Please note: State agencies that contact job applicants do not usually request personal or financial information via text message or over the phone in connection with your response to a job posting. If you are contacted for such information by these methods, or any other method, please verify the identity of the individual before transmitting such information to that person.
Note: For questions about the job posting, please contact the agency that posted this position by using the contact information provided on the "Contact" tab for the position.

Review Vacancy

Date Posted 07/22/21

Applications Due08/01/21

Vacancy ID89176

AgencyInformation Technology Services, Office of

TitleManager Information Technology Services 1 (Information Security) Ref #16845

Occupational CategoryI.T. Engineering, Sciences

Salary Grade27

Bargaining UnitPS&T - Professional, Scientific, and Technical (PEF)

Salary RangeFrom $90375 to $111316 Annually

Employment Type Full-Time

Appointment Type Permanent

Jurisdictional Class Non-competitive Class

Travel Percentage 0%

Workweek Mon-Fri

Hours Per Week 37.5


From 9 AM

To 5 PM

Flextime allowed? No

Mandatory overtime? No

Compressed workweek allowed? Yes

Telecommuting allowed? Yes

County Albany

Street Address 201 Fuller Road, Flr 2

City Albany


Zip Code12203

Minimum Qualifications Bachelor’s degree* and five years of information technology experience, including three years of information security or information assurance experience.

* Appropriate information security or information assurance experience may substitute for the bachelor’s degree on a year-for-year basis; an associate’s degree requires an additional two years of information technology, information security, or information assurance experience. Experience solely in information security or information assurance may substitute for the general information technology experience.

Preferred Qualifications
• Bachelor’s Degree with a concentration or major in Information Security, Cyber Security, Digital Forensics, Information Assurance, or a related field
• Applicable Information Security certificate(s), including but not limited to:
o Certified Information Systems Security Professional (CISSP)
o Certificate in Information Security Management (e.g., GSLC, GSTRT, GCEIT, CISM, CCISO)
o Certificate in Information Security Risk Management (e.g., CRISC, CAP, GCCC, CCSLP)
• Working knowledge of:
o computer networks, intrusion detection systems, routers, firewalls, operating systems, network vulnerability assessments, web application vulnerability assessments, computer programming and scripting
o government security and privacy mandates/regulatory compliance (e.g., HIPAA, PCI, IRS Pub 1075, CJIS)
o Information Security (CIA triad, Information Classification, Risk Management, Incident Response, Vulnerability Management, Security Architecture & Engineering)
o business intelligence, data analysis, data modeling, data visualization, and data presentation
o Information Security Frameworks (NIST Cyber Security Framework, CIS Controls, ISO 2700 series)
o IT Management Frameworks (ITIL, COBIT)
• 4+ years’ experience in technical writing
• 3+ years’ experience in the following areas:
o leading an information security team
o applying and implementing network and/or system security
o information security incident response
o security policy/standard/guideline development, implementation, or interpretation
o conducting risk assessments and evaluating information technology systems for security controls (SSDLC)
o compliance assessments, audit support/response, and compliance/audit remediation
• 1+ year experience in the following areas:
o developing metrics and key performance indicators
o process development and process improvement
• Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding
• Demonstrated critical thinking, problem solving and analytical skills
• Demonstrated skill in facilitating meetings, listening, and negotiating between multiple stakeholders to drive results

Duties Description Under the direction of a Senior Information Security Officer, MITS 2 [SG 29] or MITS 2 [M3], within the Chief Information Security Office/Integrated Security Services/Security Services Team the position will lead a Security Services Team that provides security services to one or more ITS Portfolios and their client agencies. The incumbent will lead their team in providing in-depth information security consulting and services aligned with business needs of the client agencies to ensure confidentiality, integrity, and availability of information and systems.

The position requires an incumbent to act with a great deal of independence in alignment with agency and upper-level management strategic direction. The position requires communicating orally and in writing with various individuals including management, users, vendors, and other IT staff. The incumbent must be able to communicate clearly with subordinate staff regarding work priorities and performance. The incumbent will have to work with ITS teams and upper-level agency management to resolve technically complex and politically sensitive issues under pressure.

The position requires availability during off-shift hours to ensure appropriate response to security incidents or other critical activities that may impact sensitive information, critical systems, NYS agencies, or ITS.

Specific duties include, but are not limited to:
• Manages and implements information security and compliance programs.

• Manages and resolves security threats to agency information systems.

• Serves as information security expert, and evaluates systems and contracts for alignment with agency and State information security policies.

• Manages staff and resources dedicated to the Security Services Teams.

• Monitors and stays aware of information security industry trends, tools and techniques.

• In addition:
o Maintains an adequate level of current knowledge and proficiency in information security through annual Continuing Professional Education (CPE) credits directly related to information security;
o Assists CISO management with overall management of division activities as needed;
o Performs additional duties as required.

Additional Comments Approval to fill this position is pending with Division of the Budget (DOB). Background check and fingerprinting are required.

Some positions may require additional credentials or a background check to verify your identity.

Name Louise C. Nails

Telephone 518-473-5282

Fax 518-402-4924

Email Address


Street Office of General Services, Human Resources Management

26th Floor, Corning Tower

City Albany

State NY

Zip Code 12242


Notes on ApplyingTo apply, please submit a resume and cover letter to Louise C. Nails, indicating that you are applying for Manager Information Technology Services 1 (Information Security) Ref: #16845. Please clearly indicate how you meet the minimum qualifications for this position. Your Social Security number may be required to confirm your eligibility.

Printable Version