Minimum Qualifications Bachelor’s degree* with at least 15 credit hours in cyber security, information assurance, or information technology; and two years of information technology experience, including one year of information security or information assurance experience**.
*Substitution: bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year-for-year basis; an associate's degree requires an additional two years of general information technology experience.
**Experience solely in information security or information assurance may substitute for the general information technology experience.
• 3 years of experience in security event monitoring and analysis using a Security Information and Event Management system (SIEM).
• Working knowledge of computer networks, intrusion detection systems, routers, firewalls, security devices, and architecture.
•Experience in one or more vulnerability scanning tools, conducting network vulnerability scans and vulnerabilities management.
Duties Description Under the direction of the Chief Information Security Officer (CISO), the incumbent will act as a lead team member providing information security services to ensure confidentiality, integrity, and availability of Thruway Authority’s information and systems.
This position will be a team lead for Cyber Security Operations (SOC) activities to Support the management and resolution of security threats to Thruway Authority’s information involving threat detection, threat intelligence assessment, vulnerability monitoring including vulnerability scanning, remediation strategies and response to security events and intrusions affecting information assets. The position requires to provide information security duties and collaborate with IT and Business Units to identify and respond to threats and risks.
Specific duties include, but are not limited to:
•Participate in the continuous monitoring and protection of technology resources and determines events that require investigation and response.
•Monitor the threat landscape for changes impacting vulnerabilities and assess the risk to Thruway Authority information systems.
•Prioritize and differentiate between potential security events, false positives and escalate priority security events.
•Perform vulnerability scanning and analysis to help determine scope of risk and prioritization of remediation.
•Perform analysis (e.g., logs, packet capture, reverse engineering) during cyber investigations to establish root cause and provides remediation recommendations.
•Monitor external data sources to maintain currency of threat condition and potential impact on enterprise.
•Support the implementation and improvement of information security incident response plans and reports. Manage the proactive investigative activities to verify exposed vulnerabilities.
•Participate in the identification and modeling of new threat scenarios to provide proactive defensive measures to technical teams for mitigation of risk.
•Manage the collection and documentation of the incident response metrics.
•Perform analysis and provide guidance on vulnerabilities disclosures, vulnerabilities reports, and internal assessments.
•Perform effective distribution of security advisories, alerts, notices and bulletins.
•Perform incident handling activities to assist with the response to security incidents and incident response activities including investigating security incidents, and threat analysis.
•Monitor information security compliance and recommends improvements.
•Participate in information security risk analysis and risk management processes.
•Train staff on how to perform security event monitoring and network traffic analysis.
•Supervising and/or managing staff and resources, as needed, dedicated to Authority information security team.
Additional Comments This is a CSEA position.
Excellent Benefit Package including:
Paid vacation, personal leave, & sick leave with sick leave incentive pay, thirteen paid holidays with additional five paid floating holidays. Paid jury duty, competitive health, prescription, dental & vision insurance. Excellent retirement plan, & optional Deferred Compensation plan, Flexible Spending Account and more.
The New York State Thruway Authority is an Equal Opportunity Affirmative Action Employer.
New York State Human Rights Law prohibits discrimination based on age, race, creed, color, national origin, sexual orientation, military status, sex, disability, marital status, gender identity, prior arrests, prior conviction records, predisposing genetic characteristics or domestic violence victim status.
The New York State Thruway Authority provides reasonable accommodations to applicants with disabilities. If you need a reasonable accommodation for any part of the application and hiring process, please notify Frances Rosales, Director of Equal Opportunities Bureau at 518-436-2718.
Some positions may require additional credentials or a background check to verify your identity.
Notes on ApplyingPlease fax or scan and e-mail a resume and transcript to Rebecca.Dowd@thruway.ny.gov if you are interested in the position and indicate the vacancy ID of the position you are applying for.