Review Vacancy
AgencyInformation Technology Services, Office of
TitleManager Information Technology Services 1 (Information Security) Ref #15524CYCOM
Occupational CategoryI.T. Engineering, Sciences
Bargaining UnitPS&T - Professional, Scientific, and Technical (PEF)
Salary RangeFrom $90375 to $111316 Annually
Minimum Qualifications Bachelor’s degree* and five years of information technology experience, including three years of information security or information assurance experience.
* Appropriate information security or information assurance experience may substitute for the bachelor’s degree on a year-for-year basis; an associate’s degree requires an additional two years of information technology, information security, or information assurance experience. Experience solely in information security or information assurance may substitute for the general information technology experience.
Preferred Qualifications
• Bachelor's Degree with a concentration or a major in Information Security, Cyber Security, Digital Forensics, or a related field.
• Certificates in the following:
o Computer Network Defense (e.g., GCIA, GCED, GDAT, GPPA, GCDA, GMON, GWEB, CND, ECIH, GCIH)
o Cyber Threat Intelligence (e.g., CTIA, GCTI, CCIP, CSTIR)
o Digital Forensics (e.g., ACE, GCFA, GCFE, GREM, GNFA)
o Information Security Management (e.g., GSLC, GSTRT, GCEIT, CISM, CCISO)
o Penetration Testing (e.g., GPEN, CEH, GAWN, GWAPT, LPT)
o Certified Information Systems Security Professional (CISSP)
• 4+ years' experience in technical writing
• 3+ years' experience in the following areas:
o leading a team in related work.
o applying and implementing network and/or system security.
o information security incident response.
o cyber digital forensics.
o log analysis (e.g., firewall logs, DNS logs, proxy logs, IPS/IDS logs)
o using SIEM technologies to support in-depth investigations
o using computer security investigation tools (e.g. FTK).
• 2+ years’ experience in penetration testing.
• Working knowledge of:
o Project Management
o computer networks with a strong understanding of networking concepts, protocols, services and operating systems (TCP/IP, UDP, DNS, DHCP, HTTP, SMTP, Windows, UNIX, Linux, etc.)
o technical security solutions (e.g., intrusion detection/prevention systems, firewalls)
o system administration.
o vulnerability management.
o computer programming and scripting.
o Information Security (CIA triad, Information Classification, Risk Management, Incident Response, Vulnerability Management, Security Architecture & Engineering)
• Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding.
• Demonstrated critical thinking, problem solving and analytical skills.
• Ability to obtain and maintain a Secret clearance.
Duties Description Under the direction of the Lead of the Security Operations Center (SOC), Manager Information Technology Services 2, SG-29, the position will be part of the NYS Cyber Command Center and participate in and manage efforts in responding to cyber-attacks and in conducting investigations of cyber security events reported by state and local government entities and other sources. The incumbent is primarily responsible for security event monitoring, management and response. Response efforts include incident identification, assessment, quantification, reporting, communication, mitigation and monitoring. The candidate is responsible to provide investigation of correlated security event feeds and the appropriate triage and escalation in case of an identified security incident, work together with the Incident Response team on resolving incidents and remediating threats across NYS, for all internal security operations tasks within SOC. The candidate is responsible for the technical and process direction of the SOC, provides direction to the analysts as well as acts as a liaison to other teams within NYS entities
The candidate must be able to multi-task and work under pressure to yield high quality results in a short time frame. This position requires night and weekend work on an ad-hoc basis and occasional travel to respond to cyber security incidents. Specific duties include, but are not limited to:
• Lead and Manage SOC within Cyber Command
• Perform and Manage security event monitoring and response including preliminary analysis, remediation and escalation of cyber events activities
• Manage day to day SOC operations and related tasks for subordinate team members:
o Monitor cyber incident hotline, shared mail box and service tickets and respond to reported events swiftly.
o Track and document events from initial detection through final resolution.
o Perform triage to include determining scope, urgency, and potential impact.
• Oversee technical delivery, assessing and continually improving output and ensuring processes are developed and adhered to in order to drive operational excellence.
• Responsible for escalation procedures, workflows and tasks pf cyber investigations
• Ensure that Standard Operating Procedures are being created and followed by the team
• Establish workflows and automate processes to enhance productivity for the Cyber Command Center;
• Create technical reports and executive summaries related to cyber security incidents and events;
• Develop and deliver presentations to executive management, information security practitioners and Cyber Command Center team members, including subordinate staff, regarding cyber security threats;
• Maintain the budget and all aspects of procurement for area of responsibility;
• Provide detailed metrics reports for executive management;
• Provide training, guidance, and act as a mentor to subordinate team members;
• Perform the full range of administrative supervisory responsibilities, including performance evaluations, time sheet approval, etc.
Additional Comments Approval to fill this position is pending with Division of the Budget (DOB). Background check and fingerprinting are required.
Some positions may require additional credentials or a background check to verify your identity.
Email Address HR.recruitment.its@ogs.ny.gov
Address
Street Office of General Services, Human Resources Management
26th Floor, Corning Tower
Notes on ApplyingTo apply, please submit a resume and cover letter to Louise C. Nails, indicating that you are applying for Manager Information Technology Services 1 (Information Security) Ref: #15524CYCOM. Please clearly indicate how you meet the minimum qualifications for this position. Your Social Security number may be required to confirm your eligibility.