Review Vacancy
AgencyState Comptroller, Office of the
TitleInformation Technology Specialist 2
Occupational CategoryI.T. Engineering, Sciences
Bargaining UnitPS&T - Professional, Scientific, and Technical (PEF)
Salary RangeFrom $53339 to $67827 Annually
Minimum Qualifications Interested candidates must currently be an Information Technology Specialist 2 list, OR be eligible to transfer under Section 52.6 of the Civil Service Law.
52.6 Transfer:
Candidates must have one year of permanent, competitive service in a qualifying title allocated to salary grade 16 or higher.
Duties Description • Assist with proactive investigative activities to verify if any exposed vulnerabilities were taken advantage of by attackers.
• Perform analysis and provide guidance on: vulnerabilities disclosures, vulnerabilities reports, and internal assessments.
• Review the latest security alerts to be aware of new security threats.
• Monitor the threat landscape for changes impacting weaknesses, assess the risk to the agency, and work to address the risk with the appropriate technical groups.
• Review and perform analysis on vulnerability scanning results.
• Escalate priority security events per standard operating procedures.
• Track compliance issues and verify remediation efforts by the appropriate groups.
• Research products that need upgrading.
• Research new security techniques and methodologies.
• Provide security assistance to CIO units in evaluating security controls and provide secure solutions.
• Assist with security related questions.
• Assist with meetings on various security related topics (attending, organizing, taking notes, and assessing security control strength).
• Research security related items for all agency projects.
• Assist with gap analysis, determine which policies and standards are not being complied with, work with groups to address areas that need to be improved, etc.
• Assist with gap analysis, determine which security risks are not properly being addressed and communicate to the ISO any areas needing improvement.
• Provide support and content for the Security Awareness Program and the ISO Website as required
Additional Comments Knowledge, Skills and Abilities:
• College coursework in Security (5 to 9 credit hours)
• College coursework in Computer Networking (2 to 4 credit hours)
• College coursework in Operating Systems (2 to 4 credit hours)
• Demonstrated experience in assisting in risk vulnerability assessments. Ability to analyze, assess, and determine acceptable levels of risk in deploying new or modifying current security architecture, hardware, software, and security policies. (3 months to a year)
• Demonstrated experience in Windows NT/2000/XP operating systems (1 to 3 years)
• Demonstrated experience in Windows NT/2000/XP server operating systems (3 months to 1 year)
• Knowledge of security principals, including the areas of information security or information assurance.
• Knowledge in any of the following security areas: CIS Critical Security Controls, Security Policies, Vulnerability Assessment and Remediation, Malware Defenses, Security Monitoring, Incident Response, or Network Security.
• Knowledge of assessing risk
• Knowledge of different types of security vulnerabilities and attack methodologies.
Some positions may require additional credentials or a background check to verify your identity.
Email Address recruit@osc.state.ny.us
Address
Street Office of Human Resources
110 State Street
Notes on ApplyingInterested candidates should submit a cover letter and resume to recruit@osc.state.ny.us no later than October 04, 2016. Please reference Item # 414– GOER-MPM when responding.
When responding, please include the reference number and letters listed in this section. (The GOER VACANCY ID # should not be included).