Albany or NYC
Minimum Qualifications Bachelor’s degree* with at least 15 credit hours in cyber security, information assurance, or information technology.
*Substitution: bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year-for-year basis; an associate's degree requires an additional two years of general information technology experience.
• Bachelor's Degree with a concentration or major in Information Security, Cyber Security, Digital Forensics, Information Assurance, or a related field.
• Certificate in Information Security Fundamentals (e.g., Security+, GSEC, CISF, GISF)
• 1+ years’ experience in technical writing
• Possess a working knowledge of:
- Computer networks, intrusion detection systems, routers, firewalls, operating systems, network vulnerability assessments, web application vulnerability assessments, computer programming and scripting.
- Government security and privacy mandates/regulators compliance (e.g., HIPAA, PCI, IRS Pub 1075, CJIS)
- Information Security (CIA triad, Information Classification, Risk Management, Incident Response, Vulnerability Management, Security Architecture & Engineering)
- Information Security Frameworks (NIST Cyber Security Framework, CIS Controls, ISO 27000 series)
• Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding.
• Demonstrated critical thinking, problem solving and analytical skills.
Duties Description Under the direction of a Lead Information Security Analyst, Information Technology Specialist 3 (Information Security), SG-23, within the Chief Information Security Office/Integrated Security Services/Security Services Team, the position will be a member of a Security Services Team that provides security services to one or more ITS Portfolios and their client agencies. The incumbent will provide in-depth information security consulting and services aligned with business needs of the client agencies to ensure confidentiality, integrity, and availability of information and systems.
The position requires communicating orally and in writing with various individuals including management, users, vendors, and other IT staff. The incumbent will have to work with ITS teams and upper-level agency management to resolve technically complex and politically sensitive issues under pressure.
The position requires availability during off-shift hours to ensure appropriate response to security incidents or other critical activities that may impact sensitive information, critical systems, NYS agencies, or ITS.
Specific duties include, but are not limited to:
• Implement information security and compliance programs:
- Participate in the development, interpretation, review, and communication of NYS information security policies, procedures, and standards.
- Support the implementation of information security procedures and protocols and participates in security risk reviews and remediation activity including producing written reports.
- Develop and maintain expertise in cyber security compliance domains and frameworks.
• Support the management and resolution of security threats to agency information systems:
- Assist with implementing information security incident response plans, and reports.
- Assist with response to potential security incidents.
- Escalate security concerns and report incidents to the applicable entities for review and action.
• Serve as information security expert, and evaluate systems and contracts for alignment with agency and State information security policies:
- Act as information security liaison to agency and portfolio staff, maintaining close relationships to ensure security services align with business needs.
- Provide information security expertise to information security staff, ITS, and ITS-served agencies on a broad range of information security standards and best practices.
- Act as Information Security Lead on ITS Projects and Initiatives to ensure security by design through implementation of the Secure Systems Development Lifecycle (SSDLC).
• Monitor and stay aware of information security industry trends, tools, and techniques.
• Perform additional duties as required.
Additional Comments **This posting may be used to fill multiple vacancies.**
Background check and fingerprinting are required.
*Please note, this position may be filled in either Albany or NYC.
Benefits of Working for NYS
Generous benefits package, worth 65% of salary, including:
• Holiday & Paid Time Off
• Thirteen (13) paid holidays annually
• Up to thirteen (13) days of paid vacation leave annually
• Up to five (5) days of paid personal leave annually
• Up to thirteen (13) days of paid sick leave annually for PEF
• Up to three (3) days of professional leave annually to participate in professional development
Health Care Benefits
• Eligible employees and dependents can pick from a variety of affordable health insurance programs
• Family dental and vision benefits at no additional cost
• New York State Employees’ Retirement System (ERS) Membership
• NYS Deferred Compensation
• Access to NY 529 and NY ABLE College Savings Programs, as well as U.S. Savings Bonds
• Public Service Loan Forgiveness (PSLF)
• Up to 50% telecommuting
• And many more.
Some positions may require additional credentials or a background check to verify your identity.
Swan Street Building, Core 4, Floor 1
Notes on ApplyingPlease submit a clear, concise cover letter and resume, indicating that you are applying for Information Technology Specialist 2 (Information Security) Ref #30473 and Vacancy ID. Please clearly indicate how you meet the minimum qualifications for this position. Your Social Security number may be required to confirm your eligibility.
Some positions may require additional credentials or a background check to verify your identity. Selected candidates who are new or returning to NYS service may be required to pay for fingerprinting fees. New York State is an equal opportunity employer.