Minimum Qualifications Bachelor’s degree* in a cyber security, information assurance, or information technology related field, OR bachelor's degree with 15 credit hours in cyber security, information assurance, or informational technology AND three years of information technology experience**.
* Appropriate information security or information assurance experience may substitute for the bachelor’s degree on a year-for-year basis; an associate’s degree requires an additional two years of information technology, information security, or information assurance experience.
**Experience solely in information security or information assurance may substitute for the general information technology experience.
• Bachelor’s Degree with a concentration or major in Information Security, Cyber Security, Digital Forensics, Information Assurance, or a related field
• Applicable Information Security certificate(s), including but not limited to:
o Certificate in Computer Network Defense (e.g., GCIA, GCED, GDAT, GPPA, GCDA, GMON, GWEB, CND, ECIH, GCIH)
o Certificate in Cyber Threat Intelligence (e.g., CTIA, GCTI, CCIP, CSTIR)
o Certificate in Digital Forensics (e.g., ACE, GCFA, GCFE, GREM, GNFA)
o Certificate in Penetration Testing (e.g., GPEN, CEH, GAWN, GWAPT, LPT)
• 2+ years’ experience in the following areas:
o Applying and implementing network and/or system security
o Information security incident response
o Experience in cyber digital forensics
o With log analysis (e.g., firewall logs, DNS logs, proxy logs, IPS/IDS logs)
o Using SIEM technologies to support in-depth investigations
o Using computer security investigation tools (e.g. FTK)
• Possess a working knowledge of the following areas:
o Computer networks with a strong understanding of networking concepts, protocols, services and operating systems (TCP/IP, UDP, DNS, DHCP, HTTP, SMTP, Windows, UNIX, Linux, etc.)
o Technical security solutions (e.g., intrusion detection/prevention systems, firewalls)
o System administration
o Vulnerability management
o Computer programming and scripting
o Information Security (CIA triad, Information Classification, Risk Management, Incident Response, Vulnerability Management, Security Architecture & Engineering)
• Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding.
• Demonstrated critical thinking, problem solving and analytical skills.
• Ability to obtain and maintain a Secret clearance.
Duties Description Under the direction of a Manager Information Technology Services 2, SG-29, within the Chief Information Security Office, the position will supervise and participate in threat detection and prevention activities on specialized technical systems to protect NYS Enterprise Networks. Specific duties include but are not limited to:
• Perform analysis of security events/incidents, traffic anomalies, and suspicious traffic/behavior;
• Configure, tune, and test new IDS/IPS rules based on in-depth security analysis, emerging threats, and previous incidents;
• Conduct threat and vulnerability research, intelligence and monitoring, and provide recommendations as necessary;
• Assist staff, customers, and partners in technical problem resolution, as necessary;
• Work in concert with colleagues in the Cyber Command Center, in other verticals within the Chief Information Security Office (CISO), and across all of ITS, to achieve the mission, goals and objectives outlined in the CISO Strategic Plan and the ITS Strategic Plan;
• Maintain the relationship and functions of the Managed Security Services vendor for New York State;
• Provide direction and support to security engineering staff to perform more complex security analysis, design, and implementation;
• Lead moderately complex security projects as assigned;
• Maintain a working knowledge of information security best practices;
• Support CISO project initiatives and all other projects as assigned;
• Perform the full range of supervisory responsibilities.
Some positions may require additional credentials or a background check to verify your identity.
PO Box 2062
Notes on ApplyingTo apply, please submit a resume and cover letter indicating that you are applying for the Information Technology Specialist 4 (Information Security) Ref: #18589. Please clearly indicate how you meet the minimum qualifications for this position. Your Social Security number may be required to confirm your eligibility.