Position Information

NY HELPNo

AgencyInformation Technology Services, Office of

TitleInformation Technology Specialist 3 (Information Security), 10607

Occupational CategoryI.T. Engineering, Sciences

Salary Grade23

Bargaining UnitPS&T - Professional, Scientific, and Technical (PEF)

Salary RangeFrom $86681 to $109650 Annually

Employment Type Full-Time

Appointment Type Contingent Permanent

Jurisdictional Class Non-competitive Class

Travel Percentage 0%

Schedule

Workweek Mon-Fri

Hours Per Week 37.5

Workday

From 8 AM

To 5 PM

Flextime allowed? No

Mandatory overtime? Yes

Compressed workweek allowed? No

Telecommuting allowed? Yes

Location

County Albany

Street Address 50 Wolf Road, Floor 2

City Albany

StateNY

Zip Code12232

Job Specifics

Duties Description The New York State Office of Information Technology Services (ITS) provides operational support 24 hours a day, 7 days a week, 365 days of the year, supporting more than 4,900 applications for 53 New York State Agencies.

Reporting to the Manager Information Technology Services 2, SG-29 within Dedicated Support, Department of Transportation, Transportation System Management and Operations (TSMO) unit, the Information Technology Specialist 3 (Information Security), SG-23 will be instrumental in protecting information technology (IT) and operational technology (OT) environments from cyber threats. The position will utilize security tools and technologies, analyze security events, respond to incidents, and contribute to the overall security posture of both IT and OT systems. This includes securing Intelligent Transportation Systems (ITS), ensuring transportation safety, and protecting critical infrastructure.

Duties include, but are not limited to the following:

• Security Monitoring & Analysis:
o Monitor security alerts and logs from various IT and OT systems (e.g., SIEM, IDS/IPS, firewalls, endpoint detection and response (EDR) solutions, SCADA/ICS security tools).
o Analyze security events to identify potential threats, vulnerabilities, and policy violations.
o Investigate security incidents, determine scope and impact, and recommend appropriate remediation actions.
o Perform threat hunting activities to proactively identify and mitigate emerging threats.
• Incident Response:
o Participate in the incident response process, including containment, eradication, and recovery efforts for IT and OT incidents.
o Document incident details, actions taken, and lessons learned.
o Assist in developing and refining incident response playbooks and procedures.
• Vulnerability Management:
o Assist in the identification, assessment, and prioritization of vulnerabilities within IT and OT environments.
o Coordinate with IT and OT teams to ensure timely remediation of identified vulnerabilities.
o Support regular vulnerability scanning and penetration testing activities.
• Security Tool Management:
o Assist in the deployment, configuration, and maintenance of security tools and technologies.
o Provide input for the optimization and tuning of security solutions.
• IT/OT Security Collaboration:
o Work closely with IT and OT engineers, operators, and stakeholders to understand system architectures and security requirements.
o Translate security risks and requirements between IT and OT domains.
o Contribute to security awareness training and best practices for both IT and OT personnel.
• Reporting & Documentation:
o Generate regular security reports on key metrics, incidents, and trends.
o Maintain accurate and up-to-date security documentation.
• Compliance & Policy:
o Assist in ensuring compliance with relevant industry regulations and internal security policies.
• Perform additional duties as required.

Minimum Qualifications Non-competitive: Five years of information technology, cybersecurity, or information
assurance experience*.

* EDUCATION/EXPERIENCE SUBSTITUTIONS
• A bachelor's or higher-level degree in any field including or supplemented by 15
semester credit hours in computer science or related field substitutes for three years of required experience; any bachelor’s substitutes for two years of required experience.
• An associate degree with 15 semester credit hours in computer science or related field may substitute for one year of required experience. Candidates in a bachelor’s degree program with at least 15 semester credit hours in computer science or related field may substitute such credits for one year of required experience.
• A master’s degree or higher in computer science or related field substitutes for one year of required experience.

PREFERRED QUALIFICATIONS

• Experience:
o Bachelor's degree in Computer Science, Information Technology, Cybersecurity, Engineering, or a related field.
o 3+ years of experience in a cybersecurity role, with a focus on security operations, incident response, or threat analysis.
o Demonstrated experience in securing Information Technology (IT) environments.
o Demonstrated experience or a strong understanding of securing Operational Technology (OT) environments. This could include experience with OT network protocols, security challenges specific to OT, and relevant security technologies.
• Technical Skills:
o Proficiency with Security Information and Event Management (SIEM) tools (e.g., Splunk, QRadar, LogRhythm).
o Experience with Intrusion Detection/Prevention Systems (IDS/IPS) and firewalls.
o Familiarity with Endpoint Detection and Response (EDR) solutions.
o Understanding of network security principles, protocols (TCP/IP, DNS, HTTP/S), and common attack vectors.
o Knowledge of common IT security frameworks (e.g., NIST Cybersecurity Framework, ISO 27001).
o Familiarity with OT security concepts, standards (e.g., IEC 62443), and challenges.
o Experience with vulnerability scanning tools.
o Basic understanding of scripting languages (e.g., Python, PowerShell) is a plus.
• Soft Skills:
o Strong analytical and problem-solving skills.
o Excellent communication and interpersonal skills, with the ability to explain technical concepts to both technical and non-technical audiences.
o Ability to work independently and as part of a team.
o Strong attention to detail and organizational skills.
o Ability to prioritize and manage multiple tasks effectively.

*Please Note:
• Appointment to this position and continued employment with the agency is contingent upon obtaining and/or maintaining New York State residency within six months of hiring.
• Appointment to this position is not final until all agency approvals have been granted.

Additional Comments ITS will not offer permanent employment to any candidate unless the candidate provides documentation that they are authorized to accept work in the United States on a permanent basis. It is the policy of ITS not to hire F1 or H1 visa holders for permanent employment or to sponsor non-immigrant aliens for temporary work authorization visas or for permanent residence.

Fingerprinting and background check are required for employment with ITS.

Salary Commensurate with experience
Benefits of Working for NYS
Generous benefits package, worth 65% of salary, including:

Holiday & Paid Time Off
• Thirteen (13) paid holidays annually
• Up to Thirteen (13) days of paid vacation leave annually
• Up to Five (5) days of paid personal leave annually
• Up to Eight (8) days of paid sick leave annually
• Up to three (3) days of professional leave annually to participate in professional development

Health Care Benefits
• Eligible employees and dependents can pick from a variety of affordable health insurance programs
• Family dental and vision benefits at no additional cost

Additional Benefits
• New York State Employees’ Retirement System (ERS) Membership
• NYS Deferred Compensation
• Access to NY 529 and NY ABLE College Savings Programs, as well as U.S. Savings Bonds
• Public Service Loan Forgiveness (PSLF)
• And many more

The Office of Information Technology Services is an equal opportunity employer, and we recognize that diversity in our workforce is critical to fulfilling our mission. We encourage all individuals with disabilities to apply.

This position may require critical services to be performed outside of normal work schedule.

Some positions may require additional credentials or a background check to verify your identity.

How to Apply

Name Michael Penticuff

Telephone 518-473-0398

Fax 518-402-4924

Email Address PostingResponses@its.ny.gov

Address

Street Empire State Plaza

Swan Street Building, Core 4, Floor 1

City Albany

State NY

Zip Code 12220

 

Notes on ApplyingTo apply, please submit a cover letter and resume. Please indicate that you are applying for the Information Technology Specialist 3 (Information Security), 10607 position and include the Vacancy ID number in the subject of your email.

Your Social Security Number may be required to confirm your eligibility.