Review Vacancy
Date Posted: 01/24/20
Applications Due: 02/14/20
Vacancy ID: 78338
Position Information
AgencyInformation Technology Services, Office of
TitleInformation Technology Specialist 2 (Information Security) Ref #17344
Occupational CategoryI.T. Engineering, Sciences
Salary Grade18
Bargaining UnitPS&T - Professional, Scientific, and Technical (PEF)
Salary RangeFrom $56604 to $71980 Annually
Employment Type Full-Time
Appointment Type Permanent
Jurisdictional Class Non-competitive Class
Travel Percentage 0%
Schedule
Workweek Mon-Fri
Hours Per Week 37.50
Workday
From 9 AM
To 5 PM
Flextime allowed? No
Mandatory overtime? No
Compressed workweek allowed? No
Telecommuting allowed? No
Location
County Albany
Street Address W. Averell Harriman State Office Campus, Building 5, 4th Floor
City Albany
StateNY
Zip Code12207
Job Specifics
Minimum Qualifications Bachelor’s degree* in a cyber security, information assurance, or information technology related field, OR bachelor's degree with 15 credit hours in cyber security, information assurance, or informational technology.
* Appropriate information security or information assurance experience may substitute for the bachelor’s degree on a year-for-year basis; an associate’s degree requires an additional two years of information technology, information security, or information assurance experience.
Preferred Qualifications
• Bachelor’s Degree with a concentration or major in Information Security, Cyber Security, Digital Forensics, Information Assurance, or a related field
• Applicable Information Security certificate(s), including but not limited to: certificate in Information Security Fundamentals (e.g., Security+, GSEC, CISF, GISF)
• Working knowledge of:
- Computer networks, intrusion detection systems, routers, firewalls, operating systems, network vulnerability assessments, web application vulnerability assessments, computer programming and scripting
- Information Security (CIA triad, Information Classification, Risk Management, Incident Response, Vulnerability Management, Security Architecture & Engineering)
- Government security and privacy mandates/regulatory compliance (e.g., HIPAA, PCI, IRS Pub 1075, CJIS)
- Information Security Frameworks (NIST Cyber Security Framework, CIS Controls, ISO 2700 series)
• Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding
• Demonstrated critical thinking, problem solving and analytical skills
• 1+ years’ experience in technical writing
• Coursework or experience in the following areas:
- Applying and implementing network and/or system security
- Information security incident response
- Security policy/standard/guideline development, implementation, or interpretation
- Conducting risk assessments and evaluating information technology systems for security controls (Secure Systems Development Lifecycle)
- Compliance assessments, audit support/response, and compliance/audit remediation
Duties Description Under the direction of a Lead Information Security Analyst, ITS 3 [SG 23], within the Chief Information Security Office/Integrated Security Services/Security Services Team the position will be a member of a Security Services Team that provides security services to one or more ITS Portfolios and their client agencies. The incumbent will provide in-depth information security consulting and services aligned with business needs of the client agencies to ensure confidentiality, integrity, and availability of information and systems.
The position requires communicating orally and in writing with various individuals including management, users, vendors, and other IT staff. The incumbent will have to work with ITS teams and upper-level agency management to resolve technically complex and politically sensitive issues under pressure.
The position requires availability during off-shift hours to ensure appropriate response to security incidents or other critical activities that may impact sensitive information, critical systems, NYS agencies, or ITS.
Specific duties include, but are not limited to:
• Serve as information security expert, and evaluate systems and contracts for alignment with agency and State information security policies:
- Act as information security liaison to agency and portfolio staff, maintaining close relationships to ensure security services align with business needs;
- Provide information security expertise to information security staff, ITS, and ITS-served agencies on a broad range of information security standards and best practices;
- Act as Information Security Lead on ITS Projects and Initiatives to ensure security by design through implementation of the Secure Systems Development Lifecycle (SSDLC);
- Review the current and proposed architectures to meet security requirements for portfolio-served agencies;
- Assist staff with technical and security issues as necessary;
- Develop and maintain familiarity with client agency business functions and requirements;
- Develop and maintain expertise in cyber security compliance domains including, but not limited to, FISMA, NIST SP 800-53 and other 800 series guidelines, IRS Pub 1075, PCI DSS, HIPAA, HITECH;
- Develop and maintain expertise in cyber security frameworks including, but not limited to, CIS Top 20 CSC, NCSF, and ISO/IEC 27000 series.
• Support the management and resolution of security threats to agency information systems:
- Assist with implementing information security incident response plans, and reports;
- Assist with response to potential security incidents;
- Escalate security concerns and report incidents to the applicable entities for review and action.
• Implement information security and compliance programs:
- Participate in the development, interpretation, review and communication of NYS information security policies, procedures and standards;
- Assist with analyzing the impact of proposed policy and legislation as they pertain to information systems and makes recommendations as appropriate;
- Support the implementation of information security procedures and protocols and participates in security risk reviews and remediation activity including producing written reports;
- Write progress reports to management and users outlining what was done, what needs to be done and timeframes for accomplishing tasks.
• Monitor and stay aware of information security industry trends, tools and techniques:
- Represent the agency at internal and external information security meetings and conferences to maintain awareness, and evaluates the applicability of the latest information security techniques and tools to the agency’s security program;
- Collaborate with peers to develop a multilayered and adaptive approach to counter a dynamic information security threat environment;
- Research relevant laws and regulations in consultation with agency counsel that could affect the security controls and classification of information assets and approves adjustments to meet legal and regulatory requirements.
• In addition:
- Maintain an adequate level of current knowledge and proficiency in information security through annual Continuing Professional Education (CPE) credits directly related to information security.
Additional Comments Approval to fill this position is pending with Division of the Budget (DOB). Background check and fingerprinting are required.
Some positions may require additional credentials or a background check to verify your identity.
Contact Information
Name Amy Sacco
Telephone 518-473-0398
Fax 518-402-4924
Email Address HR.Recruitment.ITS@ogs.ny.gov
Address
Street Office of General Services Human Resources Management
Corning Tower, 26th Floor
City Albany
State NY
Zip Code 12242
Notes on ApplyingTo apply, please submit a resume and cover letter indicating that you are applying for the Information Technology Specialist 2 (Information Security) Ref: #17344. Please clearly indicate how you meet the minimum qualifications for this position. Your Social Security number may be required to confirm your eligibility.
FAQs • How to Get a State Job • Workers with Disabilities (55b/c) • Civil Service Exams
State Agencies: Department of Civil Service • Office of the State Comptroller
OER Link: Employee Unions and Bargaining Units
Exam announcements • General Information about NYS Government
© 2024 NYS Office of Employee Relations
StateJobsNY ℠ 2024 NYS Office of Employee Relations
Accuracy • Privacy • Accessibility • Contact