Please note: State agencies that contact job applicants do not usually request personal or financial information via text message or over the phone in connection with your response to a job posting. If you are contacted for such information by these methods, or any other method, please verify the identity of the individual before transmitting such information to that person.
Note: For questions about the job posting, please contact the agency that posted this position by using the contact information provided on the "Contact" tab for the position.

Review Vacancy

Date Posted 08/16/17

Applications Due08/27/17

Vacancy ID43078

NY HELPNo

AgencyInformation Technology Services, Office of

TitleProject Assistant, NS (Equated to SG-23), Ref. #18438

Occupational CategoryI.T. Engineering, Sciences

Salary GradeNS

Bargaining UnitPS&T - Professional, Scientific, and Technical (PEF)

Salary RangeFrom $0 to $90876 Annually

Employment Type Full-Time

Appointment Type Temporary

Jurisdictional Class Competitive Class

Travel Percentage 0%

Workweek Mon-Fri

Hours Per Week 37.5

Workday

From 9 AM

To 5 PM

Flextime allowed? No

Mandatory overtime? No

Compressed workweek allowed? No

Telecommuting allowed? No

County Albany

Street Address AESOB 80 South Swan Street, Floor 7

City Albany

StateNY

Zip Code12210

Minimum Qualifications Five or more years of experience in Information Security. This experience must include:
• Creating cyber security standards, guidelines and associated procedures.
• Assessing systems and documentation for the complete implementation of necessary security controls through a secure system development life cycle.
• Experience in remediating Cyber Security Risk based on the NIST Special Publication 800-53r4 security framework, which has been adopted by New York State as the minimal best practices for Information Security.

The following degrees, preferably in Information Security, Computer Science, or related field, may substitute for the general experience as indicated:
• Associate’s degree and four years of experience
• Associate’s degree including 15 semester credit hours in computer science or related field and three years of experience
• Bachelor’s degree and three years of experience
• Bachelor’s degree including 15 semester credit hours in computer science or related field and two years of experience
• Master’s degree in computer science or related field substitutes for an additional year of experience
• Doctorate in computer science or related field substitutes for an additional two years of experience

Preferred Qualifications:
• One or more of the following certifications
o (ISC)² Certified Information Systems Security Professional (CISSP)
o Microsoft Certified System Administrator (MCSA)
o Microsoft Certified Desktop Support Technician (MCDST)
• Work well independently as well as part of a team within a fast-paced environment to analyze, design, and deliver rapid solutions
• Communicate effectively with both technical and non-technical individuals to effectively describe and develop user requirements and technical capabilities for stakeholders and developers

Duties Description Under the direction of a Manager Information Technology Services 2, SG29 within the Public Safety Cluster (PSC) Information Security Office (ISO), located in Albany, the Project Assistant will function as the lead Cluster subject matter expert for tracking and facilitation of all PSC Risk Remediation projects, as well as the lead for secure system development lifecycle (SSDLC) activities.
Duties include, but are not limited to, the following:
• Track and facilitate all PSC Risk Remediation projects, which currently include
o Windows Server 2003 end of life remediation
o Application Risk Assessment remediation
o Secure Coding Assessment remediation
o PSC audit of DCJS findings remediation
o Deloitte CJS compliance assessment remediation
• Serve as a subject matter expert regarding all vulnerabilities, risks, and compliance gaps related to PSC Risk Remediation efforts.
o Analyze and prioritize each issue, and provide guidance on how the issues can be successfully eliminated, either directly or through appropriate compensating controls.
• Track and report on risk remediation activities.
o Record in ITSM and SharePoint the status of reducing the risks faced by PSC systems and applications, and generate and distribute regular progress reports to PSC Executive Management, ITS Enterprise Information Security Office, and Agency Risk Officers.
o Analyze the progress made and identify any issues or roadblocks to further progress on a per item basis.
• Guide PSC Agencies with improving their maturity on the National Cyber Security Review (NCSR), used to gauge the effectiveness and completeness of a security control.
o Meet with PSC Agencies and develop a program to raise their maturity level in areas that are lacking, providing additional staff training, and documenting and implementing new procedures.
• Lead PSC secure system development lifecycle activities for new projects
o Serve as a lead ISO resource engaged with multiple PSC projects to maintain compliance with SSDLC requirements.
o Ensure system/application security plans are complete, accurate, and approved by Agency Risk Coordinators.

Additional Comments Some positions require fingerprinting.

Some positions may require additional credentials or a background check to verify your identity.

Name Amy Sacco

Telephone 518-473-0398

Fax 518-402-4924

Email Address HR.Recruitment@its.ny.gov

Address

Street NYS Office of IT Services

Empire State Plaza, PO Box 2062

City Albany

State NY

Zip Code 12220

 

Notes on ApplyingPlease submit a clear, concise cover letter and resume indicating that you are applying for Project Assistant, Ref. #18438 and describing how you meet the minimum qualifications no later than August 27, 2017.

Printable Version