Please note: State agencies that contact job applicants do not usually request personal or financial information via text message or over the phone in connection with your response to a job posting. If you are contacted for such information by these methods, or any other method, please verify the identity of the individual before transmitting such information to that person.
Note: For questions about the job posting, please contact the agency that posted this position by using the contact information provided on the "Contact" tab for the position.

Review Vacancy

Date Posted 05/19/23

Applications Due06/08/23

Vacancy ID131234

AgencyInformation Technology Services, Office of

TitleManager Information Technology Services 1 (Information Security), Ref #30486

Occupational CategoryI.T. Engineering, Sciences

Salary Grade27

Bargaining UnitPS&T - Professional, Scientific, and Technical (PEF)

Salary RangeFrom $97826 to $120492 Annually

Employment Type Full-Time

Appointment Type Permanent

Jurisdictional Class Non-competitive Class

Travel Percentage 0%

Workweek Mon-Fri

Hours Per Week 37.5


From 6 AM

To 6 PM

Flextime allowed? No

Mandatory overtime? No

Compressed workweek allowed? Yes

Telecommuting allowed? Yes

County Albany

Street Address Averell Harriman State Office Campus Bldg 5, Fl 4

OR NYC or other locations statewide*

City To be Determined


Zip Code00000

Minimum Qualifications Bachelor’s degree* and five years of information technology experience, including three years of information security or information assurance experience.

* Appropriate information security or information assurance experience may substitute for the bachelor’s degree on a year-for-year basis; an associate’s degree requires an additional two years of information technology, information security, or information assurance experience. Experience solely in information security or information assurance may substitute for the general information technology experience.

Preferred Qualifications
• Bachelor's Degree with a concentration or major in Information Security, Cyber Security, Digital Forensics, Information Assurance, or a related field.
• Certifications in one or more of the following:
o Computer Network Defense (e.g., GCIA, GCED, GDAT, GPPA, GCDA, GMON, GWEB, CND, ECIH, GCIH)
o Cyber Threat Intelligence (e.g., CTIA, GCTI, CCIP, CSTIR)
o Digital Forensics (e.g., ACE, GCFA, GCFE, GREM, GNFA)
o Information Security Management (e.g., GSLC, GSTRT, GCEIT, CISM, CCISO)
o Penetration Testing (e.g., GPEN, CEH, GAWN, GWAPT, LPT)
o Certified Information Systems Security Professional (CISSP)
• 4+ years’ experience in technical writing
• 3+ years’ experience in the following:
o leading a team in related work.
o applying and implementing network and/or system security.
o information security incident response.
o cyber digital forensics.
o log analysis (e.g., firewall logs, DNS logs, proxy logs, IPS/IDS logs)
o SIEM technologies to support in-depth investigations
o using computer security investigation tools (e.g. FTK).
• 2+ years’ experience in penetration testing.
• Possess a working knowledge of the following:
o computer networks, intrusion detection systems, routers, firewalls, operating systems, network vulnerability assessments, web application vulnerability assessments, computer programming and scripting
o network security solutions (e.g., intrusion detection/prevention systems, firewalls)
o system administration.
o vulnerability management.
o computer programming and scripting.
o Information Security (CIA triad, Information Classification, Risk Management, Incident Response, Vulnerability Management, Security Architecture & Engineering)
o government security and privacy mandates/regulatory compliance (e.g., HIPAA, PCI, IRS Pub 1075, CJIS)
• Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding.
• Demonstrated critical thinking, problem solving and analytical skills.

Duties Description Under the direction of the senior team members within the Chief Information Security Office/Cyber Command Center/Cyber Incident Response Team (CIRT), the position will manage and perform incident response and digital forensic activities as part of cyber incident investigations. The incumbent is responsible for directing, supervising, and engaging in cyber incident response and digital forensics and a team lead, and assisting with the management and support of the CIRT. The incumbent will ensure coordination of processes between all staff under their purview and will engage in activities to protect and defend New York State’s infrastructure. In addition, the position will act as a liaison to other stakeholders to ensure that systematic activities follow NYS policy and standard and are coordinated among required teams.
The position requires analytical expertise and experience related to cyber security threats and protective measures. The incumbent must demonstrate attention to detail and critical thinking and must be able to communicate clearly with subordinate staff regarding work priorities and performance. The selected candidate will have to work with other CIRT and IT teams and upper-level management to resolve technically complex and politically sensitive issues under pressure. The incumbent will be expected to be available during off-shift hours to manage response to cyber-attacks and intrusions and is expected to work without direct supervision.

Duties include, but are not limited to:
• Manage, supervise, and engage in cyber incident response and digital forensic activities as a team lead:
o Serve as subject matter expert in cyber security incident response.
o Manage, supervise, and perform in-depth analysis (e.g., logs analysis, packet capture analysis, malware reverse engineering) during cyber investigations and oversees related tasks for subordinate team members.
o Coordinate response efforts with internal (e.g., HR, Legal) and external organizations (e.g., law enforcement, inspector general).
o Ensure establishment of root cause and remediation recommendations.
o Perform root cause validation to confirm risk and impact of compromise by modeling adversary attack methods against a defined system.
o Select and master the use of specialized computer investigation tools (e.g., Encase, FTK data), techniques, and procedures.
o Oversee and participate in analysis of digital evidence including laptop, desktop, servers, phones etc. and production of forensic reports with documented findings.
o Ensure the proper collection, seizure, and handling of digital or physical evidence while maintaining and documenting an appropriate chain of custody to maintain integrity.
o Identify elements discovered during investigations for their potential use as evidence in criminal or other investigations.

• Assist with the management and support of the CIRT:
o Manage staff and resources dedicated to the team and section.
o Monitor work progress and manage workload assignments of the team.
o Perform all phases of maintenance and support of digital forensics lab infrastructure and manage related tasks for subordinate team members. This will include but not limited to evidence handling, tracking evidence inventory, configuring network equipment, updating software etc.
o Ensure the development, maintenance, and adherence to written standard operating procedures and related processes.
o Ensure the development, maintenance, and adherence to workflows to enhance productivity of the unit.
o Oversee and participate in creation of written technical reports and executive summaries related to cyber security incidents and events.
o Monitor external data sources to maintain currency of threat condition and potential impact on enterprise.
o Provide training and guidance and act as a mentor to subordinate team members.
o Develop and maintain operational metrics related to quality, accuracy, and timeliness of incident response efforts.
o Develop and deliver presentations regarding cyber security threats and response and remediation efforts.

• Perform the full range of administrative supervisory responsibilities.
• Maintain an adequate level of current knowledge and proficiency in information security through annual Continuing Professional Education (CPE) credits directly related to information security.
• Support CISO project initiatives and all other projects as assigned.

Additional Comments Background check and fingerprinting are required.

*Please note, this position may be filled in either Albany, NYC, or other locations statewide.

Benefits of Working for NYS
Generous benefits package, worth 65% of salary, including:
• Holiday & Paid Time Off
• Thirteen (13) paid holidays annually
• Up to thirteen (13) days of paid vacation leave annually
• Up to five (5) days of paid personal leave annually
• Up to thirteen (13) days of paid sick leave annually for PEF
• Up to three (3) days of professional leave annually to participate in professional development

Health Care Benefits
• Eligible employees and dependents can pick from a variety of affordable health insurance programs
• Family dental and vision benefits at no additional cost

Additional Benefits
• New York State Employees’ Retirement System (ERS) Membership
• NYS Deferred Compensation
• Access to NY 529 and NY ABLE College Savings Programs, as well as U.S. Savings Bonds
• Public Service Loan Forgiveness (PSLF)
• Up to 50% telecommuting
• And many more.

Some positions may require additional credentials or a background check to verify your identity.

Name Khalan Cassala

Telephone 518-473-0398

Fax 518-402-4924

Email Address


Street Office of IT Services Human Resources Management

Empire State Plaza, Swan Street Building, Core 4, 1st Floor

City Albany

State NY

Zip Code 12242


Notes on ApplyingTo apply, please submit a resume and cover letter indicating that you are applying for Manager Information Technology Services 1 (Information Security), Ref #30486 and vacancy ID. Please clearly indicate how you meet the minimum qualifications for this position. Your Social Security number may be required to confirm your eligibility.

Some positions may require additional credentials or a background check to verify your identity. Selected candidates who are new or returning to NYS service may be required to pay for fingerprinting fees. New York State is an equal opportunity employer.

Printable Version