StateJobsNY

NY HELPNo

AgencyInformation Technology Services, Office of

TitleInformation Technology Specialist 4 (Information Security) Ref #18753M

Occupational CategoryI.T. Engineering, Sciences

Salary Grade25

Bargaining UnitPS&T - Professional, Scientific, and Technical (PEF)

Salary RangeFrom $88161 to $111111 Annually

Employment Type Full-Time

Appointment Type Permanent

Jurisdictional Class Non-competitive Class

Travel Percentage 0%

Workweek Mon-Fri

Hours Per Week 37.50

Workday

From 9 AM

To 5 PM

Flextime allowed? No

Mandatory overtime? No

Compressed workweek allowed? Yes

Telecommuting allowed? Yes

County Albany

Street Address Albany - CNSE-ZEN, 201 Fuller Rd., Flr 2

City Albany

StateNY

Zip Code12207

Minimum Qualifications bachelor’s degree* with at least 15 credit hours in cyber security, information assurance, or information technology; and three years of information technology experience, including two years of information security or information assurance experience**.

*Substitution: bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year-for-year basis; an associate's degree requires an additional two years of general
information technology experience.

**Experience solely in information security or information assurance may substitute for the general information technology experience.

Preferred Qualifications:

• Bachelor’s Degree with a concentration or major in Information Security, Cyber Security, Digital Forensics, Information Assurance, or a related field
• Applicable Information Security certificate(s), including but not limited to:
o Certificate in Computer Network Defense (e.g., GCIA, GCED, GDAT, GPPA, GCDA, GMON, GWEB, CND, ECIH, GCIH)
o Certificate in Cyber Threat Intelligence (e.g., CTIA, GCTI, CCIP, CSTIR)
o Certificate in Digital Forensics (e.g., ACE, GCFA, GCFE, GREM, GNFA)
o Certificate in Penetration Testing (e.g., GPEN, CEH, GAWN, GWAPT, LPT)
• 3+ years’ experience in technical writing
• 2+ years’ experience in the following areas:
o penetration testing and applying offensive security techniques.
o computer programming and web application development.
o developing scripts and code to exploit weakness in computer systems.
o IT systems administration.
o support and management of computer networks, intrusion detection systems, routers, firewalls, operating systems.
o conducting web application and network vulnerability assessments.
o applying and implementing network and/or system security.
o information security incident response.
o cyber digital forensics.
o log analysis (e.g., firewall logs, DNS logs, proxy logs, IPS/IDS logs)
o using SIEM technologies to support in-depth investigations
o using computer security investigation tools (e.g. FTK).
• Working knowledge of:
o government security and privacy mandates/regulatory compliance (e.g., HIPAA, PCI, IRS Pub 1075, CJIS)
o Information Security (CIA triad, Information Classification, Risk Management, Incident Response, Vulnerability Management, Security Architecture & Engineering)
o Information Security Frameworks (NIST Cyber Security Framework, CIS Controls, ISO 2700 series)
• Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding
• Demonstrated critical thinking, problem solving and analytical skills.

Duties Description Under the direction and support of senior team members within the CISO/Integrated CyberCommand Center/Red Team, the position will be a member of the team that is responsible for advanced security testing of systems and applications, support and management of the secure lab environment, and the automation of processes within the CyberCommand Center. The incumbent will assist in security reviews, perform penetration testing using "offensive security" and other techniques that are often employed by an adversary. The incumbent will also participate in the automation of CyCom processes, the management and support of the CyCom secure lab environment, and the development of cyber security training materials.
The ideal candidate would have experience with cyber security, offensive security, penetration testing, computer networks, intrusion detection systems, routers, firewalls, operating systems, network vulnerabilities, and web application vulnerabilities. Other desirable skills include computer programming, scripting, databases, database queries, and reporting. Excellent written and verbal communication skills are essential. This position requires off-shift work on an ad-hoc basis and occasional travel.
Specific duties include, but are not limited to:
• Perform advanced computer security testing of systems and applications for ITS and its client agencies using specialize testing tools, techniques, and procedures.
• Create technical reports with both deep technical details and executive summary information.
• Participate in the development and improvement of CyCom automation activities.
• Create training materials and standard operating procedures for the Red Team.
• Manage and support the CyCom secure lab environment, including all hardware, software, and networking.
• Assist the Cyber Incident Response Team with digital forensics and incident response activities, as needed.
• Perform additional duties as assigned.

Additional Comments Background check and fingerprinting are required.

All Office of Information Technology Services (ITS) employees are required to provide proof of vaccination status through a secure online portal, if vaccinated. Unvaccinated employees may be required to submit weekly tests.

New York State is an equal opportunity employer.

Some positions may require additional credentials or a background check to verify your identity.

Name Louise C. Nails

Telephone 518-473-5282

Fax 518-402-4924

Email Address HRresumes@ogs.ny.gov

Address

Street Office of General Services, Human Resources Management

26th Floor, Corning Tower, ESP

City Albany

State NY

Zip Code 12242

Notes on ApplyingTo apply, please submit a resume and cover letter indicating you are applying for Information Technology Specialist 4 (Information Security) Ref: #18753M. In your cover letter, please clearly indicate how you meet the minimum qualifications for this position. Your Social Security number may be required to confirm your eligibility.