Review Vacancy
AgencyInformation Technology Services, Office of
TitleManager Information Technology Services 2 Information Security - 9860
Occupational CategoryI.T. Engineering, Sciences
Bargaining UnitPS&T - Professional, Scientific, and Technical (PEF)
Salary RangeFrom $118425 to $145039 Annually
Appointment Type Contingent Permanent
Duties Description Under the direction of senior leadership within the Office of Information Technology Services\Chief Information Security Office\Cyber Command Center, the incumbent will lead a team responsible for the ingestion and response to all forms of threat intelligence and vulnerability announcements received from many third parties such as vendors, DHS CISA, MS-ISAC, NYSP, and other sources of open-source intelligence. They will synthesize threat data from various sources and correlate it to produce targeted threat intelligence. The incumbent will perform threat hunting for threat actors in a multi-cloud/multi-OS environment and prototyping detection logic based on the output of those hunts. The candidate will also be able to emulate adversary behavior to assess the efficacy of the security controls.
This position requires the incumbent to possess a solid understanding of the current cyber threat landscape, the tactics, techniques, tools, and procedures commonly leveraged, and the steps necessary to swiftly identify and contain a potential cyber threat. Additionally, this position requires an incumbent to act with a great deal of independence in alignment with agency and upper-level management strategic direction.
Due to the nature of the work performed by the SOC, this position requires availability during off-shift hours to ensure appropriate response to security incidents or other critical activities as needed. This position is available and can be filled in any of the following NYSOC locations: Latham, Rochester, or New York City.
Specific duties include, but are not limited to:
• Direct and oversee the threat intelligence program and staff for NYSOC.
• Provide current, actionable threat intelligence to drive comprehensive detection coverage against threat vectors
• Conduct research, analysis, and correlation across a wide variety of all source data sets such as IOCs, IOAs and warnings
• Perform threat hunting across a multi-OS/multi-cloud environment to ensure a timely and effective response to new cyber threats. Identify tactics, techniques, and procedures (TTPs) for intrusion sets
• Perform detection engineering prototyping and prioritization efforts and support red team/adversary emulation activities to assess efficacy of existing security controls
• Work with the detection engineering team to translate repeatable hunts into alerts
• Work with incident detection, incident response, cyber threat intelligence, and other teams to coordinate and create remediation plans
• Review cases escalated by threat analysts to investigate, respond, and remediate
• Plan and recommend modifications or adjustments based on testing results or system environment
• Analyze identified malicious activity to determine vulnerabilities exploited, exploitation methods, and effects on system and data
• Identify new use cases and playbooks that need to be developed based on incident reviews
• Document and escalate incidents using information gathered from a variety of sources
• Create daily, monthly, and yearly intelligence information in support of NYSOC business needs
• Create technical reports and executive summaries related to cyber security incidents and events.
• Generate vulnerability notifications and cyber threat intelligence working with vendors and various stakeholders
• Provide guidance and input on active projects to help identify and resolve issues/problems to ensure successful outcomes are achieved
• Lead analysts to appropriately tune the detections and performance of multiple security tools such as firewall, intrusion detection/intrusion prevention systems (IDS/IPS), endpoint detection and response (EDR), sandbox tools, antivirus/antimalware, and security incident and event management (SIEM) to increase the quality of generated alerts
• May supervise subordinate staff in the proper performance of their duties and perform the full range of administrative supervisory responsibilities
Minimum Qualifications Non-competitive: Eight years of information technology, cybersecurity, or information assurance experience*, including two years at the supervisory level.
*Substitutions:
A bachelor's or higher-level degree in any field including or supplemented by 15 semester credit hours in computer science or related field substitutes for three years of required experience; any bachelor’s substitutes for two years of required experience.
An associate degree with 15 semester credit hours in computer science or related field may substitute for one year of required experience. Candidates in a bachelor’s degree program with at least 15 semester credit hours in computer science or related field may substitute such credits for one year of required experience.
A master’s degree or higher in computer science or related field substitutes for one year of required experience.
Additional Comments ITS will not offer permanent employment to any candidate unless the candidate provides documentation that they are authorized to accept work in the United States on a permanent basis. It is the policy of ITS not to hire F1 or H1 visa holders for permanent employment or to sponsor non-immigrant aliens for temporary work authorization visas or for permanent residence.
Some positions may require fingerprinting.
Some positions may require up to 25% travel and/or lifting up to 50 lbs. Some positions are pending Civil Service approval. Details of position(s) will be described further if you are selected for an interview.
If eligible, positions located in New York City will receive an additional $3,400 downstate adjustment location pay with regular annual salary. Positions located in the Mid-Hudson will receive an additional $1,650 adjustment location pay.
to permanent non-competitive and the official probationary period will begin.
Benefits of Working for NYS Generous benefits package, worth 65% of salary, including:
Holiday & Paid Time Off
• Thirteen (13) paid holidays annually
• Up to Thirteen (13) days of paid vacation leave annually
• Up to Five (5) days of paid personal leave annually
• Up to Thirteen (13) days of paid sick leave annually for PEF.
• Up to three (3) days of professional leave annually to participate in professional development
Health Care Benefits
• Eligible employees and dependents can pick from a variety of affordable health insurance programs
• Family dental and vision benefits at no additional cost
Additional Benefits
• New York State Employees’ Retirement System (ERS) Membership
• NYS Deferred Compensation
• Access to NY 529 and NY ABLE College Savings Programs, as well as U.S. Savings Bonds
• Public Service Loan Forgiveness (PSLF)
• And many more.
The Office of Information Technology Services is an equal opportunity employer, and we recognize that diversity in our workforce is critical to fulfilling our mission. We encourage all individuals with disabilities to apply.
Some positions may require additional credentials or a background check to verify your identity.
Email Address PostingResponses@its.ny.gov
Address
Swan Street Building, Core 4, Floor 1
Notes on ApplyingTo apply for this position, please submit a cover letter and resume clearly indicating how you qualify. Ensure that you include the vacancy ID in the subject of your email for prompt routing. Your Social Security number may be required to confirm eligibility.