Review Vacancy
AgencyInformation Technology Services, Office of
TitleManager Information Technology Services 1 Infomation Security - 10688
Occupational CategoryI.T. Engineering, Sciences
Bargaining UnitPS&T - Professional, Scientific, and Technical (PEF)
Salary RangeFrom $106898 to $131665 Annually
Appointment Type Contingent Permanent
Duties Description This position is being recruited and may be filled in Latham, NYC, or Rochester. Under the direction of the Internal Controls Officer/Director of Cyber Risk Management within the Chief Information Security Office (CISO), the incumbent will provide leadership and management oversight to a team of analysts in the Internal Controls function of the bureau. The position requires the incumbent to be thoughtful and act purposefully with a great deal of independence, ensuring that desired outcomes are in alignment with the agency and senior management’s strategic direction. The individual will demonstrate an outstanding knowledge of operational risk and control frameworks alongside solid experience in implementing and assessing the design and efficacy of such controls and practices within complex and matrixed organizational structures. The ability to articulate thoughts and ideas with clarity orally and in writing, to stakeholders and the team, is paramount for being successful. Strong organizational and interpersonal skills coupled with high levels of emotional intelligence will enable the incumbent to perform effectively and to successfully empower CISO teams and executive leadership to resolve technically complex and politically sensitive issues within the agency and across client agencies to ensure the safety and wellbeing of New Yorkers.
Key Duties and Deliverables include, but are not limited to:
• Provide leadership, vision, guidance, and mentoring to the Internal Controls team
• Synthesize the latest operational risk controls frameworks including COSO, NIST, ISO to design best-in-class guidance for ITS’ key and significant functions
• Review and enhance the current risk and control framework and implementation process
• Facilitate meetings with ITS management, function heads and other personnel to develop the annual Internal Control Testing Plan and monitor successful and timely completion
• Collaborate with the CPIM team to design, build and automate the internal control workflow processes
• Develop a game plan to execute the integration of appropriate modifications and enhancements to the internal controls framework and processes, for addressing AI, cyber, and emerging operational risks
• Develop and deliver training materials that articulate the implementation of industry best practices for controls and mitigants that are resistant/resilient to the potential threats and vulnerabilities faced by ITS’ key functions
• Oversee and provide guidance as needed, to function owners, with the creation of business processes and supporting flowcharts
• In conjunction with team members, supervise the testing of ITS controls, provide guidance on responses (as needed), and recommend business process improvements or appropriate compensating controls.
• Review State and Federal legislative changes that may impact ITS policy and procedures related to internal controls.
• Provide comments/suggestions and assist with updating program policies and procedures to enhance internal controls and continue to adhere to the Internal Controls Act of 1987
• Collaborate and partner with Internal Audit to ensure that the internal controls program is designed and operating effectively
• Develop and implement innovative solutions to respond to internal and external audit recommendations
• Collaborate with ITS management on development of management action plans when responding to internal and external audit recommendations
• Monitor and report on management’s corrective action plans to strengthen/enhance controls, and track it through implementation and closure
• Design, develop and deliver dashboards/reports to provide senior management with periodic key performance (KPIs) and control (KCIs) metrics
• Develop and maintain standard operating procedures (SOPs) to support function and its program
• Perform the full range of supervisory responsibilities
• Serve as the deputy to the Director of CRM
• Perform additional duties as required
Minimum Qualifications Manager Information Technology Services 1 (Information Security)
Non-competitive: Seven years of information technology, cybersecurity, or information assurance experience*, including one year at the supervisory level.
*Substitutions:
A bachelor's or higher-level degree in any field including or supplemented by 15 semester credit hours in computer science or related field substitutes for three years of required experience; any bachelor’s substitutes for two years of required experience.
An associate degree with 15 semester credit hours in computer science or related field may substitute for one year of required experience. Candidates in a bachelor’s degree program with at least 15 semester credit hours in computer science or related field may substitute such credits for one year of required experience.
A master’s degree or higher in computer science or related field substitutes for one year of required experience.
Additional Comments ITS will not offer permanent employment to any candidate unless the candidate provides documentation that they are authorized to accept work in the United States on a permanent basis. It is the policy of ITS not to hire F1 or H1 visa holders for permanent employment or to sponsor non-immigrant aliens for temporary work authorization visas or for permanent residence.
Some positions may require fingerprinting.
Some positions may require up to 25% travel and/or lifting up to 50 lbs. Some positions are pending Civil Service approval. Details of position(s) will be described further if you are selected for an interview.
If eligible, positions located in New York City will receive an additional $3,400 downstate adjustment location pay with regular annual salary. Positions located in the Mid-Hudson will receive an additional $1,650 adjustment location pay.
to permanent non-competitive and the official probationary period will begin.
Benefits of Working for NYS Generous benefits package, worth 65% of salary, including:
Holiday & Paid Time Off
• Thirteen (13) paid holidays annually
• Up to Thirteen (13) days of paid vacation leave annually
• Up to Five (5) days of paid personal leave annually
• Up to Thirteen (13) days of paid sick leave annually for PEF.
• Up to three (3) days of professional leave annually to participate in professional development
Health Care Benefits
• Eligible employees and dependents can pick from a variety of affordable health insurance programs
• Family dental and vision benefits at no additional cost
Additional Benefits
• New York State Employees’ Retirement System (ERS) Membership
• NYS Deferred Compensation
• Access to NY 529 and NY ABLE College Savings Programs, as well as U.S. Savings Bonds
• Public Service Loan Forgiveness (PSLF)
• And many more.
The Office of Information Technology Services is an equal opportunity employer, and we recognize that diversity in our workforce is critical to fulfilling our mission. We encourage all individuals with disabilities to apply.
Some positions may require additional credentials or a background check to verify your identity.
Email Address PostingResponses@its.ny.gov
Address
Swan Street Building, Core 4, Floor 1
Notes on ApplyingTo apply for this position, please submit a cover letter and resume clearly indicating how you qualify. Ensure that you include the vacancy ID in the subject of your email for prompt routing. Your Social Security number may be required to confirm eligibility.