Security Analyst

Job Title: Security Analyst

Duration: 30 Months Contract

Location: , Albany NY (Telecommuting is allowed but must be applied for per ITS policy: Currently 50% Telecommuting per 2-week period is allowed (i.e. 2 days 1st week; 3 days 2nd week) The initial training period will be in the office for no less than two weeks.)

Position Type: Full Time – 40 Hours a week - M-F 9 AM - 5:30 PM EST

Interview Type: In-Person

Description: Under the direction of a Senior Information Security Analyst, ITS 4 [SG 25], or Information Security Officer, MITS 1, within Integrated Security Services Team the position will be a member of an ITS Security Services Team that provides security services to the NYS Department of Transportation. The candidate will provide in-depth information security consulting and services aligned with business needs of the client agency, DOT, to ensure confidentiality, integrity, and availability of information and systems. The candidate will have to work with ITS teams and upper-level agency management to resolve technically complex and politically sensitive issues under pressure.

Responsibilities:

• Implement information security and compliance programs for Information Technology (IT) systems and Operational Technology (OT) systems.
• Conduct written risk assessments for existing systems/solutions, new systems/solutions, and services in use or to be used by the business.
• Assist with management and resolution of security risks and/or threats to business information and operational systems.
• Serve as information security analyst and evaluate systems and contracts for alignment with Business and State information security policies and standards as well as other laws, regulations, and industry best practices, as applicable.
• Monitor and remain aware of information security industry trends, tools, and techniques.
• Perform additional duties as required.

Required Skills:

• 60 months experience evaluating information security and compliance for Information Technology systems and/or Operational Technology systems.
• 60 months experience conducting written risk and/or security assessments using industry standards such as NIST, CIS Critical Controls, ISO 27001, etc.
• 48 months experience triaging and determining mitigation plans (with and without Vendor) to resolve security risks and/or threats to business information systems and operational technology systems
• 48 months experience evaluating business systems (Commercial Off the Shelf and Custom Developed) for alignment with Information Technology and/or Operational Technology security policies, standards, laws, regulations, and industry best practices.
• 36 months experience in evaluating security controls for cloud environments
• 36 months experience working with cross functional teams to mitigate or remediate system and application vulnerabilities
• Bachelor’s Degree in one or more of the following: Information Security, Information Assurance, Cybersecurity, Computer Science, Information Science, Information System Management, Digital Forensics, Compliance and Risk Management
• One or more of the following certifications: GICSP, GSEC, CISSP, CCSP, CCSK, CompTIA Cloud , GCSA, CompTIA Network , CompTIA Security , CompTIA CySA , CompTIA CASP , CISSP, CRISC, ISSAP, ISSEP, CGRC, CSSLP, SSCP, or other applicable information and/or cybersecurity certifications

Job Types: Full-time, Contract

Pay: $50,000.00 - $60,000.00 per year

Schedule:

• 8 hour shift

Work Location: Hybrid remote in Albany, NY 12202

Salary : $50,000 - $60,000