Manager Information Technology Services 1 (Information Security) Ref #18787/18789R

Bachelor’s degree* and five years of information technology experience, including three years of information security or information assurance experience.

• Appropriate information security or information assurance experience may substitute for the bachelor’s degree on a year-for-year basis; an associate’s degree requires an additional two years of information technology, information security, or information assurance experience. Experience solely in information security or information assurance may substitute for the general information technology experience.

Preferred Qualifications

o Bachelor’s Degree with a concentration or major in Information Security, Cyber Security, Digital Forensics, Information Assurance, or a related field
o Applicable Information Security certificate(s), including but not limited to:
o Certificate in Computer Network Defense (e.g., GCIA, GCED, GDAT, GPPA, GCDA, GMON, GWEB, CND, ECIH, GCIH)
o Certificate in Cyber Threat Intelligence (e.g., CTIA, GCTI, CCIP, CSTIR)
o Certificate in Digital Forensics (e.g., ACE, GCFA, GCFE, GREM, GNFA)
o Certificate in Penetration Testing (e.g., GPEN, CEH, GAWN, GWAPT, LPT)
o 4 years’ experience in technical writing
o 3 years’ experience in the following areas:
o penetration testing and applying offensive security techniques.
o computer programming and web application development.
o developing scripts and code to exploit weakness in computer systems.
o IT systems administration.
o support and management of computer networks, intrusion detection systems, routers, firewalls, operating systems.
o conducting web application and network vulnerability assessments.
o applying and implementing network and/or system security.
o information security incident response.
o cyber digital forensics.
o log analysis (e.g., firewall logs, DNS logs, proxy logs, IPS/IDS logs)
o using SIEM technologies to support in-depth investigations
o using computer security investigation tools (e.g. FTK).
o 2 years’ experience leading a technical team in related work
Working knowledge of:
o government security and privacy mandates/regulatory compliance (e.g., HIPAA, PCI, IRS Pub 1075, CJIS)
o Information Security (CIA triad, Information Classification, Risk Management, Incident Response, Vulnerability Management, Security Architecture & Engineering)
o Information Security Frameworks (NIST Cyber Security Framework, CIS Controls, ISO 2700 series)
o Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding
o Demonstrated critical thinking, problem solving and analytical skills

Under the direction of senior team members within the Chief Information Security Office/Integrated Security Services/Information Security Engineering section, the position will lead a team that provides security services to areas within ITS. The incumbent will lead their team in providing in-depth and highly technical information security consulting and services focused on the enterprise services ITS provides to ensure confidentiality, integrity, and availability of these systems.

The position requires an incumbent to act with a great deal of independence in alignment with agency and upper-level management strategic direction. The position requires communicating orally and in writing with various individuals including management, users, vendors, and other IT staff. The incumbent must be able to communicate clearly with subordinate staff regarding work priorities and performance. The incumbent will have to work with ITS teams and upper-level agency management to resolve technically complex and politically sensitive issues under pressure.

The position requires availability during off-shift hours to ensure appropriate response to security incidents or other critical activities that may impact sensitive information, critical systems, NYS agencies, or ITS.

Specific duties include, but are not limited to:

• Leading detailed technical security reviews of systems and architecture.
• Reviewing risks in new and existing system designs and architecture and presenting information about these risks to other units in CISO.
• Participating in workgroups to develop solutions and standards for IT systems.
• Providing recommendations for secure/hardened configurations of servers, platforms, networks, and other IT systems.
• Managing and resolving security threats to agency information systems.
• Serving as information security expert and evaluating systems and contracts for alignment with agency and State information security policies; and assist with development and maintenance of these policies.
• Managing staff and resources dedicated to the team.
• Monitoring and maintaining awareness of information security industry trends, tools and techniques.
• In addition:

o Maintaining an adequate level of current knowledge and proficiency in information security through annual Continuing Professional Education (CPE) credits directly related to information security;
o Assisting CISO management with overall management of division activities as needed;
o Performing additional duties as required.