Please note: State agencies that contact job applicants do not usually request personal or financial information via text message or over the phone in connection with your response to a job posting. If you are contacted for such information by these methods, or any other method, please verify the identity of the individual before transmitting such information to that person.
Note: For questions about the job posting, please contact the agency that posted this position by using the contact information provided on the "Contact" tab for the position.

Review Vacancy

Date Posted 11/05/19

Applications Due11/16/19

Vacancy ID75752

AgencyInformation Technology Services, Office of

TitleInformation Technology Specialist 3 (Information Security) Ref #18594-18595

Occupational CategoryI.T. Engineering, Sciences

Salary Grade23

Bargaining UnitPS&T - Professional, Scientific, and Technical (PEF)

Salary RangeFrom $73284 to $92693 Annually

Employment Type Full-Time

Appointment Type Permanent

Jurisdictional Class Non-competitive Class

Travel Percentage 0%

Workweek Mon-Fri

Hours Per Week 37.5

Workday

From 9 AM

To 5 PM

Flextime allowed? No

Mandatory overtime? No

Compressed workweek allowed? No

Telecommuting allowed? No

County Albany

Street Address CNSE-ZEN, 201 Fuller Rd., Flr 2

City Albany

StateNY

Zip Code12203

Minimum Qualifications Bachelor’s degree* in a cyber security, information assurance, or information technology related field, OR bachelor's degree with 15 credit hours in cyber security, information assurance, or informational technology AND one year of information technology experience**.

* Appropriate information security or information assurance experience may substitute for the bachelor’s degree on a year-for-year basis; an associate’s degree requires an additional two years of information technology, information security, or information assurance experience.

**Experience solely in information security or information assurance may substitute for the general information technology experience.

Preferred Qualifications
• Bachelor's Degree with a concentration or major in Information Security, Cyber Security, Digital Forensics, or a related field.
• Applicable Information Security certificate(s), including but not limited to:
o Certificate in Computer Network Defense (e.g., GCIA, GCED, GDAT, GPPA, GCDA, GMON, GWEB, CND, ECIH, GCIH)
o Certificate in Cyber Threat Intelligence (e.g., CTIA, GCTI, CCIP, CSTIR)
o Certificate in Digital Forensics (e.g., ACE, GCFA, GCFE, GREM, GNFA)
o Certificate in Penetration Testing (e.g., GPEN, CEH, GAWN, GWAPT, LPT)
• Working knowledge of:
o Computer networks with a strong understanding of networking concepts, protocols, services and operating systems (TCP/IP, UDP, DNS, DHCP, HTTP, SMTP, Windows, UNIX, Linux, etc.)
o Technical security solutions (e.g., intrusion detection/prevention systems, firewalls)
o System administration
o Vulnerability management
o Computer programming and scripting
o Information Security (CIA triad, Information Classification, Risk Management, Incident Response, Vulnerability Management, Security Architecture & Engineering)

• 1+ years’ experience in the following areas:
o Applying and implementing network and/or system security
o Information security incident response
o Cyber digital forensics
o Log analysis (e.g., firewall logs, DNS logs, proxy logs, IPS/IDS logs)
o Using SIEM technologies to support in-depth investigations
o Using computer security investigation tools (e.g. FTK)

• 2+ years’ experience in the following areas:
o Technical writing
• Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding
• Demonstrated critical thinking, problem solving and analytical skills

Duties Description Under the direction of a Supervising Cyber Analyst, Information Technology Specialist 4, SG-25, within the Chief Information Security Office, Cyber Command Center, the position will participate in team efforts to respond to cyber-attacks and conduct investigations of cyber security events reported to the NYS Cyber Command Center. The incumbent will engage in activities to protect and defend New York State’s infrastructure. In addition, the position will act as a liaison to other stakeholders to ensure that systematic activities follow NYS policies and standards and are coordinated with required teams.

The incumbent will be expected to be available during off-shift hours to respond to network attacks and intrusions and is expected to work with little direct supervision.

Specific duties include, but are not limited to:

• Engage in first and second-level analysis, remediation and escalation of cyber events, including:
o Monitor cyber incident hotline, email box and service tickets, and respond to reported events swiftly.
o Perform triage to include determining scope, urgency, and potential impact.
o Track and document events from initial detection through final resolution.
o Supervise related tasks for subordinate team members.

• Engage in cyber incident response activities, including:
o Assist with in-depth analysis (e.g. logs, packet capture, reverse engineering) during cyber investigations.
o Assist in coordinating response efforts with internal (e.g. HR, Legal) and external organizations (e.g. law enforcement, inspector general).
o Help to establish root cause and provide remediation recommendations.

• Engage in digital forensic activities:
o Participate in the collection, seizure, and handling of digital or physical evidence while maintain and documenting an appropriate chain of custody to maintain integrity.

Additionally, the incumbent will:

• Create written technical reports and executive summaries related to cyber security incidents and events.
• Correlate data and performs trend analysis and reporting.
• Perform system programming and scripting required for unit activities and supervise related tasks for subordinate team members.
• Develop written standard operating procedures and related processes.
• Establish workflows to enhance productivity of the unit.
• Develop and deliver presentations regarding cyber security threats, response, and remediation efforts.
• Maintain operational metrics related to quality, accuracy and timeliness of deliverables and performance.
• Maintain an adequate level of current knowledge and proficiency in information security through annual Continuing Professions Education (CPE) credits directly related to information security.
• Perform the full range of supervisory responsibilities.

Additional Comments Approval to fill this position is pending with Division of the Budget (DOB). Background check and fingerprinting are required.

Some positions may require additional credentials or a background check to verify your identity.

Name Krina Homrighaus

Telephone 518-473-0398

Fax 518-402-4924

Email Address HR.Recruitment@its.ny.gov

Address

Street Empire State Plaza, Swan Street Building, Core 4

PO Box 2062

City Albany

State NY

Zip Code 12220

 

Notes on ApplyingTo apply, please submit a resume and cover letter indicating that you are applying for the Information Technology Specialist 3 (Information Security) Ref: #18594-18595. Please clearly indicate how you meet the minimum qualifications for this position. Your Social Security number may be required to confirm your eligibility.

Printable Version