dedicated to the team.
• Monitor and maintain awareness of information security industry trends, tools and techniques.
• Maintain an adequate level of current knowledge and proficiency in information security through annual Continuing Professional Education (CPE) credits directly related to information security.
• Assist CISO management with overall management of division activities as needed.
• Perform additional duties as required.

Additional Comments Positions require fingerprinting.

*Please note, this position may be filled in either Albany or NYC.

Benefits of Working for NYS
Generous benefits package, worth 65% of salary, including:
• Holiday & Paid Time Off
• Thirteen (13) paid holidays annually
• Up to thirteen (13) days of paid vacation leave annually
• Up to five (5) days of paid personal leave annually
• Up to thirteen (13) days of paid sick leave annually for PEF
• Up to three (3) days of professional leave annually to participate in professional development

Health Care Benefits
• Eligible employees and dependents can pick from a variety of affordable health insurance programs
• Family dental and vision benefits at no additional cost

Additional Benefits
• New York State Employees’ Retirement System (ERS) Membership
• NYS Deferred Compensation
• Access to NY 529 and NY ABLE College Savings Programs, as well as U.S. Savings Bonds
• Public Service Loan Forgiveness (PSLF)
• Up to 50% telecommuting
• And many more.

Some positions may require additional credentials or a background check to verify your identity.

Name Khalan Cassala

Telephone 518-473-0398

Fax 518-402-4924

Email Address


Street Office of Information Technology Services

Human Resources Services - Swan Street Building, Core 4, Floor 1

City Albany

State NY

Zip Code 12242


Notes on ApplyingTo apply, please submit a resume and cover letter indicating that you are applying for the Information Technology Specialist 3 (Information Security) Ref #30476. Please clearly indicate how you meet the minimum qualifications for this position. Your Social Security number may be required to confirm your eligibility.

Some positions may require additional credentials or a background check to verify your identity. Selected candidates who are new or returning to NYS service may be required to pay for fingerprinting fees. New York State is an equal opportunity employer.

Printable Version