Indicates whether if this vacancy posting is part of the NY HELPS Program.NY HELPNo

The agency in which the vacancy exists.AgencyInformation Technology Services, Office of

The job title for the vacancy.TitleNYSOC Tier 1 Analyst (Rochester), Information Technology Specialist 3 (Information Security), SG-23, ref #8184R

The job title for the vacancy.Occupational CategoryI.T. Engineering, Sciences

The salary grade for this vacancy. Salaries are determined by salary grade and bargaining unit.Salary Grade23

The collective bargaining unit to which this vacancy is assigned.Bargaining UnitPS&T - Professional, Scientific, and Technical (PEF)

The minimum and maximum of the salary range for this vacancy.Salary RangeFrom $84156 to $106454 Annually

Indicates whether this job is full-time or part-time. If the job is part-time, an estimated percentage will be provided. Employment Type Full-Time

This indicates the type of job, typically permanent, temporary, or provisional. 'Provisional' means that the appointment will be temporary until the incumbent takes and passes an appropriate civil service examination. Appointment Type Contingent Permanent

Jurisdictional class is the indicator for how this job can be filled. The classified service is governed by the Civil Service Commission, and consists of competitive, non-competitive, exempt, and labor classes. 'Competitive class' indicates that the applicant must take and pass an appropriate civil service examination. 'Non-competitive class' indicates that the applicant's qualifications will be evaluated without a civil service examination. 'Exempt class' indicates that the applicant will be evaluated by methods other than competitive or non-competitive, and that incumbents will not be granted tenure. 'Labor class' requires that applicants possess skills or other physical characteristics that cannot effectively be evaluated by other means. The unclassified service is legislatively defined, and includes such positions as elected officials, department and agency heads, and all academic personnel in public schools, colleges, and universities. Jurisdictional Class Non-competitive Class

Estimates the percentage of time incumbents of this vacancy will be required to travel. Travel Percentage 0%

This provides information on the expected workweek. Workweek Other (see below)

If 'other' is selected as the workweek type, this field explains what that schedule is. "Other" Explanation Multiple shifts being filled for 24x7x365 operations <br />Additional details on work shift will be discussed at time of interview

The number of hours in the workweek, typically 37.5 or 40 for full time, or any other number for part time.Hours Per Week 37.50

Workday

The start time for this vacancy. If the agency employs flextime, this will be the earliest time this vacancy's shift can start. From 8 AM

The end time for this vacancy. If the agency employs flextime, this will be the latest time this vacancy's shift can end. To 5 PM

If checked, the agency allows flextime. Flextime allowed? No

If checked, this vacancy includes mandatory overtime. Mandatory overtime? No

If checked, this agency allows compressed workweek scheduling. Compressed workweek allowed? Yes

If checked, this agency allows telecommuting for this position. Telecommuting allowed? Yes

The county in which the vacancy is located. County Monroe

The street address where the vacancy is located. Street Address 1 East Avenue, Rochester

With the possibility of New York City or other locations statewide

The city where the vacancy is located. City TBD

The state where the vacancy is located (the default is New York). StateNY

The zip code where the vacancy is located. Zip Code00000

The duties that the incumbent of the vacancy will be expected to perform. Duties Description Under the direction of senior leadership within the Office of Information Technology Services Chief Information Security Office, the incumbent will be a Tier 1 Analyst working in the New York Security Operations Center (NYSOC) participating in the intake and triage of a wide variety of security events for NYSOC subscribers. The incumbent will leverage a variety of threat intelligence sources and indicators of compromise (IOCs) to perform SOC services across a large and diverse multi-entity environment. The incumbent will participate in the ingestion and response to all forms of threat intelligence and vulnerability announcements received from many third parties such as vendors, DHS CISA, MS-ISAC, NYSP, and other sources of open-source intelligence.
This position requires the incumbent to possess a solid understanding of the current cyber threat landscape, the tactics, techniques, tools, and procedures commonly leveraged, and the steps necessary to swiftly identify, and contain a potential cyber threat. Additionally, this position requires an incumbent to act with a great deal of independence in alignment with agency and upper-level management strategic direction.
Due to the nature of the work performed by the SOC, this position requires availability during off-shift hours to ensure appropriate response to security incidents or other critical activities as needed.
Duties include, but are not limited to:
• Support Tier 0 analysts in the identification, triage, and escalation of security events.
• Monitor multiple sources (phone, email, automated systems, etc.) for new security events.
• Follow all established procedures, workflows, and tasks related to NYSOC activities.
• Work with Tier 0 analysts and the SOC team to ensure identified incidents are documented and escalated efficiently.
• Ensure that tickets are properly created and tracked in the ticket management system, and in a timely manner.
• Ensure that trusted third party notifications are forwarded to the appropriate stakeholders.
• Provide input and feedback in the development and revision of standard operating procedures and workflows.
• Provide supporting analysis related to cyber security incidents and events.
• Provide input and feedback to the engineering and development team to appropriately tune the performance of multiple security tools such as endpoint detection and response (EDR), Security Orchestration, automation and response (SOAR), sandbox tools, antivirus/antimalware, and security incident and event management (SIEM) to increase the quality of generated alerts.
• Participate in active projects to help identify and resolve issues/problems to ensure successful outcomes are achieved.
• Maintain an adequate level of current knowledge and proficiency in information security through annual Continuing Professional Education (CPE) credits directly related to information security.
• Perform additional duties as assigned.

The minimum qualifications required for this vacancy. Minimum Qualifications Bachelor’s degree* with at least 15 credit hours in cyber security, information assurance, or information technology; and two years of information technology experience, including one year of information security or information assurance experience**.

* Substitution: bachelor’s degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor’s degree on a year-for-year basis; an associate’s degree requires an additional two years of general information technology experience.

** Experience solely in information security or information assurance may substitute for the general information technology experience.

Preferred qualifications:
The ideal candidate would possess one or more of the following preferred qualifications:
• Certifications in one or more of the following:
• Cyber Defense (e.g., GCIA, GCIH, GCED, GSOM, GSOC, GMON, GCDA)
• Cyber Threat Intelligence (e.g., GCTI, CTIA, CCIP, GOSI)
• Information Security Management (e.g., CISSP, CISM, CCISO)
• 1+ years’ experience in one or more of the following:
• Working as a SOC analyst
• Conducting log analysis (e.g., firewall logs, DNS logs, proxy logs, IDS/IPS logs)
• Using SIEM technologies to support in-depth investigations
• Participating in cyber incident response
• Strong understanding of enterprise IT environments, including but not limited to system administration, network architecture, operating systems, endpoint detection and response tools, and network-based security solutions (e.g., IDS/IPS, firewalls).
• Strong understanding of the foundations of Information Security, such as the CIA triad, information classification, identity and access management, risk management, vulnerability management, secure architecture and engineering, network security, software development security, etc.
• Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding.
• Demonstrated critical thinking, problem solving and analytical skills.

Additional comments regarding the vacancy. Additional Comments Additional details on work shift will be discussed at time of interview.

Background check and fingerprinting are required.

Benefits of Working for NYS
Generous benefits package, worth 65% of salary, including:
• Holiday & Paid Time Off
• Thirteen (13) paid holidays annually
• Up to thirteen (13) days of paid vacation leave annually
• Up to five (5) days of paid personal leave annually
• Up to thirteen (13) days of paid sick leave annually for PEF
• Up to three (3) days of professional leave annually to participate in professional development

Health Care Benefits
• Eligible employees and dependents can pick from a variety of affordable health insurance programs
• Family dental and vision benefits at no additional cost

Additional Benefits
• New York State Employees’ Retirement System (ERS) Membership
• NYS Deferred Compensation
• Access to NY 529 and NY ABLE College Savings Programs, as well as U.S. Savings Bonds
• Public Service Loan Forgiveness (PSLF)
• Up to 50% telecommuting
• And many more.

Some positions may require additional credentials or a background check to verify your identity.

The name of the contact person for this vacancy. Name Charlene Maroni

The telephone number to use for questions about this vacancy. Telephone 518-473-0398

The fax to use for this vacancy. Fax 518-402-4924

Email address for emailing applications, or to ask questions about this vacancy. Email Address PostingResponses@its.ny.gov

Address

The street address of the contact for this vacancy. Street Office of Information Technology Services

Human Resources Services - Swan Street Building, Core 4, Floor 1

The city for the contact for this vacancy. City Albany

The state of the contact for this vacancy (the default is New York). State NY

The zip code for the contact for this vacancy. Zip Code 12242

Instructions for potential applicants.Notes on ApplyingTo apply, please submit a resume and cover letter indicating that you are applying for the Information Technology Specialist 3 (Information Security), NYSOC Tier 1 Analyst (Rochester), Ref #8184R. Please include the Posting ID and clearly indicate how you meet the minimum qualifications for this position. Your Social Security number may be required in order to confirm eligibility.

Some positions may require additional credentials or a background check to verify your identity. Selected candidates who are new or returning to NYS service may be required to pay for fingerprinting fees. New York State is an equal opportunity employer.