Please note: State agencies that contact job applicants do not usually request personal or financial information via text message or over the phone in connection with your response to a job posting. If you are contacted for such information by these methods, or any other method, please verify the identity of the individual before transmitting such information to that person.

Review Vacancy

Date Posted 06/19/15

Applications Due07/23/15

Vacancy ID21848

AgencyAttorney General, Office of the

TitleChief Information Security Officer 1

Occupational CategoryI.T. Engineering, Sciences

Salary Grade662

Bargaining UnitM/C - Management / Confidential (Unrepresented)

Salary RangeFrom $77208 to $97593 Annually

Employment Type Full-Time

Appointment Type Permanent

Jurisdictional Class Non-competitive Class

Travel Percentage 10%

Workweek Mon-Fri

Hours Per Week 37.5

Workday

From 8:30 AM

To 5 PM

Flextime allowed? No

Mandatory overtime? No

Compressed workweek allowed? No

Telecommuting allowed? No

County Rensselaer

Street Address 200 Broadway

City Troy

StateNY

Zip Code12180

Minimum Qualifications This title is non-competitive. No examination is necessary. However, you must still meet the following Minimum Qualifications of the position.

Bachelor's degree* and five years of information technology experience, including three years of information security or information assurance experience.

*Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year- for-year basis; an associate's degree requires an additional two years of information technology, information security, or information assurance experience. Experience solely in information security or information assurance may substitute for the general information technology experience.

Duties Description This position reports directly to the Chief Information Officer (CIO). Under the general direction of the CIO, the Chief Information Security Officer 1 will provide leadership and technical expertise to ensure the integrity, confidentiality, and availability of OAG information technology assets. The incumbent will have a senior advisory role in decisions affecting information security and assurance. The incumbent will coordinate security efforts to ensure that all OAG networking, SAN, Virtualization, VoIP, Microsoft Windows Server and Server Applications (Exchange, SQL and Share Point), Litigation Holds and Oracle databases adhere to best practices associated with the documenting, managing and securing of these systems. The incumbent will recommend and approve security policies, standards, and processes and facilitate compliance with those policies, standards and processes. The incumbent will oversee alleged information security violations and follow agency and State procedures for referring the investigation. Our current working environment includes Microsoft Active Directory; Microsoft Window Servers; Microsoft Exchange Servers and Oracle Databases.

JOB RESPONSIBILITIES:

Works directly with IT Management in support of the following responsibilities:

• Review, update, and create security policies and procedures. Assist in the evaluation of emerging technologies and their potential security impact. Ensure policies and procedures on the OAG Intranet are current;
• Develop and implement the agency’s information security risk management program;
• Evaluate any security threats to the agency. Directs the investigation of alleged information security violations following agency procedures. Develops and implements information security incident response plans. Schedule regular internal intrusion testing as well as assist in the review and evaluation of various security audit logs;
• Provide security guidance for all IT projects; Reviews new projects for security risks;
• Represent the agency at internal and external security meetings;
• Research laws and regulations that could affect the security controls and classifications. Monitor various state, federal, and industry security resources for emerging threats, evaluate their impact to OAG, and make appropriate countermeasure strategy recommendations to management. Confirm OAG compliance with applicable federal and state mandated laws, rules and regulations regarding information security;
• Monitor information security compliance and recommends improvements. Recommend and approve security education and awareness programs. Implement security training to technical staff and the user community where applicable, promoting employee education and awareness. Automate system reporting and proactive alerting for actionable situations; Optimize system monitoring, maintenance and reporting as related to security;
• Actively participate in IT Change Control meetings ensuring OAG policies and information security is maintained and assist with the evaluation of emerging technologies;
• Develop, deploy and manage an information security framework utilizing industry best practices. Establish a view of the entire security landscape, identifying potential security gaps and prioritizing initiatives for improvement. Maintains guidelines for development of secure application code;
• Supervise staff and assign work, write performance and probationary evaluations, conduct interviews and hire staff as needed;
• Vendor management as needed. Reviews contracts, service level agreements and other documents to verify they meet information security needs and requirements;
• Excellent interpersonal, written and verbal communications. Excellent analytical and problem solving skills;
• Experience communicating security concepts to all levels of the organization.


Additional Comments PREFERRED QUALIFICATIONS:
A current certification as an Information Security Officer from a recognized ISO certification organization.

Technology certification(s) ideal for this position:

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA)

Some positions may require additional credentials or a background check to verify your identity.

Name William Harrison

Telephone (518) 474-7808

Fax (518) 474-3578

Email Address william.harrison@ag.ny.gov

Address

Street Human Resources Managment - NYS OAG

The Capitol

City Albany

State NY

Zip Code 12224

 

Notes on ApplyingPreferred method of applying is via email to william.harrison@ag.ny.gov. Please include vacancy ID #21848 in the subject line of your email. Please attach a current resume detailing how you meet the stated minimum qualifications.

Printable Version