NY HELP No Agency Information Technology Services, Office of Title Manager Information Technology Services 2 Information Security - 9279 Occupational Category I.T. Engineering, Sciences Salary Grade 29 Bargaining Unit PS&T - Professional, Scientific, and Technical (PEF) Salary Range From $118425 to $145039 Annually Employment Type Full-Time Appointment Type Contingent Permanent Jurisdictional Class Non-competitive Class Travel Percentage 0% Workweek Mon-Fri Hours Per Week 37.5 Workday From 8 AM To 5 PM Flextime allowed? No Mandatory overtime? No Compressed workweek allowed? No Telecommuting allowed? Yes County Albany Street Address 31 British American Blvd City Latham State NY Zip Code 12110 Duties Description ITS provides operational support to state agencies on a 24x7x365 basis; some positions may be required to provide this critical service at any time.These SG29 positions will serve as Senior Security Architects within the areas of Network, Identity and Access Management, Data Center and Shared Platforms, Applications and Development, Cloud, Artificial Intelligence, and Operational Technology. Team members serve as security leads within their area of expertise and also lead or support cross-functional security teams for larger efforts that require technical security expertise in multiple domains. Incumbents are expected to have a broad technical security background and be able to represent the SAE section outside of their area of expertise with the support of senior SAE and CISO staff.1. The SAE Network team includes security architects, engineers, and analysts with specialized knowledge in the areas of network architecture, network security, wireless networks and security, zero trust, and VoIP/telephony. 2. The SAE Identity and Access Management team includes security architects, engineers, and analysts with specialized knowledge in the area of identity platforms and architecture, identity platform security, authentication, access management, active directory, zero trust, and public key infrastructure. 3. The SAE Data Center and Shared Platforms team includes security architects, engineers, and analysts with specialized knowledge in the area of data center architecture and security, virtualization, storage, backup and recovery, servers, mobile & endpoint security, database security, and other enterprise shared platforms. 4. The SAE Applications and Development team within the SAE Section includes security architects, engineers, and analysts with specialized knowledge in the area of application architecture, application security, platform engineering, DevSecOps, and secure software development. 5. The SAE Cloud team includes security architects, engineers, and analysts with specialized knowledge in the area of cloud, multi-cloud, private cloud, and hybrid cloud architectures, virtualization, cloud security, cloud networking, cloud migration and integration, cloud storage, and other cloud services or cloud hosted solutions. 6. The SAE Artificial Intelligence team includes security architects, engineers, and analysts with specialized knowledge in the area of artificial intelligence architecture, AI platforms and services, AI security, machine learning, data analysis, and language models. 7. The SAE Operational Technology team within the SAE Section includes security architects, engineers, and analysts with specialized knowledge in the area of OT network architecture and security, industrial control system (ICS), Supervisory Control and Data Acquisition (SCADA), Internet of Things (IOT), network segmentation, physical security, and zero trust. Under the direction of the Deputy Director of Information Security Engineering within the Chief Information Security Office (CISO)/Information Security Engineering/Secure Architecture and Engineering section, the Manager Information Technology Services 2 (Information Security), SG-29 position will manage one or more Security Architecture teams that provides security services to one or more ITS groups, and other CISO teams. The incumbent will supervise subordinate staff and will act as a team member providing in-depth information security consulting and services aligned with business needs of the ITS and its client agencies to ensure confidentiality, integrity, and availability of information and systems. The position requires an incumbent to act with a great deal of independence in alignment with the Chief Technology Office (CTO) and upper-level CISO management strategic direction. The position requires technical expertise in a broad range of areas to permit working directly with technical teams throughout ITS. The position requires communicating orally and in writing with various individuals including management, users, vendors, and other IT staff. The incumbent will have to work with ITS teams and upper-level agency management to resolve technically complex and politically sensitive issues under pressure. The position requires availability during off-shift hours to ensure appropriate response to security incidents or other critical activities that may impact sensitive information, critical systems, NYS agencies, or ITS. Specific duties include, but are not limited to: • Serve as manager of a team responsible for regular meetings with CTO technical teams, to ensure that security is a consideration of the design and operation of CTO systems, in areas such as platforms, identity management, networking, AI, operational technology, and other shared services. • Lead discussions in meetings discussing technical solutions and options regarding new IT systems and proposed changes to IT systems, to ensure that information security issues are recognized and addressed at the design stages. • Manage technical security reviews of systems and architecture in their team’s specific area of expertise and assist as needed in supporting other teams. • Participate in workgroups to develop solutions and standards for IT systems. • Lead and participate in regular meetings with CTO technical teams, to ensure that security is a consideration of the design and operation of CTO systems, in areas such as platforms, identity management, networking, and other shared services. • Serve as an information security expert and evaluate systems and contracts for alignment with agency and State information security policies for systems developed by CTO. • Ensure that all communications, processes, and teams within Information Security Engineering are done in consideration of the operational concerns and workloads of peer teams throughout CISO and CTO, and that staff always maintain the collaborative attitude and open communications required to successfully carry out the mission of CISO and CTO. • Work with other SAE managers to manage the security review process for ITS shared services and applications and collaborate with CTO groups to provide software architectural guidance, training, and support. • Monitor and remain aware of information security industry trends, tools, and techniques. • Provide recommendations for secure/hardened configurations of servers, platforms, networks, and other IT systems. • Perform the full range of supervisory responsibilities. Minimum Qualifications Bachelor’s degree* with at least 15 credit hours in cyber security, information assurance or information technology and five years of information technology experience, including four years of information security or information assurance experience and three years at a supervisory level or one year at a managerial level.* Bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year-for-year basis; an associate's degree requires an additional two years of general information technology experience. Experience solely in information security or information assurance may substitute for the general information technology experience. Additional Comments Some positions may require fingerprinting. Some positions may require up to 25% travel and/or lifting up to 50 lbs. Some positions are pending Civil Service approval. Details of position(s) will be described further if you are selected for an interview. Positions located in New York City, will receive an additional $3,400 downstate adjustment location pay with regular annual salary. Positions located in the Mid-Hudson will receive an additional $1,650 adjustment location pay.We are recruiting for 7 positions within this role.Benefits of Working for NYS Generous benefits package, worth 65% of salary, including:Holiday & Paid Time Off• Thirteen (13) paid holidays annually• Up to Thirteen (13) days of paid vacation leave annually• Up to Five (5) days of paid personal leave annually• Up to Thirteen (13) days of paid sick leave annually for PEF.• Up to three (3) days of professional leave annually to participate in professional developmentHealth Care Benefits• Eligible employees and dependents can pick from a variety of affordable health insurance programs• Family dental and vision benefits at no additional costAdditional Benefits• New York State Employees’ Retirement System (ERS) Membership• NYS Deferred Compensation• Access to NY 529 and NY ABLE College Savings Programs, as well as U.S. Savings Bonds• Public Service Loan Forgiveness (PSLF)• And many more.The Office of Information Technology Services is an equal opportunity employer, and we recognize that diversity in our workforce is critical to fulfilling our mission. We encourage all individuals with disabilities to apply. Some positions may require additional credentials or a background check to verify your identity. Name ITS Human Resources Telephone 518-473-0398 Fax 518-402-4924 Email Address PostingResponses@its.ny.gov Address Street Empire State Plaza Swan Street Building, Core 4, Floor 1 City Albany State NY Zip Code 12220 Notes on Applying To apply for this position, please submit a cover letter and resume clearly indicating how you qualify. Ensure that you include the vacancy ID in the subject of your email for prompt routing. Your Social Security number may be required to confirm eligibility.