Manager Information Technology Services 2 (Information Security)

The duties that the incumbent of the vacancy will be expected to perform. Duties Description The incumbent will report to the Cyber Incident Response (CIRT) Team in the Office of Counter Terrorism (OCT). Duties include but are not limited to: • Manage, document, participate, and oversee the DHSES Cyber Incident Response Team (CIRT) and incident response program. • Perform and oversee digital forensics, vulnerability scanning, and root cause analysis efforts.• Effectively communicate cyber security details and technical analysis to varied audiences (e.g., IT workers, leadership) within an organization.• Oversee and participate in drafting of incident reports and serve as a senior editor ensuring reports are both technically accurate and well-written.• Oversee the development and distribution of actionable strategic, technical, and tactical cyber information and intelligence to non-executive agencies, local governments, and public authorities through weekly, monthly, or ad hoc reports, briefings, and presentations.• Collect, analyze, and report on technical cyber security issues and emerging trends impacting state and local agencies.• Lead and facilitate stakeholders’ participation in technical cyber security meetings, presentations, trainings, seminars, etc., to foster information-sharing and enhance awareness.• Serve as primary point of contact for an affected agency during a cyber incident.• Oversee the team responsible for determining root causes of a cyber incident and work with affected agencies to implement efficient remediation plans.• Utilize incident data to identify specific vulnerabilities and make recommendations for cyber maturity improvements.• Utilize incident data to develop new CIRT technical programs and products to improve the cyber maturity posture on non-Executive agencies, local governments, and public authorities.• Oversee and conduct technical outreach to non-Executive agencies, local governments, and public authorities to discuss cyber security policies, programs, and infrastructure.• Perform all technical program oversight duties as required.• Monitor information security trends, tools, and techniques to maintain awareness and evaluate the applicability of the latest information security techniques and tools to agencies’ security programs.• Liaise with cyber security industry experts to maintain knowledge of cyber trends and techniques.• Assist in disaster response and recovery activities as required and assigned.• Perform the full range of supervisory responsibilities.• Support the other CIRT program areas as required.• Travel may be required (approximately 30%), including during evening and weekends, depending on mission and assignment. • Possession and maintenance of a valid Driver’s License issued by the NYS Department of Motor Vehicle is required, or otherwise demonstrate the capacity to meet the transportation needs of the job. The minimum qualifications required for this vacancy. Minimum Qualifications Non-competitive: Bachelor’s degree with at least 15 credit hours in cyber security, information assurance or information technology and five years of information technology experience, including four years of information security or information assurance experience and three years at a supervisory level or one year at a *managerial level.*Management experience is defined as direct leadership, management, and strategy execution for an identifiable organizational unit or program which includes direct management of program planning, development, resource allocation, monitoring, evaluation, research and analysis, and policy formation. This experience should also include administrative supervision of professional staff. Note: Bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year for-year basis; an associate's degree requires an additional two years of general information technology experience. Experience solely in information security or information assurance may substitute for the general information technology experience.Desired SANS Global Information Assurance Certifications: Certified Incident Handler Certification, GCIHCertified Forensic Analyst, GCFACertified Forensic Examiner, GCFECloud Forensics Responder, GCFREnterprise Incident Responder, GEIRNetwork Forensic Analyst, GNFAPenetration Tester Certification, GPENReverse Engineering Malware, GREMWeb Application Penetration Tester, GWAPT Additional comments regarding the vacancy. Additional Comments NOTE: Support of operations during times of emergency and disaster from State Emergency Operations Center (EOC), state field offices and/or local deployments may be required, which would result in a change and/or increase in working hours, locations and/or duties.NOTE ON TELECOMMUTING: Employees are required to apply and obtain approval through management to telecommute according to the agency’s Telecommuting Program Guidelines. Some positions may require additional credentials or a background check to verify your identity.

Salary : $115,000 - $141,000