Review Vacancy
AgencyInformation Technology Services, Office of
TitleInformation Technology Specialist 3 (Information Security) Ref #18751
Occupational CategoryI.T. Engineering, Sciences
Bargaining UnitPS&T - Professional, Scientific, and Technical (PEF)
Salary RangeFrom $77770 to $98372 Annually
Minimum Qualifications Bachelor’s degree* with at least 15 credit hours in cyber security, information assurance, or information technology; and two years of information technology experience, including one year of information security or information assurance experience**.
*Substitution: bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year-for-year basis; an associate's degree requires an additional two years of general information technology experience.
**Experience solely in information security or information assurance may substitute for the general information technology experience.
Preferred Qualifications:
• Bachelor’s Degree with a concentration or major in Information Security, Cyber Security, Digital Forensics, Information Assurance, or a related field
• Applicable Information Security certificate(s), including but not limited to:
o Certificate in Computer Network Defense (e.g., GCIA, GCED, GDAT, GPPA, GCDA, GMON, GWEB, CND, ECIH, GCIH)
o Certificate in Cyber Threat Intelligence (e.g., CTIA, GCTI, CCIP, CSTIR)
o Certificate in Digital Forensics (e.g., ACE, GCFA, GCFE, GREM, GNFA)
o Certificate in Penetration Testing (e.g., GPEN, CEH, GAWN, GWAPT, LPT)
• 2+ years’ experience in technical writing
• 1+ years’ experience in the following areas:
o Applying and implementing network and/or system security.
o Information security incident response.
o Cyber digital forensics.
o Log analysis (e.g., firewall logs, DNS logs, proxy logs, IPS/IDS logs)
o Using SIEM technologies to support in-depth investigations
o Using computer security investigation tools (e.g. FTK).
Working knowledge of:
o computer networks, intrusion detection systems, routers, firewalls, operating systems, network vulnerability assessments, web application vulnerability assessments, computer programming and scripting
o network security solutions (e.g., intrusion detection/prevention systems, firewalls)
o system administration
o vulnerability management
o computer programming and scripting
o Information Security (CIA triad, Information Classification, Risk Management, Incident Response, Vulnerability Management, Security Architecture & Engineering)
• Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding
• Demonstrated critical thinking, problem solving and analytical skills
Duties Description Under the direction and support of senior team members within the CISO/Integrated CyberCommand Center/Threat Detection and Analysis section, the position will be a member of the team that is responsible for advanced security event detection and threat analysis activities. The incumbent will perform research and analysis of security events, implement and test new IDS/IPS rules, and utilize the SIEM platform to efficiently search for indicators of compromise and events across multiple log sources.
The position requires communicating orally and in writing with various individuals including management, users, vendors, and other IT staff. The position requires availability during off-shift hours to ensure appropriate response to security incidents or other critical activities that may impact sensitive information, critical systems, NYS agencies, or ITS.
Specific duties include, but are not limited to:
• Perform analysis of security events/incidents, traffic anomalies, and suspicious traffic/behavior;
• Configure, tune, and test new IDS/IPS rules based on in-depth security analysis, emerging threats, and previous incidents;
• Conduct proactive and reactive threat and vulnerability research, intelligence gathering and analysis, and provide recommendations as necessary;
• Configure and tune Security Information Event Management (SIEM) platform to validate log sources, eliminate noise and false positives, and distill intelligence feeds
• Configure SIEM with custom alert schema, reports, dashboards and use cases based on trends and data models relevant to the current threat landscape
• Assist staff, customers, and partners in technical problem resolution, as necessary;
• Provide direction and support to security engineering staff to perform more complex security analysis, design, and implementation;
• Lead moderately complex security projects as assigned;
• Maintain a working knowledge of information security best practices;
• Support CISO project initiatives and all other projects as assigned
Additional Comments Background check and fingerprinting are required.
Some positions may require additional credentials or a background check to verify your identity.
Email Address HRresumes@ogs.ny.gov
Address
Street NYS Office of General Services, Human Resources Management
Empire State Plaza, Corning Tower, Floor 26
Notes on ApplyingTo apply, please submit a resume and cover letter indicating that you are applying for the Information Technology Specialist 3 (Information Security) Ref: #18751. Please clearly indicate how you meet the minimum qualifications for this position. Your Social Security number may be required to confirm your eligibility.