NYSOC Tier 2 Analyst (Latham), Information Technology Specialist 4 (Information Security), SG-25, ref #8196L

Description

Duties Description

Under the direction of senior leadership within the Office of Information Technology Services Chief Information Security Office, the incumbent will be a Tier 2 Analyst working in the New York Security Operations Center (NYSOC) participating in the intake and triage of a wide variety of security events for NYSOC subscribers. The incumbent will leverage a variety of threat intelligence sources and indicators of compromise (IOCs) to perform SOC services across a large and diverse multi-entity environment. The incumbent will participate in the ingestion and response to all forms of threat intelligence and vulnerability announcements received from many third parties such as vendors, DHS CISA, MS-ISAC, NYSP, and other sources of open-source intelligence.

This position requires the incumbent to possess a solid understanding of the current cyber threat landscape, the tactics, techniques, tools, and procedures commonly leveraged, and the steps necessary to swiftly identify, and contain a potential cyber threat. Additionally, this position requires an incumbent to act with a great deal of independence in alignment with agency and upper-level management strategic direction.

Due to the nature of the work performed by the SOC, this position requires availability during off-shift hours to ensure appropriate response to security incidents or other critical activities as needed.

Duties Include, But Are Not Limited To

• Lead and support Tier 0 and Tier 1 analysts in the identification, triage, and escalation of security events.
• Monitor multiple sources (phone, email, automated systems, etc.) for new security events.
• Follow all established procedures, workflows, and tasks related to NYSOC activities.
• Work with Tier 0 and Tier 1 analysts and the SOC team to ensure identified incidents are documented and escalated efficiently.
• Ensure that tickets are properly created and tracked in the ticket management system, and in a timely manner.
• Ensure that trusted third party notifications are forwarded to the appropriate stakeholders.
• Provide input and feedback in the development and revision of standard operating procedures and workflows.
• Provide supporting analysis related to cyber security incidents and events.
• Provide input and feedback to the engineering and development team to appropriately tune the performance of multiple security tools such as endpoint detection and response (EDR), Security Orchestration, automation and response (SOAR), sandbox tools, antivirus/antimalware, and security incident and event management (SIEM) to increase the quality of generated alerts.
• Participate in active projects to help identify and resolve issues/problems to ensure successful outcomes are achieved.
• Maintain an adequate level of current knowledge and proficiency in information security through annual Continuing Professional Education (CPE) credits directly related to information security.
• Perform the full range of supervisory responsibilities and additional duties as assigned.
  
  

Qualifications

Minimum Qualifications

Bachelor’s degree* with at least 15 credit hours in cyber security, information assurance, or information technology; and three years of information technology experience, including two years of information security or information assurance experience**.

• Substitution: bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year-for-year basis; an associate's degree requires an additional two years of general
  
  

information technology experience.

• Experience solely in information security or information assurance may substitute for the general information technology experience.
  
  

Preferred Qualifications

The ideal candidate would possess one or more of the following preferred qualifications:

• Certifications in one or more of the following:
• Cyber Defense (e.g., GCIA, GCIH, GCED, GSOM, GSOC, GMON, GCDA)
• Cyber Threat Intelligence (e.g., GCTI, CTIA, CCIP, GOSI)
• Information Security and Management (e.g., CISSP, CISM, CCISO, CCSK)
• 2 years’ experience in one or more of the following:
• Working as a senior SOC analyst or team lead
• Conducting log analysis (e.g., firewall logs, DNS logs, proxy logs, IDS/IPS logs)
• Using SIEM technologies to support in-depth investigations, specifically IBM QRadar
• 1 years’ experience in one or more of the following:
• Developing process and training documentation
• Participating in cyber incident response
• Strong understanding of enterprise IT environments, including but not limited to system administration, network architecture, operating systems, endpoint detection and response tools, and network-based security solutions (e.g., IDS/IPS, firewalls).
• Strong understanding of the foundations of Information Security, such as the CIA triad, information classification, identity and access management, risk management, vulnerability management, secure architecture and engineering, network security, software development security, etc.
• Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding.
• Excellent analytical process, hypothesis generation, and reporting skills.
  
  

Additional Comments

Background check and fingerprinting are required.

Additional details on work shift will be discussed at time of interview.

Benefits of Working for NYS

Generous benefits package, worth 65% of salary, including:

• Holiday & Paid Time Off
• Thirteen (13) paid holidays annually
• Up to thirteen (13) days of paid vacation leave annually
• Up to five (5) days of paid personal leave annually
• Up to thirteen (13) days of paid sick leave annually for PEF
• Up to three (3) days of professional leave annually to participate in professional development
  
  

Health Care Benefits

• Eligible employees and dependents can pick from a variety of affordable health insurance programs
• Family dental and vision benefits at no additional cost
  
  

Additional Benefits

• New York State Employees’ Retirement System (ERS) Membership
• NYS Deferred Compensation
• Access to NY 529 and NY ABLE College Savings Programs, as well as U.S. Savings Bonds
• Public Service Loan Forgiveness (PSLF)
• Up to 50% telecommuting
• And many more.