NY HELP No Agency Homeland Security and Emergency Services, Division of Title Information Technology Specialist 4 (Information Security) Occupational Category Other Professional Careers Salary Grade 25 Bargaining Unit PS&T - Professional, Scientific, and Technical (PEF) Salary Range From $96336 to $121413 Annually Employment Type Full-Time Appointment Type Contingent Permanent Jurisdictional Class Non-competitive Class Travel Percentage 20% Workweek Mon-Fri Hours Per Week 37.5 Workday From 8 AM To 5 PM Flextime allowed? No Mandatory overtime? No Compressed workweek allowed? No Telecommuting allowed? Yes County Albany Street Address 1220 Washington Ave Building 7A City Albany State NY Zip Code 12226 Duties Description The incumbent of this position will report to the Cyber Incident Response Team within the Office of Counter Terrorism. Duties include but are not limited to the following: •Serve as a subject matter expert in cybersecurity incident response. •Provide cyber incident response support, including digital forensics and root cause analysis, for confirmed actionable incidents such as detected cyber-attacks, malware infections, or ransomware events. •Determine root cause(s) of a cyber incident and provide affected entities with actionable recommendations to contain, eradicate, and mitigate threats. •Respond to reported cyber incidents swiftly and ensure all incidents are documented accurately in the tracking system in a timely manner. •Escalate and brief leadership on cyber incidents, especially those that could have an impact to health, safety, and state operations. •Maintain clear and consistent communication with cyber partners across New York State throughout the incident response process. •Use incident data to identify specific vulnerabilities and provide recommendations to help strengthen the affected entities security posture and prevent future threats. •Continuously develop, review, and update digital forensics and incident response policies, procedures, and user guides to support program growth and improvement. •Manage the digital forensics and incident response lab functions, including managing tools, resources, and workflows to stay current and prepared. •Effectively communicate cybersecurity details and technical analysis to audiences within an organization to ensure appropriate actions are taken by decision-makers. •Communicate cyber threats and vulnerabilities clearly and concisely, both verbally and in writing, to state and local officials, ensuring they are informed and able to take appropriate action. •Maintain up-to-date technical knowledge of cybersecurity issues and emerging trends to stay ahead of potential risks and support proactive security development. •Assist in developing and distributing actionable strategic, technical, and tactical cyber information and intelligence to non-executive agencies, local governments, and public authorities through weekly, monthly, or ad hoc reports, briefings, and presentations. •Support cybersecurity meetings, presentations, seminars, etc., to foster information-sharing and raise awareness across relevant stakeholders. •Support training exercises targeting non-executive agencies, local governments, and public authorities focusing on cybersecurity best practices. •Support the adjacent DHSES CIRT cyber programs and ad-hoc initiatives. •Occasional travel may be required (no more than 20%), including evening and weekends, depending on mission and assignment. ·Possession and maintenance of a valid Driver's License issued by the Department of Motor Vehicle is required or otherwise demonstrate the capacity to meet the transportation needs of the position. Minimum Qualifications NON-COMPETITIVEBachelor's degree* with at least 15 credit hours in cyber security, information assurance, or information technology; and three years of information technology experience including two years of information security or information assurance experience**. *Substitution: bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year-for-year basis; an associate degree requires an additional two years of general information technology experience. **Experience solely in information security or information assurance may substitute for the general information technology experience.Desired Certifications:•SANS GIAC Certified Incident Hander (GCIH), Global Certified Forensic Analyst (GCFA), Global Certified Forensic Examiner (GCFE), GIAC Cloud Forensics Responder (GCFR), GIAC Enterprise Incident Response (GEIR), Global Network Forensic Analysis (GNFA), Global Information Assurance Penetration Tester (GPEN), GIAC Reverse Engineering Malware (GREM), GIAC Web Application Penetration Tester (GWAPT). Additional Comments NOTE: Support of operations during times of emergency and disaster from State Emergency Operations Center (EOC), state field offices and/or local deployments may be required, which would result in a change and/or increase in working hours, locations and/or duties.NOTE ON TELECOMMUTING: Employees are required to apply and obtain approval through management to telecommute according to the agency’s Telecommuting Program Guidelines. Some positions may require additional credentials or a background check to verify your identity. Name Human Resources/SB Telephone 518-486-5700 Fax 518-486-8432 Email Address HRresumes@dhses.ny.gov Address Street NYS Division of Homeland Security and Emergency Services, HRM 1220 Washington Ave., Building 7A City Albany State NY Zip Code 12226 Notes on Applying Please submit a resume and cover letter detailing how you meet the minimum qualifications. Indicate the Position Title & Vacancy ID 193635 in the subject line of your application email to HRresumes@dhses.ny.gov.