Junior Red Team Analyst /Information Technology Specialist 3 (Information Security), ref 2881-8R
TBD, New York
Employer: StateJobsNY
Industry: I.T. Engineering, Sciences
Salary: Competitive
Job type: Full-Time
Bachelor's degree* with at least 15 credit hours in cyber security, information assurance, or information technology; and two years of information technology experience, including one year of information security or information assurance experience**.
* Substitution: bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year-for-year basis; an associate's degree requires an additional two years of general information technology experience.
** Experience solely in information security or information assurance may substitute for the general information technology experience.
Preferred Qualifications:
• Bachelor's Degree with a concentration or major in Information Security, Cyber Security, Digital Forensics, Information Assurance, or a related field
• Applicable Information Security certificate(s), including but not limited to:
o Certificate in Computer Network Defense (e.g., GCIA, GCED, GDAT, GPPA, GCDA, GMON, GWEB, CND, ECIH, GCIH)
o Certificate in Cyber Threat Intelligence (e.g., CTIA, GCTI, CCIP, CSTIR)
o Certificate in Digital Forensics (e.g., ACE, GCFA, GCFE, GREM, GNFA)
o Certificate in Penetration Testing (e.g., GPEN, CEH, GAWN, GWAPT, LPT)
• 2+ years' experience in technical writing
• 1+ years' experience in the following areas:
o Penetration testing and applying offensive security techniques.
o Computer programming and web application development.
o Developing scripts and code to exploit weakness in computer systems.
o IT systems administration.
o Support and management of computer networks, intrusion detection systems, routers, firewalls, operating systems.
o Conducting web application and network vulnerability assessments.
o Applying and implementing network and/or system security.
o Information security incident response.
o Cyber digital forensics.
o Log analysis (e.g., firewall logs, DNS logs, proxy logs, IPS/IDS logs)
o Using SIEM technologies to support in-depth investigations
o Using computer security investigation tools (e.g. FTK).
• Working knowledge of:
o Government security and privacy mandates/regulatory compliance (e.g., HIPAA, PCI, IRS Pub 1075, CJIS)
o Information Security (CIA triad, Information Classification, Risk Management, Incident Response, Vulnerability Management, Security Architecture & Engineering)
o Information Security Frameworks (NIST Cyber Security Framework, CIS Controls, ISO 2700 series)
• Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding
• Demonstrated critical thinking, problem solving and analytical skills
Duties Description Under the direction and support of senior team members within the CISO/Integrated Cyber Command Center/Red Team, the position will be a member of the team that is responsible for advanced security testing of systems and applications, support and management of the secure lab environment, and the automation of processes within the Cyber Command Center. The incumbent will assist in security reviews, perform penetration testing using "offensive security" and other techniques that are often employed by an adversary. The incumbent will also participate in the automation of CyCom processes, the management and support of the CyCom secure lab environment, and the development of cyber security training materials.
The ideal candidate would have experience with cyber security, offensive security, penetration testing, computer networks, intrusion detection systems, routers, firewalls, operating systems, network vulnerabilities, and web application vulnerabilities. Other desirable skills include computer programming, scripting, databases, database queries, and reporting. Excellent written and verbal communication skills are essential.
This position requires off-shift work on an ad-hoc basis and occasional travel.
Duties include, but are not limited to:
• Assist with the management and support the CyCom secure lab environment, including all hardware, software, and networking.
• Assist with advanced computer security testing of systems and applications for ITS and its client agencies using specialize testing tools, techniques, and procedures.
• Assist with the creation technical reports with both deep technical details and executive summary information.
• Participate in the development and improvement of CyCom automation activities.
• Create training materials and standard operating procedures for the Red Team.
• Assist the Cyber Incident Response Team with digital forensics and incident response activities, as needed.
• Perform the full range of supervisory responsibilities and additional duties, as assigned.
Additional Comments Additional details on work shift will be discussed at time of interview.
Background check and fingerprinting are required.
Benefits of Working for NYS
Generous benefits package, worth 65% of salary, including:
• Holiday & Paid Time Off
• Thirteen (13) paid holidays annually
• Up to thirteen (13) days of paid vacation leave annually
• Up to five (5) days of paid personal leave annually
• Up to thirteen (13) days of paid sick leave annually for PEF
• Up to three (3) days of professional leave annually to participate in professional development
Health Care Benefits
• Eligible employees and dependents can pick from a variety of affordable health insurance programs
• Family dental and vision benefits at no additional cost
Additional Benefits
• New York State Employees' Retirement System (ERS) Membership
• NYS Deferred Compensation
• Access to NY 529 and NY ABLE College Savings Programs, as well as U.S. Savings Bonds
• Public Service Loan Forgiveness (PSLF)
• Up to 50% telecommuting
• And many more.
Some positions may require additional credentials or a background check to verify your identity.
Name Charlene Maroni
Telephone 518-473-0398
Fax 518-402-4924
Email Address PostingResponses@its.ny.gov
Address
Street Office of Information Technology Services
Human Resources Services - Swan Street Building, Core 4, Floor 1
City Albany
State NY
Zip Code 12242
Notes on Applying To apply, please submit a resume and cover letter indicating that you are applying for the Information Technology Specialist 3 (Information Security), Ref #2881-8R. Please include the Posting ID and clearly indicate how you meet the minimum qualifications for this position. Your Social Security number may be required in order to confirm eligibility.
Some positions may require additional credentials or a background check to verify your identity. Selected candidates who are new or returning to NYS service may be required to pay for fingerprinting fees. New York State is an equal opportunity employer.
* Substitution: bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year-for-year basis; an associate's degree requires an additional two years of general information technology experience.
** Experience solely in information security or information assurance may substitute for the general information technology experience.
Preferred Qualifications:
• Bachelor's Degree with a concentration or major in Information Security, Cyber Security, Digital Forensics, Information Assurance, or a related field
• Applicable Information Security certificate(s), including but not limited to:
o Certificate in Computer Network Defense (e.g., GCIA, GCED, GDAT, GPPA, GCDA, GMON, GWEB, CND, ECIH, GCIH)
o Certificate in Cyber Threat Intelligence (e.g., CTIA, GCTI, CCIP, CSTIR)
o Certificate in Digital Forensics (e.g., ACE, GCFA, GCFE, GREM, GNFA)
o Certificate in Penetration Testing (e.g., GPEN, CEH, GAWN, GWAPT, LPT)
• 2+ years' experience in technical writing
• 1+ years' experience in the following areas:
o Penetration testing and applying offensive security techniques.
o Computer programming and web application development.
o Developing scripts and code to exploit weakness in computer systems.
o IT systems administration.
o Support and management of computer networks, intrusion detection systems, routers, firewalls, operating systems.
o Conducting web application and network vulnerability assessments.
o Applying and implementing network and/or system security.
o Information security incident response.
o Cyber digital forensics.
o Log analysis (e.g., firewall logs, DNS logs, proxy logs, IPS/IDS logs)
o Using SIEM technologies to support in-depth investigations
o Using computer security investigation tools (e.g. FTK).
• Working knowledge of:
o Government security and privacy mandates/regulatory compliance (e.g., HIPAA, PCI, IRS Pub 1075, CJIS)
o Information Security (CIA triad, Information Classification, Risk Management, Incident Response, Vulnerability Management, Security Architecture & Engineering)
o Information Security Frameworks (NIST Cyber Security Framework, CIS Controls, ISO 2700 series)
• Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding
• Demonstrated critical thinking, problem solving and analytical skills
Duties Description Under the direction and support of senior team members within the CISO/Integrated Cyber Command Center/Red Team, the position will be a member of the team that is responsible for advanced security testing of systems and applications, support and management of the secure lab environment, and the automation of processes within the Cyber Command Center. The incumbent will assist in security reviews, perform penetration testing using "offensive security" and other techniques that are often employed by an adversary. The incumbent will also participate in the automation of CyCom processes, the management and support of the CyCom secure lab environment, and the development of cyber security training materials.
The ideal candidate would have experience with cyber security, offensive security, penetration testing, computer networks, intrusion detection systems, routers, firewalls, operating systems, network vulnerabilities, and web application vulnerabilities. Other desirable skills include computer programming, scripting, databases, database queries, and reporting. Excellent written and verbal communication skills are essential.
This position requires off-shift work on an ad-hoc basis and occasional travel.
Duties include, but are not limited to:
• Assist with the management and support the CyCom secure lab environment, including all hardware, software, and networking.
• Assist with advanced computer security testing of systems and applications for ITS and its client agencies using specialize testing tools, techniques, and procedures.
• Assist with the creation technical reports with both deep technical details and executive summary information.
• Participate in the development and improvement of CyCom automation activities.
• Create training materials and standard operating procedures for the Red Team.
• Assist the Cyber Incident Response Team with digital forensics and incident response activities, as needed.
• Perform the full range of supervisory responsibilities and additional duties, as assigned.
Additional Comments Additional details on work shift will be discussed at time of interview.
Background check and fingerprinting are required.
Benefits of Working for NYS
Generous benefits package, worth 65% of salary, including:
• Holiday & Paid Time Off
• Thirteen (13) paid holidays annually
• Up to thirteen (13) days of paid vacation leave annually
• Up to five (5) days of paid personal leave annually
• Up to thirteen (13) days of paid sick leave annually for PEF
• Up to three (3) days of professional leave annually to participate in professional development
Health Care Benefits
• Eligible employees and dependents can pick from a variety of affordable health insurance programs
• Family dental and vision benefits at no additional cost
Additional Benefits
• New York State Employees' Retirement System (ERS) Membership
• NYS Deferred Compensation
• Access to NY 529 and NY ABLE College Savings Programs, as well as U.S. Savings Bonds
• Public Service Loan Forgiveness (PSLF)
• Up to 50% telecommuting
• And many more.
Some positions may require additional credentials or a background check to verify your identity.
Name Charlene Maroni
Telephone 518-473-0398
Fax 518-402-4924
Email Address PostingResponses@its.ny.gov
Address
Street Office of Information Technology Services
Human Resources Services - Swan Street Building, Core 4, Floor 1
City Albany
State NY
Zip Code 12242
Notes on Applying To apply, please submit a resume and cover letter indicating that you are applying for the Information Technology Specialist 3 (Information Security), Ref #2881-8R. Please include the Posting ID and clearly indicate how you meet the minimum qualifications for this position. Your Social Security number may be required in order to confirm eligibility.
Some positions may require additional credentials or a background check to verify your identity. Selected candidates who are new or returning to NYS service may be required to pay for fingerprinting fees. New York State is an equal opportunity employer.
Created: 2024-06-18
Reference: 160998
Country: United States
State: New York
City: TBD