Position Information

NY HELPNo

AgencyInformation Technology Services, Office of

TitleInformation Technology Specialist 4 Information Security - 10225

Occupational CategoryI.T. Engineering, Sciences

Salary Grade25

Bargaining UnitPS&T - Professional, Scientific, and Technical (PEF)

Salary RangeFrom $96336 to $121413 Annually

Employment Type Full-Time

Appointment Type Contingent Permanent

Jurisdictional Class Non-competitive Class

Travel Percentage 0%

Schedule

Workweek Mon-Fri

Hours Per Week 37.5

Workday

From 8 AM

To 5 PM

Flextime allowed? No

Mandatory overtime? No

Compressed workweek allowed? No

Telecommuting allowed? Yes

Location

County Albany

Street Address 31 British American Blvd

City Latham

StateNY

Zip Code12110

Job Specifics

Duties Description Under the direction of a Manager Information Technology Services 1, SG27, within the Dedicated Support team, Office of Mental Health and Office of Addiction Services and Supports Portfolio, the Information Technology Specialist 4 will be responsible for supports such as internal audit, risk management, vulnerability management, compliance, and external audit. Specific duties include but are not limited to:
• Activities include assisting with security incident response coordination for OMH and ITS, developing and maintaining incident reports and metrics, and serving as subject matter experts during preparatory activities (e.g. tabletop exercises) and lessons learned following incidents.
• Activities include meeting and communicating with OMH and ITS teams (including CISO) to discuss relevant security concerns and initiatives. Informal advice or consultation is provided to OMH, prioritized as part of workload, during daily operations. Client Engagement includes bi-directional communications with OMH Executives, Special Counsel, IT executives and teams, and the CISO.
• Support of external audit requirements from either state, federal, or other regulatory bodies. This may include developing or reviewing audit responses, participating in on-site reviews, overseeing remediation action plans, and other activities as required.
• Provide security design guidance and recommendations to address potential risks to enterprise information systems and services. Activities may include security reviews, risk assessments, and advice or consultation services for the secure development of new or existing information systems.
• Provide SSDLC support, to both OMH and ITS for project and non-project engagements. This may range in scope depending on the level of involvement (e.g. a formal security review, advice/consultation with formal output, active participation in long-term improvement of system security controls, etc.) and the potential security impact of any proposed changes. Support requests based on the priority of an engagement to ensure that critical projects and initiatives are supported.
• Support OMH through advice and consultation related to compliance with regulatory requirements. This may include conducting compliance assessments of applications or systems to validate that adequate security controls are in place.
• Serve as a subject matter expert on security requirements as part of OMH or ITS procurement. This may include providing advice or consultation on technical elements included in an RFP/RFI/RFQ, developing security-related criteria for scoring, or scoring security sections of an RFP/RFI/RFQ.
• Support SSDLC scanning through the use of system environment and dynamic web application scanning tools and services.
• As part of these activities, reports will be generated and shared with relevant stakeholders. Serve as subject matter experts or facilitators for identified security concerns to help prioritize remediation.
• Advising and consulting OMH and ITS staff regarding current or potential risks that may affect OMH applications and infrastructure. Maintain risk registers for OMH and ITS teams to ensure that identified risks are cataloged and prioritized based on OMH needs.
• Advise and consult with OMH and ITS staff regarding current or potential vulnerabilities and threats that may affect OMH applications and infrastructure. Track and facilitate the remediation or mitigation of identified vulnerabilities by engaging with appropriate OMH and ITS stakeholders.
• Support of audit requirements from ITS internal Audit in support of OMH. This may include developing or reviewing audit responses or potentially overseeing remediation action plans in coordination with other teams in OMH and ITS.
• Review and communicate changes to NYS cybersecurity policies and standards with ITS and OMH stakeholders. Ensure OMH comments and concerns are communicated back to ITS during Request for Comments (RFC) review periods. Advocate with CISO and other ITS stakeholders on behalf of OMH in the context of agency business needs those comments may represent. Work with OMH to review and develop agency-specific Standard Operating Procedures (SOPs) to comply with NYS policies and standards. Assist both ITS and OMH with the development and review of security policies and standards.
• Performs all supervisory responsibilities in accordance with NYS and ITS supervisory requirements.

Minimum Qualifications Non-competitive: six years of information technology, cybersecurity, or information assurance experience**, including one year at the supervisory level.

**Substitutions: A bachelor's or higher-level degree in any field including or supplemented by 15 semester credit hours in computer science or related field substitutes for three years of required experience; any bachelor’s substitutes for two years of required experience. An associate degree with 15 semester credit hours in computer science or related field may substitute for one year of required experience. Candidates in a bachelor’s degree program with at least 15 semester credit hours in computer science or related field may substitute such credits for one year of required experience. A master’s degree or higher in computer science or related field substitutes for one year of required experience.

Additional Comments ITS will not offer permanent employment to any candidate unless the candidate provides documentation that they are authorized to accept work in the United States on a permanent basis. It is the policy of ITS not to hire F1 or H1 visa holders for permanent employment or to sponsor non-immigrant aliens for temporary work authorization visas or for permanent residence.

Some positions may require fingerprinting.

Some positions may require up to 25% travel and/or lifting up to 50 lbs. Some positions are pending Civil Service approval. Details of position(s) will be described further if you are selected for an interview.

If eligible, positions located in New York City will receive an additional $3,400 downstate adjustment location pay with regular annual salary. Positions located in the Mid-Hudson will receive an additional $1,650 adjustment location pay.
to permanent non-competitive and the official probationary period will begin.

Benefits of Working for NYS Generous benefits package, worth 65% of salary, including:
Holiday & Paid Time Off
• Thirteen (13) paid holidays annually
• Up to Thirteen (13) days of paid vacation leave annually
• Up to Five (5) days of paid personal leave annually
• Up to Thirteen (13) days of paid sick leave annually for PEF.
• Up to three (3) days of professional leave annually to participate in professional development

Health Care Benefits
• Eligible employees and dependents can pick from a variety of affordable health insurance programs
• Family dental and vision benefits at no additional cost

Additional Benefits
• New York State Employees’ Retirement System (ERS) Membership
• NYS Deferred Compensation
• Access to NY 529 and NY ABLE College Savings Programs, as well as U.S. Savings Bonds
• Public Service Loan Forgiveness (PSLF)
• And many more.

The Office of Information Technology Services is an equal opportunity employer, and we recognize that diversity in our workforce is critical to fulfilling our mission. We encourage all individuals with disabilities to apply.

Some positions may require additional credentials or a background check to verify your identity.

How to Apply

Name ITS Human Resources

Telephone 518-473-0398

Fax 518-402-4924

Email Address PostingResponses@its.ny.gov

Address

Street Empire State Plaza

Swan Street Building, Core 4, Floor 1

City Albany

State NY

Zip Code 12220

 

Notes on ApplyingTo apply for this position, please submit a cover letter and resume clearly indicating how you qualify. Ensure that you include the vacancy ID in the subject of your email for prompt routing. Your Social Security number may be required to confirm eligibility.