"Alerted.org

NY HELP No

Agency Attorney General, Office of the

Title Information Technology Specialist 4 (Information Security)

Occupational Category I.T. Engineering, Sciences

Salary Grade 25

Bargaining Unit PS&T - Professional, Scientific, and Technical (PEF)

Salary Range From $96336 to $121413 Annually

Employment Type Full-Time

Appointment Type Permanent

Jurisdictional Class Non-competitive Class

Travel Percentage 10%

Workweek Mon-Fri

Hours Per Week 37.5

Workday

From 8:30 AM

To 5 PM

Flextime allowed? No

Mandatory overtime? No

Compressed workweek allowed? No

Telecommuting allowed? Yes

County Albany

Street Address 10 British American Blvd

City Latham

State NY

Zip Code 12110

Duties Description Under the direction of the Chief Information Security Officer, the Information Technology Specialist 4 (Information Security) will primarily manage incident response. The Information Security Office (ISO) necessitates an incident responder due to the uniquely sensitive nature of its data and the high-profile threats it faces. Incident responders are crucial for swift, decisive action when security breaches occur, minimizing damage and preserving public trust. The ISO handles highly confidential legal and investigative data, making it a prime target for sophisticated cyberattacks. A dedicated incident responder can rapidly assess the scope of a breach, contain its spread, and prevent further data exfiltration. This minimizes potential legal ramifications and protects sensitive information from public disclosure. The evolving threat landscape demands specialized expertise. Incident responders possess the skills to analyze complex attack patterns, identify vulnerabilities, and implement effective remediation strategies. This proactive approach strengthens the ISO’s overall security posture and reduces the likelihood of future incidents.DUTIES: • Demonstrate a proactive, strategic approach to cybersecurity, ensuring sensitive data and critical assets of the New York State Office of the Attorney General are safeguarded. • Prioritize risk mitigation strategies, foreseeing potential threats, and establishing preventive measures that align with organizational objectives. • Manage sophisticated incident response operations, deploying best practices to identify, analyze, and swiftly mitigate security incidents such as malware infections, data breaches, and unauthorized access to ensure the agency is well-prepared for and resilient against diverse cyber threats. • Demonstrate operational mastery over Security Information and Event Management (SIEM) platforms like Splunk and LogRhythm, using these tools for effective log analysis, threat detection, and incident investigation, and ensuring quick and accurate responses to threats. • Manage comprehensive threat hunting operations with deep knowledge of adversarial tactics, techniques, and procedures (TTPs). Leverage threat intelligence feeds and analytical tools to provide proactive threat detection and informed decision-making on security matters. • Drive automation in threat detection through advanced scripting in PowerShell and Python, optimizing processes for threat hunting and security analysis. Encourage efficiency and precision by integrating tailored scripts that support incident response goals. • Provide advanced oversight in network and packet analysis, using tools like Wireshark to examine network traffic, detect anomalies, and identify potential security breaches, reinforcing the organization’s defense posture. • Conduct in-depth security investigations, guiding the identification and analysis of intrusion artifacts and attack patterns. • Empower colleagues to develop insights from security logs, elevating organizational understanding and responsiveness to security incidents. • Manage the development and continual improvement of Cybersecurity Incident Response Plans, ensuring they remain relevant and aligned with evolving threats and best practices. Regularly evaluates these plans to adapt to industry trends, organizational changes, and stakeholder expectations. • Conduct and oversee cybersecurity tabletop exercises, working collaboratively with colleagues to simulate potential incident scenarios. Use outcomes to identify gaps and implement improvements, ensuring the organization’s readiness and responsiveness are continually optimized. • Maintain a vigilant approach to monitoring the IT infrastructure, instilling a high level of situational awareness across the organization. Drive policies that empower staff to detect and respond to emerging threats, protecting sensitive information and organizational integrity. • Ensure consistent, clear, and accurate documentation of incident responses, policies, and procedural updates. Model effective communication to management and stakeholders, providing detailed, concise reports that facilitate informed decision-making and enhance overall organizational security posture. • Hold and maintain industry-leading certifications, including GIAC Certified Incident Handler (GCIH), CompTIA Cybersecurity Analyst+ (CySA+), and GIAC Certified Enterprise Defender (GCED). Foster a culture of continuous professional growth within the team.• Other duties as assigned.

Minimum Qualifications Bachelor’s degree with at least 15 credit hours in cyber security, information assurance, or information technology; and three years of information technology experience, at least two years of which are information security or information assurance experience.OR A bachelor's degree in any field with at least four years of information technology experience, at least two years of which are information security or information assurance experience.ORAn associate's degree in any field with six years of general information technology experience at least two of which are information security or information assurance experience. ORAt least eight years of information security or information assurance experience.PREFERRED QUALIFICATIONS: • 7+ years of information security or equivalent combination of work and educational experiences • In-depth knowledge of Incident response handling, threat intelligence, Information security best practices• Knowledge of Incident response processes, NIST CSF and other security control frameworks• Proven knowledge of security (preferred - CISSP, CISA, CISM, GPEN, GWAPT, GCIH, other GIAC certifications, OSCP, CEH, Security+, etc.) • Understanding of NIST standards, CIS Benchmarks • Experience utilizing various security tools such as CrowdStrike, Microsoft Defender, Splunk, Tenable (Nessus)

Additional Comments Careers with the State offer multiple benefits including paid vacation leave (13+ days per year), sick leave, paid State holidays off, health insurance including vision & dental, entry into the NYS retirement (pension) system, education and training, eligibility for public student loan forgiveness, and job stability with promotional opportunities. Workplace flexibilities include multiple options for employees including telecommuting (up to two days per week) and alternative work schedules.Candidates from diverse backgrounds are encouraged to apply. The OAG is an equal opportunity employer and is committed to workplace diversity.For new State employees appointed to graded positions, the annual salary is the hiring rate (beginning of the Salary Range) of the position. Promotion salaries are calculated by the NYS Office of the State Comptroller in accordance with NYS Civil Service Law, OSC Payroll rules and regulations and negotiated union contracts.

Some positions may require additional credentials or a background check to verify your identity.

Name Human Resources Management Bureau

Telephone 5187762500

Fax

Email Address [email protected]

Address

Street Office of the Attorney General, Human Resources Managment Bureau

The Capitol

City Albany

State NY

Zip Code 12224

Notes on Applying Please send your cover letter and resume that includes a statement on how you meet the minimum qualifications for the position to [email protected]. Please include Vacancy ID # for prompt routing and review.For more information about the OAG, please visit our website: www.ag.ny.gov.