Manager Information Technology Services 1 (Information Security), ref #Roch27

New York State

  • New York City, NY
  • $106,898-131,665 per year
  • Permanent
  • Full-time
  • 12 days ago
Duties Description ITS provides operational support to state agencies on a 24x7x365 basis; some positions may be required to provide this critical service at any time.This position will be located in Rochester, NY. The position requires availability during off-shift hours to ensure appropriate response to security incidents or other critical activities that may impact sensitive information, critical systems, NYS agencies, or ITS. Additional information on shift will be discussed at time of interview.Under the direction and of senior leadership within the Office of Information Technology Services Chief Information Security Office, the incumbent will be a Shift Lead responsible for the oversight and coordination of NYSOC operations across multiple teams. The NYSOC serves as the nerve center for joint local, State and federal cyber efforts, including data collection, response efforts and information sharing. Additionally, the NYSOC will provide a statewide view of the cyber-threat landscape and improve coordination on threat intelligence and incident response.
The incumbent will participate in and manage efforts in conducting investigations of cyber security events reported by state and local government entities and other sources. Event response efforts include incident identification, assessment, quantification, reporting, communication, and monitoring. The candidate is responsible to provide investigation of correlated security event feeds and the appropriate triage, escalation, and coordination with other NYSOC team members. The incumbent will participate in the technical and process direction of the NYSOC, provide direction to analysts, and act as a liaison to other teams within NYS.
Due to the necessary technical support duties of this position in a 24/7 operation, the incumbent may be required to work various shifts such as weekends and/or nights/evenings.Duties include, but are not limited to:
  • Function as a shift lead in the NYSOC, providing support and direction for analysts and coordination efforts across multiple teams.
  • Oversee the efforts related to security event monitoring and response including the tracking, documentation, analysis, and escalation of cyber events activities.
  • Maintain schedules and shift assignments effectively to ensure NYSOC staffing needs are met.
  • Lead the efforts to identify and communicate trends within the NYSOC operations and activity, escalating appropriately to management and stakeholders.
  • Conduct team and shift turnover activities to ensure continuity of operations throughout the NYSOC.
  • Oversee technical delivery, assessing and continually improving output and ensuring processes developed and adhered to drive operational excellence.
  • Provide constructive input and feedback to appropriately tune the detections and performance of multiple security tools such as endpoint detection and response (EDR), security incident and event management (SIEM), and security orchestration, automation, and response (SOAR) to increase the quality of generated alerts.
  • Provide constructive input and feedback for the development, maintenance, and adherence to standard operating procedures.
  • Create technical reports and executive summaries related to cyber security incidents and events. Provide detailed metrics reports for executive management.
  • Develop and deliver presentations regarding emerging cyber threats as needed.
  • Provide training, guidance, and act as a mentor to subordinate team members. Maintain an adequate level of current knowledge and proficiency in cyber security through annual Continuing Professional Education (CPE) credits directly related to the field.
  • Perform the full range of supervisory responsibilities and additional duties as assigned.
Minimum Qualifications Manager Information Technology Services 1 (Information Security)
Non-competitive: Seven years of information technology, cybersecurity, or information assurance experience*, including one year at the supervisory level.
*Substitutions:
A bachelor's or higher-level degree in any field including or supplemented by 15 semester credit hours in computer science or related field substitutes for three years of required experience; any bachelor's substitutes for two years of required experience.An associate degree with 15 semester credit hours in computer science or related field may substitute for one year of required experience. Candidates in a bachelor's degree program with at least 15 semester credit hours in computer science or related field may substitute such credits for one year of required experience.A master's degree or higher in computer science or related field substitutes for one year of required experience.Preferred Qualifications:
The ideal candidate would possess one or more of the following preferred qualifications:
  • Certifications in one or more of the following:
o Cyber Defense (e.g., GCIA, GCIH, GCED, GSOM, GSOC, GMON, GCDA)
o Cyber Threat Intelligence (e.g., GCTI, CTIA, CCIP, GOSI)
o Information Security Management (e.g., CISSP, CISM, CCISO)
  • 4+ years' experience in one or more of the following:
o Working as a senior SOC analyst
o Conducting log analysis (e.g., firewall logs, DNS logs, proxy logs, IDS/IPS logs)
o Using SIEM technologies to support in-depth investigations
  • 2+ years' experience in one or more of the following:
o Working as a SOC manager or team lead
o Participating in cyber incident response
  • Strong understanding of enterprise IT environments, including but not limited to system administration, network architecture, operating systems, endpoint detection and response tools, and network-based security solutions (e.g., IDS/IPS, firewalls).
  • Strong understanding of the foundations of Information Security, such as the CIA triad, information classification, identity and access management, risk management, vulnerability management, secure architecture and engineering, network security, software development security, etc.
  • Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding.
  • Demonstrated critical thinking, problem solving and analytical skills.
Additional Comments This posting may be used to fill multiple positions.ITS will not offer permanent employment to any candidate unless the candidate provides documentation that they are authorized to accept work in the United States on a permanent basis. It is the policy of ITS not to hire F1 or H1 visa holders for permanent employment or to sponsor non-immigrant aliens for temporary work authorization visas or for permanent residence.Some positions may require fingerprinting.Some positions may require up to 25% travel and/or lifting up to 50 lbs. Some positions are pending Civil Service approval. Details of position(s) will be described further if you are selected for an interview.Positions located in New York City, will receive an additional $3,400 downstate adjustment location pay with regular annual salary. Positions located in the Mid-Hudson will receive an additional $1,650 adjustment location pay.Benefits of Working for NYS Generous benefits package, worth 65% of salary, including:
Holiday & Paid Time Off
  • Thirteen (13) paid holidays annually
  • Up to Thirteen (13) days of paid vacation leave annually
  • Up to Five (5) days of paid personal leave annually
  • Up to Thirteen (13) days of paid sick leave annually for PEF.
  • Up to three (3) days of professional leave annually to participate in professional development
Health Care Benefits
  • Eligible employees and dependents can pick from a variety of affordable health insurance programs
  • Family dental and vision benefits at no additional cost
Additional Benefits
  • New York State Employees' Retirement System (ERS) Membership
  • NYS Deferred Compensation
  • Access to NY 529 and NY ABLE College Savings Programs, as well as U.S. Savings Bonds
  • Public Service Loan Forgiveness (PSLF)
  • And many more.
The Office of Information Technology Services is an equal opportunity employer, and we recognize that diversity in our workforce is critical to fulfilling our mission. We encourage all individuals with disabilities to apply.
Some positions may require additional credentials or a background check to verify your identity.Some positions may require additional credentials or a background check to verify your identity.

New York State