Albany or NYC
Minimum Qualifications Bachelor’s degree* with at least 15 credit hours in cyber security, information assurance, or information technology; and three years of information technology experience, including two years of information security or information assurance experience**.
*Substitution: bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year-for-year basis; an associate's degree requires an additional two years of general
information technology experience.
**Experience solely in information security or information assurance may substitute for the general information technology experience.
The ideal candidate would possess one or more of the following preferred qualifications:
• Certifications in one or more of the following:
- Cyber Defense Cyber Defense (e.g., GCIH, GCED, GSOM, GSOC, GMON, GCDA, GCIA)
- Certificate in Digital Forensics (e.g., ACE, GCFA, GCFE, GREM, GNFA)
- Certificate in Cyber Threat Intelligence (e.g., CTIA, GCTI, CCIP, CSTIR)
- Certificate in Penetration Testing (e.g., GPEN, CEH, GAWN, GWAPT, LPT)
• 3+ years’ experience in the following areas:
- Cyber incident response
- Cyber digital forensics
- log analysis (e.g., firewall logs, DNS logs, proxy logs, IPS/IDS logs)
- using SIEM technologies to support in-depth investigations
- using computer security investigation tools (e.g. FTK).
• 1+ years’ experience in the following areas:
- computer programming and scripting
- technical writing
- applying and implementing network and/or system security
• Strong understanding of enterprise IT environments, including but not limited to system administration, network architecture, operating systems, endpoint detection and response tools, and network-based security solutions (e.g., IDS/IPS, firewalls).
• Strong understanding of the foundations of Information Security, such as the CIA triad, information classification, identity and access management, risk management, vulnerability management, secure architecture and engineering, network security, software development security, etc.
• Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding.
• Demonstrated critical thinking, problem solving and analytical skills.
Duties Description Under the direction of senior team members within the Chief Information Security Office/Cyber Command Center/Cyber Incident Response Team, the incumbent will respond to cyber-attacks and conduct investigations of cyber security events reported to the Cyber Command Center. Response efforts may include log analysis, malware analysis, network capture analysis, reverse engineering of malicious code, computer forensics, network forensics, and post intrusion analysis.
The desired candidate should have experience with cyber security, digital forensics, computer networks, intrusion detection systems, routers, firewalls, operating systems, network vulnerability assessments, and web application vulnerability assessments. Other desired skills include computer programming, scripting, databases, database queries, and reporting. Excellent written and verbal communication skills are essential.
This position requires off-shift work on an ad-hoc basis and occasional travel. The incumbent will perform incident response and digital forensic activities as part of cyber incident investigations.
Duties include, but are not limited to:
• Supervise and Perform Incident Response and Forensic activities related to computer security incidents.
• Administer and utilize specialized computer investigation tools, techniques, procedures.
• Perform IR coordination efforts with internal and external organizations (i.e.: law enforcement or inspector general).
• Collect/seize evidence and maintain chain of custody.
• Perform digital forensic analysis and supervise related tasks for subordinate team members.
• Perform malware analysis and supervise related tasks for subordinate team members.
• Perform log analysis and supervise related tasks for subordinate team members.
• Identify elements discovered during investigations for their potential use as evidence to prove a crime or other violation has been committed.
• Perform all phases of research maintenance and support of digital forensics lab infrastructure. This will include but not limited to evidence handling, tracking evidence inventory, setting up and maintaining appropriate hardware and software tools to facilitate incident response, digital forensics, and support ongoing research, including malware analysis and reverse engineering etc.
• Create written technical reports and executive summaries related to cyber security incidents, events and metrics.
• Review work products from subordinate team members.
• Develop written standard operating procedures and related processes, and establish workflows to enhance productivity for Cyber Incident Response Team.
• Provide training, guidance, and act as a mentor to subordinate team members.
• Interface with executive management as required.
• Perform the full range of supervisory responsibilities.
Additional Comments Background check and fingerprinting are required.
*Please note, this position may be filled in either Albany or NYC.
Benefits of Working for NYS
Generous benefits package, worth 65% of salary, including:
• Holiday & Paid Time Off
• Thirteen (13) paid holidays annually
• Up to thirteen (13) days of paid vacation leave annually
• Up to five (5) days of paid personal leave annually
• Up to thirteen (13) days of paid sick leave annually for PEF
• Up to three (3) days of professional leave annually to participate in professional development
Health Care Benefits
• Eligible employees and dependents can pick from a variety of affordable health insurance programs
• Family dental and vision benefits at no additional cost
• New York State Employees’ Retirement System (ERS) Membership
• NYS Deferred Compensation
• Access to NY 529 and NY ABLE College Savings Programs, as well as U.S. Savings Bonds
• Public Service Loan Forgiveness (PSLF)
• Up to 50% telecommuting
• And many more.
Some positions may require additional credentials or a background check to verify your identity.
Human Resources Services - Swan Street Building, Core 4, Floor 1
Notes on ApplyingTo apply, please submit a resume and cover letter indicating you are applying for Information Technology Specialist 4
(Information Security) Ref #30479. Please clearly indicate how you meet the minimum qualifications for this position. Your Social Security number may be required to confirm your eligibility.
Some positions may require additional credentials or a background check to verify your identity. Selected candidates who are new or returning to NYS service may be required to pay for fingerprinting fees. New York State is an equal opportunity employer.