Bachelor’s degree and four years of information system intelligence analysis, or an associate degree and six years of relevant experience; or eight years of relevant experience in intelligence analysis for a governmental entity.
• Support Cyber Incident Response efforts.
• Serve as a subject matter expert for all Division of Homeland Security and Emergency Services (DHSES) Cyber Incident Response Team (CIRT) programs and initiatives.
• Perform digital forensics, malware analysis, incident response, vulnerability scans, root cause analysis and generate actionable reports to aid in customer-based follow-up.
• Help develop, deploy, document and formalize preventative offerings and initiatives.
• Manage and participate in all phases of design, configuration and construction, including acquisition of hardware and software for the CIRT LAB and mobile equipment kits.
• Monitor for reported cyber incidents and respond swiftly.
• Determine root causes of cyber incidents and work with affected agencies to implement remediation plans.
• Detect host and network-based intrusions via intrusion detection technologies.
• Use incident data to identify specific vulnerabilities and make recommendations for improvements.
• Conduct outreach to non-Executive agencies, local governments, and public authorities to discuss cyber security policies, programs and infrastructure.
• Identify best cyber security practices for the following domains: information technology assets; critical operating systems; cyber security policies and procedures; protecting sensitive data; anti-virus malware; software and systems updating/patching; incident response and recovery; personnel and training; etc.
• Maintain up-to-date technical knowledge of cyber security issues and emerging trends.
• Communicate effectively, orally and in writing, with state and local officials regarding cyber threats, technical analysis and vulnerabilities.
• Help develop and disseminate actionable strategic, technical and tactical cyber information and intelligence to non-Executive agencies, local governments, and public authorities through weekly, monthly or ad hoc reports, briefings, and presentations.
• Support cyber security meetings, presentations, seminars, etc. to foster information-sharing and enhance awareness.
• Support training exercises targeted to non-Executive agencies, local governments and public authorities on cyber security best practices.
Preferred qualifications: Preference will be given to applicants with the following certifications (or comparable) and those with a background in designing, security, and implementing security, network and enterprise solutions:
• GIAC Certified Forensic Examiner (GCFE)
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Enterprise Defender (GCED)
• GIAC Penetration Tester (GPEN)
• FTK ACE
This position will require travel. Work hours very significantly based on operational need.
Additional Comments NOTE: Support of operations during times of emergency and disaster from State Emergency Operations Center (EOC), state field offices and/or local deployments may be required, which would result in a change and/or increase in working hours, locations and/or duties.
Some positions may require additional credentials or a background check to verify your identity.
31st Floor Corning Tower, Empire State Plaza
Notes on ApplyingPlease submit cover letter along with a clear and concise resume detailing how you meet the minimum qualifications for this position as listed in Specifics and indicate the Position Title & Vacancy ID number for which you are applying.