Manager Information Technology Services 1 (Information Security) Ref:JSOC 18860-18861
Under the direction and support of higher-level team members within the Joint Security Operations Center (JSOC), the incumbent will be responsible for the oversight and coordination of JSOC operations across multiple teams. The incumbent will participate in and manage efforts in conducting investigations of cyber security events reported by state and local government entities and other sources. Event response efforts include incident identification, assessment, quantification, reporting, communication, and monitoring. The candidate is responsible to provide investigation of correlated security event feeds and the appropriate triage, escalation, and coordination with other JSOC team members. The incumbent will participate in the technical and process direction of the JSOC, provide direction to analysts, and act as a liaison to other teams within NYS. The position requires communicating orally and in writing with various individuals including management, users, vendors, and other IT staff. Due to the necessary technical support duties of this position in a 24/7 operation, the incumbent may be required to work various shifts such as weekends and/or nights/evenings. Specific duties include, but are not limited to:
o Function as a shift manager in the JSOC, supporting and coordinating the efforts across multiple teams. o Identify trends in security alerts and cyber threats from a Statewide perspective. o Provide support and direction to all JSOC teams. o Maintain schedules and shift assignments effectively to ensure JSOC staffing needs are met. o Oversee the efforts related to security event monitoring and response including analysis and escalation of cyber events activities. o Identify and communicate trends within the JSOC intelligence and activity, escalating appropriately to stakeholders and management. o Conduct team and shift turnover activities to ensure continuity of operations throughout the JSOC. o Ensure that events are tracked and documented throughout the process. o Oversee technical delivery, assessing and continually improving output and ensuring processes developed and adhered to drive operational excellence. o Responsible for the development and maintenance of escalation procedures and workflows. o Ensure that Standard Operating Procedures are being created and followed by the teams. o Create technical reports and executive summaries related to cyber security incidents and events o Develop and deliver presentations regarding emerging cyber threats as needed o Provide detailed metrics reports for executive management. o Provide training, guidance, and act as a mentor to subordinate team members. o Perform the full range of administrative supervisory responsibilities, including performance evaluations, time sheet approval, etc.
Job Function
Under the direction and support of higher-level team members within the Joint Security Operations Center (JSOC), the incumbent will be responsible for the oversight and coordination of JSOC operations across multiple teams. The incumbent will participate in and manage efforts in conducting investigations of cyber security events reported by state and local government entities and other sources. Event response efforts include incident identification, assessment, quantification, reporting, communication, and monitoring. The candidate is responsible to provide investigation of correlated security event feeds and the appropriate triage, escalation, and coordination with other JSOC team members. The incumbent will participate in the technical and process direction of the JSOC, provide direction to analysts, and act as a liaison to other teams within NYS. The position requires communicating orally and in writing with various individuals including management, users, vendors, and other IT staff. Due to the necessary technical support duties of this position in a 24/7 operation, the incumbent may be required to work various shifts such as weekends and/or nights/evenings. Specific duties include, but are not limited to:
o Function as a shift manager in the JSOC, supporting and coordinating the efforts across multiple teams. o Identify trends in security alerts and cyber threats from a Statewide perspective. o Provide support and direction to all JSOC teams. o Maintain schedules and shift assignments effectively to ensure JSOC staffing needs are met. o Oversee the efforts related to security event monitoring and response including analysis and escalation of cyber events activities. o Identify and communicate trends within the JSOC intelligence and activity, escalating appropriately to stakeholders and management. o Conduct team and shift turnover activities to ensure continuity of operations throughout the JSOC. o Ensure that events are tracked and documented throughout the process. o Oversee technical delivery, assessing and continually improving output and ensuring processes developed and adhered to drive operational excellence. o Responsible for the development and maintenance of escalation procedures and workflows. o Ensure that Standard Operating Procedures are being created and followed by the teams. o Create technical reports and executive summaries related to cyber security incidents and events o Develop and deliver presentations regarding emerging cyber threats as needed o Provide detailed metrics reports for executive management. o Provide training, guidance, and act as a mentor to subordinate team members. o Perform the full range of administrative supervisory responsibilities, including performance evaluations, time sheet approval, etc.
Salary Range:
From $97826 to $120492 Annually
Minimum Qualification
Bachelor's degree with at least 15 credit hours in cyber security, information assurance or information technology and five years of information technology experience, including four years of information security or information assurance experience and three years at a supervisory level or one year at a managerial level. Note:
bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year-for-year basis; an associate's degree requires an additional two years of general information technology experience. Experience solely in information security or information assurance may substitute for the general information technology experience. Preferred
Qualifications:
o Bachelor's Degree with a concentration or major in Information Security, Cyber Security, Digital Forensics, Information Assurance, or a related field o Applicable Information Security certificate(s), including but not limited to:
o Certificate in Computer Network Defense (e.g., GCIA, GCED, GDAT, GPPA, GCDA, GMON, GWEB, CND, ECIH, GCIH) o Certificate in Cyber Threat Intelligence (e.g., CTIA, GCTI, CCIP, CSTIR) o Certificate in Digital Forensics (e.g., ACE, GCFA, GCFE, GREM, GNFA) o Certificate in Penetration Testing (e.g., GPEN, CEH, GAWN, GWAPT, LPT) o Certificate in Information Security Management (e.g., GSLC, GSTRT, GCEIT, CISM, CCISO) o Certified Information Systems Security Professional (CISSP) o 4
years' experience in technical writing. o 3
years' experience in the following areas:
o Leading a team in related work. o Applying and implementing network and/or system security. o Information security incident response. o Cyber digital forensics. o Log analysis (e.g. firewall logs, DNS logs, proxy logs, IDS/IPS logs) o Using SIEM technologies to support in-depth investigations. o Using computer security investigation tools (e.g. FTK) Working knowledge of:
o computer networks, intrusion detection systems, routers, firewalls, operating systems, network vulnerability assessments, web application vulnerability assessments, computer programming and scripting o network security solutions (e.g., intrusion detection/prevention systems, firewalls) o system administration o vulnerability management o computer programming and scripting o Information Security (CIA triad, Information Classification, Risk Management, Incident Response, Vulnerability Management, Security Architecture & Engineering) o Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding o Demonstrated critical thinking, problem solving and analytical skills.Estimated Salary: $20 to $28 per hour based on qualifications.
o Function as a shift manager in the JSOC, supporting and coordinating the efforts across multiple teams. o Identify trends in security alerts and cyber threats from a Statewide perspective. o Provide support and direction to all JSOC teams. o Maintain schedules and shift assignments effectively to ensure JSOC staffing needs are met. o Oversee the efforts related to security event monitoring and response including analysis and escalation of cyber events activities. o Identify and communicate trends within the JSOC intelligence and activity, escalating appropriately to stakeholders and management. o Conduct team and shift turnover activities to ensure continuity of operations throughout the JSOC. o Ensure that events are tracked and documented throughout the process. o Oversee technical delivery, assessing and continually improving output and ensuring processes developed and adhered to drive operational excellence. o Responsible for the development and maintenance of escalation procedures and workflows. o Ensure that Standard Operating Procedures are being created and followed by the teams. o Create technical reports and executive summaries related to cyber security incidents and events o Develop and deliver presentations regarding emerging cyber threats as needed o Provide detailed metrics reports for executive management. o Provide training, guidance, and act as a mentor to subordinate team members. o Perform the full range of administrative supervisory responsibilities, including performance evaluations, time sheet approval, etc.
Job Function
Under the direction and support of higher-level team members within the Joint Security Operations Center (JSOC), the incumbent will be responsible for the oversight and coordination of JSOC operations across multiple teams. The incumbent will participate in and manage efforts in conducting investigations of cyber security events reported by state and local government entities and other sources. Event response efforts include incident identification, assessment, quantification, reporting, communication, and monitoring. The candidate is responsible to provide investigation of correlated security event feeds and the appropriate triage, escalation, and coordination with other JSOC team members. The incumbent will participate in the technical and process direction of the JSOC, provide direction to analysts, and act as a liaison to other teams within NYS. The position requires communicating orally and in writing with various individuals including management, users, vendors, and other IT staff. Due to the necessary technical support duties of this position in a 24/7 operation, the incumbent may be required to work various shifts such as weekends and/or nights/evenings. Specific duties include, but are not limited to:
o Function as a shift manager in the JSOC, supporting and coordinating the efforts across multiple teams. o Identify trends in security alerts and cyber threats from a Statewide perspective. o Provide support and direction to all JSOC teams. o Maintain schedules and shift assignments effectively to ensure JSOC staffing needs are met. o Oversee the efforts related to security event monitoring and response including analysis and escalation of cyber events activities. o Identify and communicate trends within the JSOC intelligence and activity, escalating appropriately to stakeholders and management. o Conduct team and shift turnover activities to ensure continuity of operations throughout the JSOC. o Ensure that events are tracked and documented throughout the process. o Oversee technical delivery, assessing and continually improving output and ensuring processes developed and adhered to drive operational excellence. o Responsible for the development and maintenance of escalation procedures and workflows. o Ensure that Standard Operating Procedures are being created and followed by the teams. o Create technical reports and executive summaries related to cyber security incidents and events o Develop and deliver presentations regarding emerging cyber threats as needed o Provide detailed metrics reports for executive management. o Provide training, guidance, and act as a mentor to subordinate team members. o Perform the full range of administrative supervisory responsibilities, including performance evaluations, time sheet approval, etc.
Salary Range:
From $97826 to $120492 Annually
Minimum Qualification
Bachelor's degree with at least 15 credit hours in cyber security, information assurance or information technology and five years of information technology experience, including four years of information security or information assurance experience and three years at a supervisory level or one year at a managerial level. Note:
bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year-for-year basis; an associate's degree requires an additional two years of general information technology experience. Experience solely in information security or information assurance may substitute for the general information technology experience. Preferred
Qualifications:
o Bachelor's Degree with a concentration or major in Information Security, Cyber Security, Digital Forensics, Information Assurance, or a related field o Applicable Information Security certificate(s), including but not limited to:
o Certificate in Computer Network Defense (e.g., GCIA, GCED, GDAT, GPPA, GCDA, GMON, GWEB, CND, ECIH, GCIH) o Certificate in Cyber Threat Intelligence (e.g., CTIA, GCTI, CCIP, CSTIR) o Certificate in Digital Forensics (e.g., ACE, GCFA, GCFE, GREM, GNFA) o Certificate in Penetration Testing (e.g., GPEN, CEH, GAWN, GWAPT, LPT) o Certificate in Information Security Management (e.g., GSLC, GSTRT, GCEIT, CISM, CCISO) o Certified Information Systems Security Professional (CISSP) o 4
years' experience in technical writing. o 3
years' experience in the following areas:
o Leading a team in related work. o Applying and implementing network and/or system security. o Information security incident response. o Cyber digital forensics. o Log analysis (e.g. firewall logs, DNS logs, proxy logs, IDS/IPS logs) o Using SIEM technologies to support in-depth investigations. o Using computer security investigation tools (e.g. FTK) Working knowledge of:
o computer networks, intrusion detection systems, routers, firewalls, operating systems, network vulnerability assessments, web application vulnerability assessments, computer programming and scripting o network security solutions (e.g., intrusion detection/prevention systems, firewalls) o system administration o vulnerability management o computer programming and scripting o Information Security (CIA triad, Information Classification, Risk Management, Incident Response, Vulnerability Management, Security Architecture & Engineering) o Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding o Demonstrated critical thinking, problem solving and analytical skills.Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
