Minimum Qualifications Bachelor’s degree* with at least 15 credit hours in cyber security, information assurance, or information technology; and two years of information technology experience, including one year of information security or information assurance experience**.
*Substitution: bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year-for-year basis; an associate's degree requires an additional two years of general information technology experience.
**Experience solely in information security or information assurance may substitute for the general information technology experience.
•Working knowledge of information security, risk management, security architecture, computer networks, incident response, and vulnerability management.
•3 years of experience in conducting network vulnerability scans, web application scans and vulnerability assessments.
•3 years of experience in computer programming, scripting, secure systems development lifecycle (SSDLC), security architecture, code reviews and application security best practices
•3 years of experience in one or more vulnerability scanning tools, and vulnerabilities management.
Duties Description Under the direction of the Chief Information Security Officer (CISO), the incumbent will act as a lead team member providing information security services to ensure confidentiality, integrity, and availability of Thruway Authority’s information and systems.
This position will be a team lead for vulnerability management program to provide vulnerability scanning services for Thruway Authority. The incumbent will also develop, interpret, and deliver vulnerability scanning reports, and assist with the prioritization and interpretation of vulnerabilities.
Specific duties include, but are not limited to:
•Maintain vulnerability scanning tools including tool configuration, scan configuration, and report generation.
•Perform vulnerability scanning and analysis to help determine scope of risk and prioritization of remediation.
•Oversee the scheduling of scans in coordination with owners and custodians to ensure minimal impact to the operational activities.
•Interpret scan results and determine appropriate remediation steps in coordination with different groups.
•Analyze scans/reports from security scanning tools and other internal security tools related to risks and vulnerabilities.
•Participate in information security risk analysis and risk management processes.
•Acts as information security lead on projects and initiatives to ensure security by design through implementation of the Secure Systems Development Lifecycle (SSDLC).
•Support the implementation of information security procedures and protocols, participates in security risk reviews and remediation activity including producing written reports.
•Assist with incident response activities and remediations.
•Train staff on how to perform vulnerability scanning.
Supervising and/or managing staff and resources, as needed, dedicated to Thruway Authority information security team
Additional Comments This is a CSEA position.
Excellent Benefit Package including:
Paid vacation, personal leave, & sick leave with sick leave incentive pay, thirteen paid holidays with additional five paid floating holidays. Paid jury duty, competitive health, prescription, dental & vision insurance. Excellent retirement plan, & optional Deferred Compensation plan, Flexible Spending Account and more.
The New York State Thruway Authority is an Equal Opportunity Affirmative Action Employer.
New York State Human Rights Law prohibits discrimination based on age, race, creed, color, national origin, sexual orientation, military status, sex, disability, marital status, gender identity, prior arrests, prior conviction records, predisposing genetic characteristics or domestic violence victim status.
The New York State Thruway Authority provides reasonable accommodations to applicants with disabilities. If you need a reasonable accommodation for any part of the application and hiring process, please notify Frances Rosales, Director of Equal Opportunities Bureau at 518-436-2718.
Some positions may require additional credentials or a background check to verify your identity.
Notes on ApplyingPlease fax or scan and e-mail a resume and transcript to Rebecca.Dowd@thruway.ny.gov if you are interested in the position and indicate the vacancy ID of the position you are applying for.