Please note: State agencies that contact job applicants do not usually request personal or financial information via text message or over the phone in connection with your response to a job posting. If you are contacted for such information by these methods, or any other method, please verify the identity of the individual before transmitting such information to that person.

Review Vacancy

Date Posted 11/27/23

Applications Due12/11/23

Vacancy ID144834

AgencyState Comptroller, Office of the

TitleInformation Technology Specialist 2 (Information Security), Item 00544

Occupational CategoryI.T. Engineering, Sciences

Salary Grade18

Bargaining UnitPS&T - Professional, Scientific, and Technical (PEF)

Salary RangeFrom $63108 to $80248 Annually

Employment Type Full-Time

Appointment Type Contingent Permanent

Jurisdictional Class Competitive Class

Travel Percentage 0%

Workweek Mon-Fri

Hours Per Week 37.5

Workday

From 8 AM

To 4 PM

Flextime allowed? No

Mandatory overtime? No

Compressed workweek allowed? No

Telecommuting allowed? Yes

County Albany

Street Address Office of the New York State Comptroller

110 State Street

City Albany

StateNY

Zip Code12236

Minimum Qualifications Bachelor’s degree* with 15 credit hours in Cyber Security, Information Assurance, or Information Technology OR bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology, requires an additional year of general information technology experience to qualify. **

*Substitution: bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year for-year basis; an associate's degree requires an additional two years of general information technology experience.

**Experience solely in information security or information assurance may substitute for the general information technology experience.

Duties Description • Perform security event monitoring and network traffic analysis using a Security Information and Event Management (SIEM) system and Microsoft Defender for Cloud Apps.
• Prioritize and differentiate between potential security events and false positives.
• Escalate priority security events to the Computer Security Incident Response Team (CSIRT) per standard operating procedures.
• Assist with the ongoing maintenance of the SIEM technology including, but not limited to, daily/weekly checklists and identifying and resolving issues.
• Assist incident responders to investigate and resolve computer security incidents.
• Research current vulnerabilities, attacks, and analysis techniques.
• Research current vulnerabilities, attacks, and analysis techniques.
• Perform incident handling activities to assist with the response to security incidents.
• Perform incident response activities including, but not limited to, investigating security incidents, performing threat analysis, and providing guidance/recommendations.
• Perform proactive incident response activities to detect potential security incidents.
• Research new digital forensic and incident response tools, techniques, and methodologies.
• Perform phishing email triage on reported suspicious emails.
• Perform and continuously improve proactive techniques to identify security events within the IT infrastructure.
• Assist with the vulnerability management process.
• Perform compliance activities for the vulnerability management process.
• Perform analysis and provide guidance on vulnerabilities disclosures, vulnerabilities reports, and internal assessments.
• Communicate exposed vulnerabilities to assist with proactive investigative activities to verify if any exposed vulnerabilities were taken advantage of by attackers.
• Review and perform analysis on vulnerability scanning results.
• Perform security compliance reviews and assessments.
• Write security articles related to issues important to OSC.
• Research security best practices for articles to include on the Information Security Office (ISO) website.

Additional Comments Knowledge, Skills, and Abilities:
• Working knowledge of:
a. Information security, offensive security, network vulnerability assessments, web application vulnerability assessments, and vulnerability scanning.
b. Networking, routers, firewalls, and operating systems.
• Ability to maintain sensitive and confidential information.
• Excellent verbal and written communication skills, including the ability to clearly articulate information technology and information security concepts.
• Strong analytical thinker with excellent troubleshooting and problem-solving skills.

Telecommuting:
The Office of the New York State Comptroller (OSC) supports telecommuting where it is reasonable to do so based upon the agency’s mission and operational needs. Generally, employees new to OSC will be restricted from telecommuting for at least 8 calendar weeks. After the initial 8 calendar week restriction, if an employee’s duties and work performance are aligned with telecommuting they may be allowed to do so. Upon approval to telecommute, OSC employees may telecommute up to 5 days per pay period.

Some positions may require additional credentials or a background check to verify your identity.

Name Erin M. Zielinski

Telephone (518) 474-1924

Fax (518) 486-6723

Email Address recruit@osc.state.ny.us

Address

Street Office of Human Resources

110 State Street, 12th Floor

City Albany

State NY

Zip Code 12236

 

Notes on ApplyingSubmit a clear, concise cover letter, resume, and a completed copy of this template: https://osc.ny.gov/files/Jobs/docs/00544-information-technology-specialist-2-info-sec-mq-template-112023.docx via email to recruit@osc.ny.gov no later than December 11, 2023. Documents must be sent as unlocked and accessible attachments.
Reference Item?#00544 - EMZ?in the subject line of your email and on your cover letter for proper routing.

Important Notes: To access the required template, copy the link above and paste it into your web browser, then download, complete, and save to submit with your email response. You MUST complete the linked template in full to demonstrate you meet the minimum qualifications for this position. Interview selection is based SOLELY on the information you provide in this document, incomplete or vague information will not be viewed in your favor.

If you have questions about this vacancy, please contact this Division representative:
Division contact: Lisamarie Astarita, CIO_HR@osc.ny.gov

When responding, please include the reference number from this section only. The StateJobsNY Vacancy ID # should not be included.

Printable Version