Information Technology Specialist 4 Information Security - 11198
NYS Office of Information Technology Services, Albany, NY, United States
Overview
Under the direction of senior team members within the Chief Information Security Office (CISO)/Cybersecurity Governance & Compliance (CGC)/Governance & Compliance (GC) Section, the incumbent will participate in the development and implementation of the Chief Information Security Office’s Policy Review Program. The Program supports the development and maintenance of statewide information security policies, standards, and guidelines to protect New York State information assets. The Governance & Compliance section also reviews policy exception requests, assesses requests for security information during internal and external audits, and collaborates with ITS and other State entities to ensure compliance with all State and Federal standards. The candidate will be the lead representative from CISO supporting internal and external audit assessments and will work to promote cybersecurity awareness and information security best practices.
The position requires communicating orally and in writing with management, users, vendors, and other IT staff. The position will be part of the CISO Incident Response program and may require availability during off-shift hours to ensure an appropriate response to security incidents or other critical activities that may impact sensitive information, critical systems, NYS agencies, or ITS.
Responsibilities
Collaborate on the development and maintenance of statewide information security policies, standards, processes, and procedures that meet current and future NYS business needs.
Lead the team in managing the influx of audit artifacts that must be assessed by CISO to determine appropriate redactions of sensitive data based on risk, policies, and confidentiality requirements, in compliance with the agency\'s audit response procedures.
Assist during internal and external audits by providing accurate and comprehensive documentation related to information security policies and standards and policy exceptions.
Act as a Policy and Audit SME within CISO, supporting other bureaus and sections to understand NYS policies and standards and respond to requests for audit artifact reviews.
Identify opportunities to streamline and improve the section’s policy review and audit support processes, tools, and documentation. Develop and update procedural documentation related to audit artifact review criteria.
Consult with State Entities regarding interpretation and assessments of requested audit artifacts.
Participate in the security exception review process for NYS Policy and Standard compliance.
Perform the full range of supervisory responsibilities.
Perform additional duties as required.
Qualifications
Minimum Qualifications
Information Technology Specialist 4 (Information Security)
Non-competitive: six years of information technology, cybersecurity, or information assurance experience, including one year at the supervisory level.
Substitutions: A bachelor’s or higher-level degree in any field including or supplemented by 15 semester credit hours in computer science or related field substitutes for three years of required experience; any bachelor’s substitutes for two years of required experience. An associate degree with 15 semester credit hours in computer science or related field may substitute for one year of required experience. Candidates in a bachelor’s degree program with at least 15 semester credit hours in computer science or related field may substitute such credits for one year of required experience. A master’s degree or higher in computer science or related field substitutes for one year of required experience.
Additional Information
Additional Comments
ITS will not offer permanent employment to any candidate unless the candidate provides documentation that they are authorized to accept work in the United States on a permanent basis. It is the policy of ITS not to hire F1 or H1 visa holders for permanent employment or to sponsor non-immigrant aliens for temporary work authorization visas or permanent residence. Some positions may require fingerprinting. Some positions may require up to 25% travel and/or lifting up to 50 lbs. Some positions are pending Civil Service approval. Details of position(s) will be described further if you are selected for an interview. If eligible, positions located in New York City will receive an additional $3,400 downstate adjustment location pay with regular annual salary. Positions located in the Mid-Hudson will receive an additional $1,650 adjustment location pay.
Benefits
Holiday & Paid Time Off: Thirteen (13) paid holidays annually; up to Thirteen (13) days of paid vacation leave annually; up to Five (5) days of paid personal leave annually; up to Thirteen (13) days of paid sick leave annually for PEF; up to three (3) days of professional leave annually for professional development.
Health Care Benefits: Eligible employees and dependents can pick from a variety of affordable health insurance programs; family dental and vision benefits at no additional cost.
Additional Benefits: New York State Employees’ Retirement System (ERS) Membership; NYS Deferred Compensation; access to NY 529 and NY ABLE College Savings Programs, U.S. Savings Bonds; Public Service Loan Forgiveness (PSLF); and more.
The Office of Information Technology Services is an equal opportunity employer, and diversity in the workforce is critical to fulfilling our mission. We encourage all individuals with disabilities to apply.
#J-18808-Ljbffr
Under the direction of senior team members within the Chief Information Security Office (CISO)/Cybersecurity Governance & Compliance (CGC)/Governance & Compliance (GC) Section, the incumbent will participate in the development and implementation of the Chief Information Security Office’s Policy Review Program. The Program supports the development and maintenance of statewide information security policies, standards, and guidelines to protect New York State information assets. The Governance & Compliance section also reviews policy exception requests, assesses requests for security information during internal and external audits, and collaborates with ITS and other State entities to ensure compliance with all State and Federal standards. The candidate will be the lead representative from CISO supporting internal and external audit assessments and will work to promote cybersecurity awareness and information security best practices.
The position requires communicating orally and in writing with management, users, vendors, and other IT staff. The position will be part of the CISO Incident Response program and may require availability during off-shift hours to ensure an appropriate response to security incidents or other critical activities that may impact sensitive information, critical systems, NYS agencies, or ITS.
Responsibilities
Collaborate on the development and maintenance of statewide information security policies, standards, processes, and procedures that meet current and future NYS business needs.
Lead the team in managing the influx of audit artifacts that must be assessed by CISO to determine appropriate redactions of sensitive data based on risk, policies, and confidentiality requirements, in compliance with the agency\'s audit response procedures.
Assist during internal and external audits by providing accurate and comprehensive documentation related to information security policies and standards and policy exceptions.
Act as a Policy and Audit SME within CISO, supporting other bureaus and sections to understand NYS policies and standards and respond to requests for audit artifact reviews.
Identify opportunities to streamline and improve the section’s policy review and audit support processes, tools, and documentation. Develop and update procedural documentation related to audit artifact review criteria.
Consult with State Entities regarding interpretation and assessments of requested audit artifacts.
Participate in the security exception review process for NYS Policy and Standard compliance.
Perform the full range of supervisory responsibilities.
Perform additional duties as required.
Qualifications
Minimum Qualifications
Information Technology Specialist 4 (Information Security)
Non-competitive: six years of information technology, cybersecurity, or information assurance experience, including one year at the supervisory level.
Substitutions: A bachelor’s or higher-level degree in any field including or supplemented by 15 semester credit hours in computer science or related field substitutes for three years of required experience; any bachelor’s substitutes for two years of required experience. An associate degree with 15 semester credit hours in computer science or related field may substitute for one year of required experience. Candidates in a bachelor’s degree program with at least 15 semester credit hours in computer science or related field may substitute such credits for one year of required experience. A master’s degree or higher in computer science or related field substitutes for one year of required experience.
Additional Information
Additional Comments
ITS will not offer permanent employment to any candidate unless the candidate provides documentation that they are authorized to accept work in the United States on a permanent basis. It is the policy of ITS not to hire F1 or H1 visa holders for permanent employment or to sponsor non-immigrant aliens for temporary work authorization visas or permanent residence. Some positions may require fingerprinting. Some positions may require up to 25% travel and/or lifting up to 50 lbs. Some positions are pending Civil Service approval. Details of position(s) will be described further if you are selected for an interview. If eligible, positions located in New York City will receive an additional $3,400 downstate adjustment location pay with regular annual salary. Positions located in the Mid-Hudson will receive an additional $1,650 adjustment location pay.
Benefits
Holiday & Paid Time Off: Thirteen (13) paid holidays annually; up to Thirteen (13) days of paid vacation leave annually; up to Five (5) days of paid personal leave annually; up to Thirteen (13) days of paid sick leave annually for PEF; up to three (3) days of professional leave annually for professional development.
Health Care Benefits: Eligible employees and dependents can pick from a variety of affordable health insurance programs; family dental and vision benefits at no additional cost.
Additional Benefits: New York State Employees’ Retirement System (ERS) Membership; NYS Deferred Compensation; access to NY 529 and NY ABLE College Savings Programs, U.S. Savings Bonds; Public Service Loan Forgiveness (PSLF); and more.
The Office of Information Technology Services is an equal opportunity employer, and diversity in the workforce is critical to fulfilling our mission. We encourage all individuals with disabilities to apply.
#J-18808-Ljbffr