Review Vacancy
TitleInformation Technology Specialist 3 (Information Security)
Occupational CategoryI.T. Engineering, Sciences
Bargaining UnitPS&T - Professional, Scientific, and Technical (PEF)
Salary RangeFrom $90681 to $113650 Annually
Duties Description The Information Security and Data Privacy Office at NYSIF strives to protect the agency from the ever-growing cyber threats. Additionally, the team helps ensure NYSIF is protecting the privacy and security of our customers/employees and stays compliant with the required laws and regulations.
• Participates in the development, interpretation, review and communication of information security policies, procedures, and standards.
• Monitors information security compliance and recommends improvements.
• Supports the implementation of information security procedures and protocols and participates in security risk reviews and remediation activity including producing written reports.
• Works with internal and external partners on information security issues.
• Plans and conducts outreach programs and activities to increase cyber security awareness.
• Builds/maintains Business Continuity and Disaster Recovery documentation.
• Tracks and reports out on all security related project portfolio tasks.
• Administers or verifies training to agency employees, contractors, and third parties, as appropriate, on their responsibilities to protect agency IT and information assets.
• Develops and champions information security awareness activities.
• Supports the management and resolution of security threats to agency information systems.
• Participates in information security risk analysis and risk management processes with business and IT units.
• Collects and maintains third party vendors information for reviewing, reporting, and tracking purposes.
• Monitors external databases like the vendor risk application.
• Participates in the identification and modeling of new threat scenarios to provide proactive defensive measures to technical teams for mitigation of risk.
• Participates in the continuous monitoring and protection of third party-vendor resources and determines events that require investigation and response.
• Supports the implementation and improvement of information security incident response plans and reports.
• Participates in the investigation of alleged information security violations, follows agency procedures for referring the investigation to other investigatory entities (e.g., law enforcement, and State and federal oversight agencies), and responds to requests for information from external investigators.
• Reviews contract, service level agreement, memorandum of understanding language and other documents to verify that they meet information security needs and requirements and align with agency and State information security policies.
• Provides information security expertise, advice, and recommendations to agency executives on a broad range of information security matters.
• Keeps abreast of relevant laws and regulations that could affect the security controls and classification of information assets and communicates legal and regulatory requirements.
• Represents the Information Security and Data Privacy office at internal and external information security meetings and conferences to maintain awareness and evaluates the applicability of the latest information security techniques and tools to the agency’s security program.
Minimum Qualifications For non-competitive appointment:
• Five years of information technology, cybersecurity, or information assurance experience*.
*A bachelor's or higher-level degree in any field including or supplemented by 15 semester credit hours in computer science or related field substitutes for three years of required experience; any bachelor’s substitutes for two years of required experience.
*An associate degree with 15 semester credit hours in computer science or related field may substitute for one year of required experience. Candidates in a bachelor’s degree program with at least 15 semester credit hours in computer science or related field may substitute such credits for one year of required experience.
*A master’s degree or higher in computer science or related field substitutes for one year of required experience.
Reinstatement:
• Candidates who have held Information Technology Specialist 3 (Information Security) title, may be eligible for consideration for reinstatement.
Preferred Qualifications:
• Two years or more of cybersecurity or data privacy experience.
• One or more certifications in data privacy and/or cybersecurity.
Please be advised that the New York State Insurance Fund (NYSIF) does not offer sponsorship for employment visas to employees or potential employees. Candidates sponsored for employment by an organization should be aware of their sponsorship status and the relevant expiration date(s) of that sponsorship before applying to this position. NYSIF is not currently enrolled in eVerify, which is a requirement for certain types of employment verifications.
Additional Comments Please note, the salary range displayed includes special salary treatments, such as location pay.
For candidates new to NYS, the starting salary for this position will be the bottom of the range displayed and is not subject to negotiation. For candidates that are current NYS employees, salaries are calculated in accordance with NYS Civil Service Law, OSC Payroll rules and regulations, and negotiated union contracts.
Fringe Benefits:
• Competitive compensation
• Future career growth potential
• Open and supportive team-based environment
• Plentiful vacation, personal, and sick time off
• Paid state and federal holidays
• Affordable health insurance plans
• Dental and vision benefits provided at no additional cost
• Retirement options
• Public Student Loan Forgiveness (PSLF)
• Possibility of telecommuting, flextime, and Alternative Work Schedules (AWS)
About NYSIF:
For more information about NYSIF, including our mission, commitment to diversity, equity, and inclusion, and efforts to fulfill Executive Order 31, please visit www.nysif.com.
If you are a person with a disability and wish to request that a reasonable accommodation be provided for you to participate in a job interview, please send an email to NYSIF’s Reasonable Accommodations mailbox at ra@nysif.com.
#li-dni
Some positions may require additional credentials or a background check to verify your identity.