Manager Information Technology Services 1 (Information Security)
The Information Technology Bureau (IT) within the Office of the New York State Attorney General is seeking a Manager Information Technology Services 1 (Information Security) to function as the IT Security Operations (SecOps) Manager. The SecOps team is responsible for developing, advancing and ensuring a secure technology infrastructure and operations through ongoing review and implementation of best practices, standards and policies. The position is a non-competitive Civil Service position, the bargaining unit is PEF. This position will be in Latham. Key Responsibilities for this position include:
o Under the guidance of the Director of Infrastructure & Operations, directs and manages the implementation of OAG's information security, data privacy/risk, and all associated and integrated compliance programs. o Manages and resolves security threats to agency information systems and data privacy/risk. o Handles information security and data privacy/risk incident responses and develops best practices and training for all agency staff. o Serves as an internal and external information security and data privacy/risk experts for Executive Management, all Departments, and all customers. o Evaluates systems and contracts for alignment with State and agency information security policies and standards. o Manages all staff, OAG resources and internal controls dedicated to information security and data privacy/risk. o Performs all other duties/responsibilities in which there is a nexus to appropriate laws, rules, and regulations. This is considered an essential position and will be expected to be available to manage operational activities or respond to related incidents as needed. Some travel should be anticipated.
Job Function
The Information Technology Bureau (IT) within the Office of the New York State Attorney General is seeking a Manager Information Technology Services 1 (Information Security) to function as the IT Security Operations (SecOps) Manager. The SecOps team is responsible for developing, advancing and ensuring a secure technology infrastructure and operations through ongoing review and implementation of best practices, standards and policies. The position is a non-competitive Civil Service position, the bargaining unit is PEF. This position will be in Latham. Key Responsibilities for this position include:
o Under the guidance of the Director of Infrastructure & Operations, directs and manages the implementation of OAG's information security, data privacy/risk, and all associated and integrated compliance programs. o Manages and resolves security threats to agency information systems and data privacy/risk. o Handles information security and data privacy/risk incident responses and develops best practices and training for all agency staff. o Serves as an internal and external information security and data privacy/risk experts for Executive Management, all Departments, and all customers. o Evaluates systems and contracts for alignment with State and agency information security policies and standards. o Manages all staff, OAG resources and internal controls dedicated to information security and data privacy/risk. o Performs all other duties/responsibilities in which there is a nexus to appropriate laws, rules, and regulations. This is considered an essential position and will be expected to be available to manage operational activities or respond to related incidents as needed. Some travel should be anticipated.
Salary Range:
From $97826 to $120492 Annually
Minimum Qualification
Qualifications:
o Bachelor's degree with at least 15 credit hours in cyber security, information assurance or information technology. o Four years of information technology experience, including three years of information security or information assurance experience. o Two years at a supervisory level. Note:
bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year for-year basis; an associate's degree requires an additional two years of general information technology experience. Experience solely in information security or information assurance may substitute for the general information technology experience. The following preferred qualifications are a plus:
o CISSP, SSCP or Security
certification o Security Certifications in Cisco, Microsoft Azure or other related industry platforms o 4
years of experience with security operations center functions and tools such as, but not limited to, SIEM, CrowdStrike, Tenable, LogRhythm, Splunk, Forescout CounterAct, Microsoft Defender, SolarWinds, Proofpoint, CASB o 5
years of experience with securing Microsoft Active Directory and Microsoft 365 at the G5 level o 4 or more years of equivalent Information Security analyst or systems security administrator experience o Ability to work independently with a high degree of accountability o Bachelor's degree in Computer Science, Information Security or related field o Knowledge of Project Management Techniques o 4 or more years of experience implementing security across a variety of operating systems such as Windows server/desktop, Linux, Mobile devices and related applications o 3 or more years of experience securing different database systems such as SQL and Oracle o 4 or more years of experience supporting segmented network infrastructures including switches, routers, firewalls and wireless, preferably in a wide-area-network environment o Ability to analyze complex situations and provide solutions o Ability to effectively and efficiently plan activities and manage time sensitive deliverables o Ability to work effectively with employees at all levels within the organization o Excellent attention to detail o Experience with a ticketing system such as ServiceNow o The ability to react quickly to shifting priorities o Excellent communication and interpersonal skills o Technical writing and communication experience o Experience working on and supporting enterprise systems.Estimated Salary: $20 to $28 per hour based on qualifications.
o Under the guidance of the Director of Infrastructure & Operations, directs and manages the implementation of OAG's information security, data privacy/risk, and all associated and integrated compliance programs. o Manages and resolves security threats to agency information systems and data privacy/risk. o Handles information security and data privacy/risk incident responses and develops best practices and training for all agency staff. o Serves as an internal and external information security and data privacy/risk experts for Executive Management, all Departments, and all customers. o Evaluates systems and contracts for alignment with State and agency information security policies and standards. o Manages all staff, OAG resources and internal controls dedicated to information security and data privacy/risk. o Performs all other duties/responsibilities in which there is a nexus to appropriate laws, rules, and regulations. This is considered an essential position and will be expected to be available to manage operational activities or respond to related incidents as needed. Some travel should be anticipated.
Job Function
The Information Technology Bureau (IT) within the Office of the New York State Attorney General is seeking a Manager Information Technology Services 1 (Information Security) to function as the IT Security Operations (SecOps) Manager. The SecOps team is responsible for developing, advancing and ensuring a secure technology infrastructure and operations through ongoing review and implementation of best practices, standards and policies. The position is a non-competitive Civil Service position, the bargaining unit is PEF. This position will be in Latham. Key Responsibilities for this position include:
o Under the guidance of the Director of Infrastructure & Operations, directs and manages the implementation of OAG's information security, data privacy/risk, and all associated and integrated compliance programs. o Manages and resolves security threats to agency information systems and data privacy/risk. o Handles information security and data privacy/risk incident responses and develops best practices and training for all agency staff. o Serves as an internal and external information security and data privacy/risk experts for Executive Management, all Departments, and all customers. o Evaluates systems and contracts for alignment with State and agency information security policies and standards. o Manages all staff, OAG resources and internal controls dedicated to information security and data privacy/risk. o Performs all other duties/responsibilities in which there is a nexus to appropriate laws, rules, and regulations. This is considered an essential position and will be expected to be available to manage operational activities or respond to related incidents as needed. Some travel should be anticipated.
Salary Range:
From $97826 to $120492 Annually
Minimum Qualification
Qualifications:
o Bachelor's degree with at least 15 credit hours in cyber security, information assurance or information technology. o Four years of information technology experience, including three years of information security or information assurance experience. o Two years at a supervisory level. Note:
bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year for-year basis; an associate's degree requires an additional two years of general information technology experience. Experience solely in information security or information assurance may substitute for the general information technology experience. The following preferred qualifications are a plus:
o CISSP, SSCP or Security
certification o Security Certifications in Cisco, Microsoft Azure or other related industry platforms o 4
years of experience with security operations center functions and tools such as, but not limited to, SIEM, CrowdStrike, Tenable, LogRhythm, Splunk, Forescout CounterAct, Microsoft Defender, SolarWinds, Proofpoint, CASB o 5
years of experience with securing Microsoft Active Directory and Microsoft 365 at the G5 level o 4 or more years of equivalent Information Security analyst or systems security administrator experience o Ability to work independently with a high degree of accountability o Bachelor's degree in Computer Science, Information Security or related field o Knowledge of Project Management Techniques o 4 or more years of experience implementing security across a variety of operating systems such as Windows server/desktop, Linux, Mobile devices and related applications o 3 or more years of experience securing different database systems such as SQL and Oracle o 4 or more years of experience supporting segmented network infrastructures including switches, routers, firewalls and wireless, preferably in a wide-area-network environment o Ability to analyze complex situations and provide solutions o Ability to effectively and efficiently plan activities and manage time sensitive deliverables o Ability to work effectively with employees at all levels within the organization o Excellent attention to detail o Experience with a ticketing system such as ServiceNow o The ability to react quickly to shifting priorities o Excellent communication and interpersonal skills o Technical writing and communication experience o Experience working on and supporting enterprise systems.Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
