16 Cybersecurity Professionals jobs in Greece

***Candidate must be able to work in the PST time zone. ***

Job Summary

This position will execute the Information and Cybersecurity Risk Management programs, concentrating on internal and third-party risk assessments and audits. Assessment and compliance activities include validating controls in the IT department, managing risk findings, and verifying their remediation. Must have excellent written and verbal communication skills and a strong understanding of IT risks, cloud security, application systems security, and third-party security. Must be results-oriented with the ability to collaborate with multiple process owners and stakeholders simultaneously.

ESSENTIAL FUNCTIONS

Duties and Responsibilities

• Lead, plan, and conduct periodic cyber and information security risk assessments and audits of third parties enterprise-wide.

• Identify, assess, and document cybersecurity risks for Molina and its suppliers.

• Partner with internal and external auditors to facilitate compliance audits and mitigate findings.

• Manage documentation (e.g., requesting, reviewing, preparing) for regulatory and compliance audits & assessments.

• Ensure compliance with applicable regulations (e.g., HIPAA, NYS DFS) and industry standards (e.g., NIST).

• Develop and maintain security policies, plans, charters, standards, and procedures.

• Promote security awareness through communication, training, and documentation.

• Develop and maintain dashboards to manage and communicate risk to relevant stakeholders.

• Develop and monitor metrics and prepare reports for senior management.

• Monitor the inventory for vendors and suppliers.

• Identify risks and recommend process improvements in the third-party risk management and supply chain program.

• Build strong partnerships and collaborate with cross-functional teams.

• Lead and execute third-party risk mitigation strategies and corrective action plans.

• Monitor and manage third-party risks using GRC and security tools.

• Stay current on developments in the industry and within the company.

Job Qualifications

Required Education

Bachelor's Degree in Information Systems/Security, Computer Science, Cybersecurity, or related field.

Required Experience

• Minimum 5 years relevant experience in cybersecurity with a focus on governance, risk and compliance.

• Professional certification(s) such as Certified Information Systems Auditor (CISA), Certified Information Systems

• Security Professional (CISSP), or Certified in Risk and Information Systems Control (CRISC) required.

• Adaptable to fast-changing environments and comfortable with ambiguity.

• Excellent verbal, written, and interpersonal skills.

• Big 4 or consulting experience.

• Strong proficiency in regulations and industry frameworks (e.g., HIPAA, NIST, HITRUST)

• Experience with GRC and security performance monitoring tools (e.g., Lockpath, ServiceNow, Prevalent, BitSight).

• Ability to travel approximately 10%

To all current Molina employees: If you are interested in applying for this position, please apply through the intranet job listing.

Molina Healthcare offers a competitive benefits and compensation package. Molina Healthcare is an Equal Opportunity Employer (EOE) M/F/D/V.

Pay Range: $77,969 - $171,058 / ANNUAL

*Actual compensation may vary from posting based on geographic location, work experience, education and/or skill level.

As a community, the University of Rochester is defined by a deep commitment to Meliora - Ever Better. Embedded in that ideal are the values we share: equity, leadership, integrity, openness, respect, and accountability. Together, we will set the highest standards for how we treat each other to ensure our community is welcoming to all and is a place where all can thrive.

Job Location (Full Address):

300 Science Pkwy, Rochester, New York, United States of America, 14620

Opening:

Worker Subtype:

Regular

Time Type:

Full time

Scheduled Weekly Hours:

40

Department:

100086 University IT / IS

Work Shift:

UR - Day (United States of America)

Range:

UR URG 114

Compensation Range:

$86,482.00 - $129,723.00

The referenced pay range represents the minimum and maximum compensation for this job. Individual annual salaries/hourly rates will be set within the job's compensation range, and will be determined by considering factors including, but not limited to, market data, education, experience, qualifications, expertise of the individual, and internal equity considerations.

Responsibilities:

The Sr. Network Security Engineer ensures the security, stability, and integrity of all internal and external firewalls. This is achieved by planning, designing, developing, and managing firewall rules that comply with company security requirements and risk acceptance. In addition, the Network Security Engineer Lead participates in the design, installation, monitoring, maintenance, refresh, support, and optimization of all network firewall hardware and software.

The Sr. Network Security Engineer ensures the security, stability, and integrity of all internal and external firewalls. This is achieved by planning, designing, developing, and managing firewall rules that comply with company security requirements and risk acceptance. In addition, the Network Security Engineer Lead participates in the design, installation, monitoring, maintenance, refresh, support, and optimization of all network firewall hardware and software.

JOB DUTIES AND RESPONSIBILITIES:

• Manage firewalls that protect our complex and diverse network; includes design, installation, monitoring, administration, and maintenance.

• Respond to the evolving threat landscape and our changing business needs by developing and maintaining efficient and secure firewall policies and configurations.

• Complete requests for updates to firewall policies that often require critical thinking and careful analysis.

• Troubleshoot user-reported issues, either updating firewalls to resolve, or directing people to an alternate solution.

• Investigate and help resolve network events and issues discovered by other infoSecOps teams.

• Adhere to processes and procedures for change management and trouble ticket resolution, and maintain documentation as changes are made.

• Lead architecture designs for network security platforms, including remote access and site-to-site VPN, and network growth that requires additional firewalls.

• Develop, maintain, and organize documentation for SME platforms and internal processes.

• Teach, train, and guide other team members to improve their skills.

• Model strong adaptability and the ability to readily expand knowledge and expertise as new opportunities arise.

• Maintain awareness of developing trends and best pracices in security, and continue to deepen established skills with ongoing personal development.

• Maintain a netflow collection and analysis platform, and ensure that relevant data and events are forwarded to our SEIM.

• Ensure that firewall and system logs for our platforms are forwarded to our SEIM.

• Collaborate with Network and Systems teams to ensure that appropriate monitoring and alerting is done for our platofrms and that events are resolved.

• Attend interdepartmental and project meetings and serve as team representative.

• Provide high-level support to others in general problem resolution.

• Participate in team on call rotation as required.

• Perform other duties as assigned

QUALIFICATIONS:

• Bachelor's degree in related discipline such as Computer Science, Business, Mathematics, Statistics, Science or Engineering required.

• Master's Degree preferred.

• 4 - 5 years of related experience, preferably at least 2 years in a supervisory capacity required (or an equivalent combination of education and experience).

Required Technical Skills:

• Knowledge of computer networking concepts and protocols, and network security methodologies; knowledge of cyber threats and vulnerabilities; knowledge of encryption.

• Skill at managing systems in a disciplined IT environment.

• Skill at troubleshooting issues and critical thinking.

• Knowledge of and familiarity with physical and virtual network devices (hubs, switches, routers, firewalls, etc.)

• Skill in understanding the configuration of diverse firewall features, including packet filtering, routing, NAT, threat protection / IDS, IPSec and SSL VPN, etc. Skill in general firewall administration, with emphasis on Palo Alto or Cisco firewalls preferred.

• Skill in assessing, testing, and evaluating tools (current and proposed) to identify areas for improvement.

• Skill in technical writing and presentation.

• Skill in analyzing and reporting on team performance and ways to improve.

Required Business Skills:

• Ability to succeed at customer satisfaction and appropriate follow-through in all interactions coupled with a sense of urgency when needed, while working under pressure and handling multiple, competing priorities.

• Ability to understand and model organizational mission, vision and values.

• Ability to re-prioritize projects for self and others as unplanned events occur to ensure immediate urgent tasks are completed and larger important goals are still ultimately met.

• Ability to communicate complex information, concepts, or ideas clearly in a confident and well-organized manner through verbal, written, and / or visual means.

• Ability to adjust to and operate in a diverse, unpredictable, challenging, and fast-paced work environment.

The University of Rochester is committed to fostering, cultivating, and preserving an inclusive and welcoming culture to advance the University's Mission to Learn, Discover, Heal, Create - and Make the World Ever Better. In support of our values and those of our society, the University is committed to not discriminating on the basis of age, color, disability, ethnicity, gender identity or expression, genetic information, marital status, military/veteran status, national origin, race, religion, creed, sex, sexual orientation, citizenship status, or any other characteristic protected by federal, state, or local law (Protected Characteristics). This commitment extends to non-discrimination in the administration of our policies, admissions, employment, access, and recruitment of candidates, for all persons consistent with our values and based on applicable law.

Notice: If you are a Current Employee, please log into myURHR to search for and apply to jobs using the Jobs Hub. Your application, if submitted using this portal, cannot be moved forward.

Learn. Discover. Heal. Create.

Located in western New York, Rochester is our namesake and our home. One of the world's leading research universities, Rochester has a long tradition of breaking boundaries-always pushing and questioning, learning and unlearning. We transform ideas into enterprises that create value and make the world ever better.

If you're looking for a career in higher education or health care, the University of Rochester may offer the perfect opportunity for your background and goals

At the University of Rochester, we are committed to fostering, cultivating, and preserving an inclusive and welcoming culture and are united by a strong commitment to be ever better-Meliora. It is an ideal that informs our shared mission to ensure all members of our community feel safe, respected, included, and valued.

NY HELP No

Agency Information Technology Services, Office of

Title Information Technology Specialist 4 (Information Security), ref #Roch25

Occupational Category I.T. Engineering, Sciences

Salary Grade 25

Bargaining Unit PS&T - Professional, Scientific, and Technical (PEF)

Salary Range From $96336 to $21413 Annually

Employment Type Full-Time

Appointment Type Contingent Permanent

Jurisdictional Class Non-competitive Class

Travel Percentage 0%

Workweek Other (see below)

"Other" Explanation Multiple shifts being filled for 24x7x365 operationsAdditional details on work shift will be discussed at time of interview

Hours Per Week 37.5

Workday

From 8 AM

To 5 PM

Flextime allowed? No

Mandatory overtime? No

Compressed workweek allowed? Yes

Telecommuting allowed? Yes

County Monroe

Street Address 1 East Avenue

With the possibility of New York City or other locations statewide

City Rochester

State NY

Zip Code 14604

Duties Description ITS provides operational support to state agencies on a 24x7x365 basis; some positions may be required to provide this critical service at any time.This position will be located in Rochester, NY. The position requires availability during off-shift hours to ensure appropriate response to security incidents or other critical activities that may impact sensitive information, critical systems, NYS agencies, or ITS. Additional information on shift will be discussed at time of interview.Under the direction of senior leadership within the Office of Information Technology Services Chief Information Security Office, the incumbent will be a Tier 2 Analyst working in the New York Security Operations Center (NYSOC) participating in the intake and triage of a wide variety of security events for NYSOC subscribers. The incumbent will leverage a variety of threat intelligence sources and indicators of compromise (IOCs) to perform SOC services across a large and diverse multi-entity environment. The incumbent will participate in the ingestion and response to all forms of threat intelligence and vulnerability announcements received from many third parties such as vendors, DHS CISA, MS-ISAC, NYSP, and other sources of open-source intelligence. This position requires the incumbent to possess a solid understanding of the current cyber threat landscape, the tactics, techniques, tools, and procedures commonly leveraged, and the steps necessary to swiftly identify, and contain a potential cyber threat. Additionally, this position requires an incumbent to act with a great deal of independence in alignment with agency and upper-level management strategic direction. Due to the nature of the work performed by the SOC, this position requires availability during off-shift hours to ensure appropriate response to security incidents or other critical activities as needed.Duties include, but are not limited to:• Lead and support Tier 0 and Tier 1 analysts in the identification, triage, and escalation of security events. • Monitor multiple sources (phone, email, automated systems, etc.) for new security events. • Follow all established procedures, workflows, and tasks related to NYSOC activities. • Work with Tier 0 and Tier 1 analysts and the SOC team to ensure identified incidents are documented and escalated efficiently.• Ensure that tickets are properly created and tracked in the ticket management system, and in a timely manner. • Ensure that trusted third party notifications are forwarded to the appropriate stakeholders. • Provide input and feedback in the development and revision of standard operating procedures and workflows. • Provide supporting analysis related to cyber security incidents and events.• Provide input and feedback to the engineering and development team to appropriately tune the performance of multiple security tools such as endpoint detection and response (EDR), Security Orchestration, automation and response (SOAR), sandbox tools, antivirus/antimalware, and security incident and event management (SIEM) to increase the quality of generated alerts.• Participate in active projects to help identify and resolve issues/problems to ensure successful outcomes are achieved.• Maintain an adequate level of current knowledge and proficiency in information security through annual Continuing Professional Education (CPE) credits directly related to information security. • Perform the full range of supervisory responsibilities and additional duties as assigned.

Minimum Qualifications Information Technology Specialist 4 (Information Security)Non-competitive: seven years of information technology, cybersecurity, or information assurance experience**, including one year at the supervisory level.**Substitutions:A bachelor's or higher-level degree in any field including or supplemented by 15 semester credit hours in computer science or related field substitutes for three years of required experience; any bachelor’s substitutes for two years of required experience.An associate degree with 15 semester credit hours in computer science or related field may substitute for one year of required experience. Candidates in a bachelor’s degree program with at least 15 semester credit hours in computer science or related field may substitute such credits for one year of required experience.A master’s degree or higher in computer science or related field substitutes for one year of required experience.Preferred Qualifications: The ideal candidate would possess one or more of the following preferred qualifications:• Certifications in one or more of the following:• Cyber Defense (e.g., GCIA, GCIH, GCED, GSOM, GSOC, GMON, GCDA)• Cyber Threat Intelligence (e.g., GCTI, CTIA, CCIP, GOSI)• Information Security and Management (e.g., CISSP, CISM, CCISO, CCSK)• 2+ years’ experience in one or more of the following:• Working as a senior SOC analyst or team lead• Conducting log analysis (e.g., firewall logs, DNS logs, proxy logs, IDS/IPS logs)• Using SIEM technologies to support in-depth investigations, specifically IBM QRadar• 1+ years’ experience in one or more of the following:• Developing process and training documentation• Participating in cyber incident response• Strong understanding of enterprise IT environments, including but not limited to system administration, network architecture, operating systems, endpoint detection and response tools, and network-based security solutions (e.g., IDS/IPS, firewalls).• Strong understanding of the foundations of Information Security, such as the CIA triad, information classification, identity and access management, risk management, vulnerability management, secure architecture and engineering, network security, software development security, etc.• Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding.• Excellent analytical process, hypothesis generation, and reporting skills.

Additional Comments This posting may be used to fill multiple positions.ITS will not offer permanent employment to any candidate unless the candidate provides documentation that they are authorized to accept work in the United States on a permanent basis. It is the policy of ITS not to hire F1 or H1 visa holders for permanent employment or to sponsor non-immigrant aliens for temporary work authorization visas or for permanent residence.Some positions may require fingerprinting.Some positions may require up to 25% travel and/or lifting up to 50 lbs. Some positions are pending Civil Service approval. Details of position(s) will be described further if you are selected for an interview.Positions located in New York City, will receive an additional $3,400 downstate adjustment location pay with regular annual sal ry. Positions located in the Mid-Hudson will receive an additional 1,650 adjustment location pay.Benefits of Working for NYS Generous benefits package, worth 65% of salary, including:Holiday & Paid Time Off• Thirteen (13) paid holidays annually• Up to Thirteen (13) days of paid vacation leave annually• Up to Five (5) days of paid personal leave annually• Up to Thirteen (13) days of paid sick leave annually for PEF.• Up to three (3) days of professional leave annually to participate in professional developmentHealth Care Benefits• Eligible employees and dependents can pick from a variety of affordable health insurance programs• Family dental and vision benefits at no additional costAdditional Benefits• New York State Employees’ Retirement System (ERS) Membership• NYS Deferred Compensation• Access to NY 529 and NY ABLE College Savings Programs, as well as U.S. Savings Bonds• Public Service Loan Forgiveness (PSLF)• And many more.The Office of Information Technology Services is an equal opportunity employer, and we recognize that diversity in our workforce is critical to fulfilling our mission. We encourage all individuals with disabilities to apply.Some positions may require additional credentials or a background check to verify your identity.

Some positions may require additional credentials or a background check to verify your identity.

Name ITS Human Resources

Telephone

Fax

Email Address

Address

Street Empire State Plaza

Swan Street Building, Core 4, Floor 1

City Albany

State NY

Zip Code 12220

Notes on Applying To apply for this position, please submit a cover letter and resume clearly indicating how you qualify. Ensure that you include the vacancy ID in the subject of your email for prompt routing. Your Social Security number may be required to confirm eligibility.

NY HELP No

Agency Information Technology Services, Office of

Title Information Technology Specialist 3 (Information Security), ref #Roch23

Occupational Category I.T. Engineering, Sciences

Salary Grade 23

Bargaining Unit PS&T - Professional, Scientific, and Technical (PEF)

Salary Range From $86681 to $09650 Annually

Employment Type Full-Time

Appointment Type Contingent Permanent

Jurisdictional Class Non-competitive Class

Travel Percentage 0%

Workweek Other (see below)

"Other" Explanation Multiple shifts being filled for 24x7x365 operationsAdditional details on work shift will be discussed at time of interview

Hours Per Week 37.50

Workday

From 8 AM

To 5 PM

Flextime allowed? No

Mandatory overtime? No

Compressed workweek allowed? Yes

Telecommuting allowed? Yes

County Monroe

Street Address 1 East Avenue

With the possibility of New York City or other locations statewide

City Rochester

State NY

Zip Code 14604

Duties Description ITS provides operational support to state agencies on a 24x7x365 basis; some positions may be required to provide this critical service at any time.This position will be located in Rochester, NY. The position requires availability during off-shift hours to ensure appropriate response to security incidents or other critical activities that may impact sensitive information, critical systems, NYS agencies, or ITS. Additional information on shift will be discussed at time of interview.Under the direction of senior leadership within the Office of Information Technology Services Chief Information Security Office, the incumbent will be a Tier 1 Analyst working in the New York Security Operations Center (NYSOC) participating in the intake and triage of a wide variety of security events for NYSOC subscribers. The incumbent will leverage a variety of threat intelligence sources and indicators of compromise (IOCs) to perform SOC services across a large and diverse multi-entity environment. The incumbent will participate in the ingestion and response to all forms of threat intelligence and vulnerability announcements received from many third parties such as vendors, DHS CISA, MS-ISAC, NYSP, and other sources of open-source intelligence. This position requires the incumbent to possess a solid understanding of the current cyber threat landscape, the tactics, techniques, tools, and procedures commonly leveraged, and the steps necessary to swiftly identify, and contain a potential cyber threat. Additionally, this position requires an incumbent to act with a great deal of independence in alignment with agency and upper-level management strategic direction. Due to the nature of the work performed by the SOC, this position requires availability during off-shift hours to ensure appropriate response to security incidents or other critical activities as needed.Duties include, but are not limited to:• Support Tier 0 analysts in the identification, triage, and escalation of security events. • Monitor multiple sources (phone, email, automated systems, etc.) for new security events. • Follow all established procedures, workflows, and tasks related to NYSOC activities. • Work with Tier 0 analysts and the SOC team to ensure identified incidents are documented and escalated efficiently.• Ensure that tickets are properly created and tracked in the ticket management system, and in a timely manner. • Ensure that trusted third party notifications are forwarded to the appropriate stakeholders. • Provide input and feedback in the development and revision of standard operating procedures and workflows. • Provide supporting analysis related to cyber security incidents and events.• Provide input and feedback to the engineering and development team to appropriately tune the performance of multiple security tools such as endpoint detection and response (EDR), Security Orchestration, automation and response (SOAR), sandbox tools, antivirus/antimalware, and security incident and event management (SIEM) to increase the quality of generated alerts.• Participate in active projects to help identify and resolve issues/problems to ensure successful outcomes are achieved.• Maintain an adequate level of current knowledge and proficiency in information security through annual Continuing Professional Education (CPE) credits directly related to information security. • Perform additional duties as assigned.

Minimum Qualifications Information Technology Specialist 3 (Information Security)Non-competitive: five years of information technology, cybersecurity, or information assurance experience**.**Substitutions:A bachelor's or higher-level degree in any field including or supplemented by 15 semester credit hours in computer science or related field substitutes for three years of required experience; any bachelor’s substitutes for two years of required experience.An associate degree with 15 semester credit hours in computer science or related field may substitute for one year of required experience. Candidates in a bachelor’s degree program with at least 15 semester credit hours in computer science or related field may substitute such credits for one year of required experience.A master’s degree or higher in computer science or related field substitutes for one year of required experience.Preferred Qualifications: The ideal candidate would possess one or more of the following preferred qualifications:• Certifications in one or more of the following:• Cyber Defense (e.g., GCIA, GCIH, GCED, GSOM, GSOC, GMON, GCDA)• Cyber Threat Intelligence (e.g., GCTI, CTIA, CCIP, GOSI)• Information Security Management (e.g., CISSP, CISM, CCISO)• 1+ years’ experience in one or more of the following:• Working as a SOC analyst• Conducting log analysis (e.g., firewall logs, DNS logs, proxy logs, IDS/IPS logs)• Using SIEM technologies to support in-depth investigations• Participating in cyber incident response• Strong understanding of enterprise IT environments, including but not limited to system administration, network architecture, operating systems, endpoint detection and response tools, and network-based security solutions (e.g., IDS/IPS, firewalls).• Strong understanding of the foundations of Information Security, such as the CIA triad, information classification, identity and access management, risk management, vulnerability management, secure architecture and engineering, network security, software development security, etc.• Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding.• Demonstrated critical thinking, problem solving and analytical skills

Additional Comments This posting may be used to fill multiple positions.ITS will not offer permanent employment to any candidate unless the candidate provides documentation that they are authorized to accept work in the United States on a permanent basis. It is the policy of ITS not to hire F1 or H1 visa holders for permanent employment or to sponsor non-immigrant aliens for temporary work authorization visas or for permanent residence.Some positions may require fingerprinting.Some positions may require up to 25% travel and/or lifting up to 50 lbs. Some positions are pending Civil Service approval. Details of position(s) will be described further if you are selected for an interview.Positions located in New York City, will receive an additional $3,400 downstate adjustment location pay with regular annu l salary. Positions located in the Mid-Hudson will receive an additional 1,650 adjustment location pay.Benefits of Working for NYS Generous benefits package, worth 65% of salary, including:Holiday & Paid Time Off• Thirteen (13) paid holidays annually• Up to Thirteen (13) days of paid vacation leave annually• Up to Five (5) days of paid personal leave annually• Up to Thirteen (13) days of paid sick leave annually for PEF.• Up to three (3) days of professional leave annually to participate in professional developmentHealth Care Benefits• Eligible employees and dependents can pick from a variety of affordable health insurance programs• Family dental and vision benefits at no additional costAdditional Benefits• New York State Employees’ Retirement System (ERS) Membership• NYS Deferred Compensation• Access to NY 529 and NY ABLE College Savings Programs, as well as U.S. Savings Bonds• Public Service Loan Forgiveness (PSLF)• And many more.The Office of Information Technology Services is an equal opportunity employer, and we recognize that diversity in our workforce is critical to fulfilling our mission. We encourage all individuals with disabilities to apply.Some positions may require additional credentials or a background check to verify your identity.

Some positions may require additional credentials or a background check to verify your identity.

Name ITS Human Resources

Telephone

Fax

Email Address

Address

Street Empire State Plaza

Swan Street Building, Core 4, Floor 1

City Albany

State NY

Zip Code 12220

Notes on Applying To apply for this position, please submit a cover letter and resume clearly indicating how you qualify. Ensure that you include the vacancy ID in the subject of your email for prompt routing. Your Social Security number may be required to confirm eligibility.

NY HELP No

Agency Information Technology Services, Office of

Title Information Technology Specialist 2 (Information Security), ref #Roch18

Occupational Category I.T. Engineering, Sciences

Salary Grade 18

Bargaining Unit PS&T - Professional, Scientific, and Technical (PEF)

Salary Range From $66951 to $5138 Annually

Employment Type Full-Time

Appointment Type Contingent Permanent

Jurisdictional Class Non-competitive Class

Travel Percentage 0%

Workweek Other (see below)

"Other" Explanation Multiple shifts being filled for 24x7x365 operationsAdditional details on work shift will be discussed at time of interview

Hours Per Week 37.50

Workday

From 8 AM

To 5 PM

Flextime allowed? No

Mandatory overtime? No

Compressed workweek allowed? Yes

Telecommuting allowed? Yes

County Monroe

Street Address 1 East Avenue

With the possibility of New York City or other locations statewide

City Rochester

State NY

Zip Code 14604

Duties Description ITS provides operational support to state agencies on a 24x7x365 basis; some positions may be required to provide this critical service at any time.This position will be located in Rochester, NY. The position requires availability during off-shift hours to ensure appropriate response to security incidents or other critical activities that may impact sensitive information, critical systems, NYS agencies, or ITS. Additional information on shift will be discussed at time of interview.Under the direction of senior leadership within the Office of Information Technology Services Chief Information Security Office, the incumbent will be a Tier 0 Analyst working in the New York Security Operations Center (NYSOC) participating in the intake and triage of a wide variety of security events for NYSOC subscribers. The incumbent will leverage a variety of threat intelligence sources and indicators of compromise (IOCs) to perform SOC services across a large and diverse multi-entity environment. The incumbent will participate in the ingestion and response to all forms of threat intelligence and vulnerability announcements received from many third parties such as vendors, DHS CISA, MS-ISAC, NYSP, and other sources of open-source intelligence. This position requires the incumbent to possess a solid understanding of the current cyber threat landscape, the tactics, techniques, tools, and procedures commonly leveraged, and the steps necessary to swiftly identify, and contain a potential cyber threat. Additionally, this position requires an incumbent to act with a great deal of independence in alignment with agency and upper-level management strategic direction. Due to the nature of the work performed by the SOC, this position requires availability during off-shift hours to ensure appropriate response to security incidents or other critical activities as needed.Duties include, but are not limited to:• Participate in the identification, triage, and escalation of security events. • Respond to customer phone calls and emails in a professional manner.• Analyze emails for malicious content and respond to customers with appropriate actions.• Follow all established procedures, workflows, and tasks related to NYSOC activities. • Ensure identified incidents are escalated efficiently.• Create and track tickets are properly in the ticket management system in a timely manner. • Respond to NYSOC subscriber’s alerts in a timely manner.• Assist with incident response activities including log and packet analysis.• Work with teams inside and outside of the NYSOC to resolve incidents.• Provide input and feedback in the development and revision of standard operating procedures and workflows. • Provide supporting analysis related to cyber security incidents and events. • Maintain an adequate level of current knowledge and proficiency in information security through annual Continuing Professional Education (CPE) credits directly related to information security. • Perform additional duties as assigned.

Minimum Qualifications Information Technology Specialist 2 (Information Security)Non-competitive: two years* of information technology, cybersecurity, or information assurance experience.*Substitutions: A bachelor's or higher-level degree including or supplemented by 15 semester credit hours in computer science substitutes for both years of required experience; or a bachelor's or higher-level degree in any field substitutes for one year of required experience; 60 semester credit hours including or supplemented by 15 semester credit hours in computer science substitutes for one year of required experience.Preferred Qualifications: The ideal candidate would possess one or more of the following preferred qualifications:• Certifications in one or more of the following:• Cyber Defense (e.g., GCIA, GCIH, GCED, GSOM, GSOC, GMON, GCDA)• Cyber Threat Intelligence (e.g., GCTI, CTIA, CCIP, GOSI)• Information Security Management (e.g., CISSP, CISM, CCISO)• 1+ years’ experience in one or more of the following:• Working as a SOC analyst• Conducting log analysis (e.g., firewall logs, DNS logs, proxy logs, IDS/IPS logs)• Using SIEM technologies to support in-depth investigations• Participating in cyber incident response• Strong understanding of enterprise IT environments, including but not limited to system administration, network architecture, operating systems, endpoint detection and response tools, and network-based security solutions (e.g., IDS/IPS, firewalls).• Strong understanding of the foundations of Information Security, such as the CIA triad, information classification, identity and access management, risk management, vulnerability management, secure architecture and engineering, network security, software development security, etc.• Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding.• Demonstrated critical thinking, problem solving and analytical skills.

Additional Comments This posting may be used to fill multiple positions.ITS will not offer permanent employment to any candidate unless the candidate provides documentation that they are authorized to accept work in the United States on a permanent basis. It is the policy of ITS not to hire F1 or H1 visa holders for permanent employment or to sponsor non-immigrant aliens for temporary work authorization visas or for permanent residence.Some positions may require fingerprinting.Some positions may require up to 25% travel and/or lifting up to 50 lbs. Some positions are pending Civil Service approval. Details of position(s) will be described further if you are selected for an interview.Positions located in New York City, will receive an additional $3,400 downstate adjustment location pay with regular an ual salary. Positions located in the Mid-Hudson will receive an additional 1,650 adjustment location pay.Benefits of Working for NYS Generous benefits package, worth 65% of salary, including:Holiday & Paid Time Off• Thirteen (13) paid holidays annually• Up to Thirteen (13) days of paid vacation leave annually• Up to Five (5) days of paid personal leave annually• Up to Thirteen (13) days of paid sick leave annually for PEF.• Up to three (3) days of professional leave annually to participate in professional developmentHealth Care Benefits• Eligible employees and dependents can pick from a variety of affordable health insurance programs• Family dental and vision benefits at no additional costAdditional Benefits• New York State Employees’ Retirement System (ERS) Membership• NYS Deferred Compensation• Access to NY 529 and NY ABLE College Savings Programs, as well as U.S. Savings Bonds• Public Service Loan Forgiveness (PSLF)• And many more.The Office of Information Technology Services is an equal opportunity employer, and we recognize that diversity in our workforce is critical to fulfilling our mission. We encourage all individuals with disabilities to apply.Some positions may require additional credentials or a background check to verify your identity.

Some positions may require additional credentials or a background check to verify your identity.

Name ITS Human Resources

Telephone

Fax

Email Address

Address

Street Empire State Plaza

Swan Street Building, Core 4, Floor 1

City Albany

State NY

Zip Code 12220

Notes on Applying To apply for this position, please submit a cover letter and resume clearly indicating how you qualify. Ensure that you include the vacancy ID in the subject of your email for prompt routing. Your Social Security number may be required to confirm eligibility.

Duties Description ITS provides operational support to state agencies on a 24x7x365 basis; some positions may be required to provide this critical service at any time.

This position will be located in Rochester, NY. The position requires availability during off-shift hours to ensure appropriate response to security incidents or other critical activities that may impact sensitive information, critical systems, NYS agencies, or ITS. Additional information on shift will be discussed at time of interview.

Under the direction of senior leadership within the Office of Information Technology Services Chief Information Security Office, the incumbent will be a Tier 1 Analyst working in the New York Security Operations Center (NYSOC) participating in the intake and triage of a wide variety of security events for NYSOC subscribers. The incumbent will leverage a variety of threat intelligence sources and indicators of compromise (IOCs) to perform SOC services across a large and diverse multi-entity environment. The incumbent will participate in the ingestion and response to all forms of threat intelligence and vulnerability announcements received from many third parties such as vendors, DHS CISA, MS-ISAC, NYSP, and other sources of open-source intelligence.
This position requires the incumbent to possess a solid understanding of the current cyber threat landscape, the tactics, techniques, tools, and procedures commonly leveraged, and the steps necessary to swiftly identify, and contain a potential cyber threat. Additionally, this position requires an incumbent to act with a great deal of independence in alignment with agency and upper-level management strategic direction.
Due to the nature of the work performed by the SOC, this position requires availability during off-shift hours to ensure appropriate response to security incidents or other critical activities as needed.
Duties include, but are not limited to:
• Support Tier 0 analysts in the identification, triage, and escalation of security events.
• Monitor multiple sources (phone, email, automated systems, etc.) for new security events.
• Follow all established procedures, workflows, and tasks related to NYSOC activities.
• Work with Tier 0 analysts and the SOC team to ensure identified incidents are documented and escalated efficiently.
• Ensure that tickets are properly created and tracked in the ticket management system, and in a timely manner.
• Ensure that trusted third party notifications are forwarded to the appropriate stakeholders.
• Provide input and feedback in the development and revision of standard operating procedures and workflows.
• Provide supporting analysis related to cyber security incidents and events.
• Provide input and feedback to the engineering and development team to appropriately tune the performance of multiple security tools such as endpoint detection and response (EDR), Security Orchestration, automation and response (SOAR), sandbox tools, antivirus/antimalware, and security incident and event management (SIEM) to increase the quality of generated alerts.
• Participate in active projects to help identify and resolve issues/problems to ensure successful outcomes are achieved.
• Maintain an adequate level of current knowledge and proficiency in information security through annual Continuing Professional Education (CPE) credits directly related to information security.
• Perform additional duties as assigned.

Minimum Qualifications Information Technology Specialist 3 (Information Security)

Non-competitive: five years of information technology, cybersecurity, or information assurance experience**.
**Substitutions:

A bachelor's or higher-level degree in any field including or supplemented by 15 semester credit hours in computer science or related field substitutes for three years of required experience; any bachelor's substitutes for two years of required experience.

An associate degree with 15 semester credit hours in computer science or related field may substitute for one year of required experience. Candidates in a bachelor's degree program with at least 15 semester credit hours in computer science or related field may substitute such credits for one year of required experience.

A master's degree or higher in computer science or related field substitutes for one year of required experience.

Preferred Qualifications:
The ideal candidate would possess one or more of the following preferred qualifications:
• Certifications in one or more of the following:
• Cyber Defense (e.g., GCIA, GCIH, GCED, GSOM, GSOC, GMON, GCDA)
• Cyber Threat Intelligence (e.g., GCTI, CTIA, CCIP, GOSI)
• Information Security Management (e.g., CISSP, CISM, CCISO)
• 1+ years' experience in one or more of the following:
• Working as a SOC analyst
• Conducting log analysis (e.g., firewall logs, DNS logs, proxy logs, IDS/IPS logs)
• Using SIEM technologies to support in-depth investigations
• Participating in cyber incident response
• Strong understanding of enterprise IT environments, including but not limited to system administration, network architecture, operating systems, endpoint detection and response tools, and network-based security solutions (e.g., IDS/IPS, firewalls).
• Strong understanding of the foundations of Information Security, such as the CIA triad, information classification, identity and access management, risk management, vulnerability management, secure architecture and engineering, network security, software development security, etc.
• Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding.
• Demonstrated critical thinking, problem solving and analytical skills

Additional Comments This posting may be used to fill multiple positions.

ITS will not offer permanent employment to any candidate unless the candidate provides documentation that they are authorized to accept work in the United States on a permanent basis. It is the policy of ITS not to hire F1 or H1 visa holders for permanent employment or to sponsor non-immigrant aliens for temporary work authorization visas or for permanent residence.

Some positions may require fingerprinting.

Some positions may require up to 25% travel and/or lifting up to 50 lbs. Some positions are pending Civil Service approval. Details of position(s) will be described further if you are selected for an interview.

Positions located in New York City, will receive an additional $3,400 downstate adjustment location pay with regular annual salary. Positions located in the Mid-Hudson will receive an additional $1,650 adjustment location pay.

Benefits of Working for NYS Generous benefits package, worth 65% of salary, including:
Holiday & Paid Time Off
• Thirteen (13) paid holidays annually
• Up to Thirteen (13) days of paid vacation leave annually
• Up to Five (5) days of paid personal leave annually
• Up to Thirteen (13) days of paid sick leave annually for PEF.
• Up to three (3) days of professional leave annually to participate in professional development

Health Care Benefits
• Eligible employees and dependents can pick from a variety of affordable health insurance programs
• Family dental and vision benefits at no additional cost

Additional Benefits
• New York State Employees' Retirement System (ERS) Membership
• NYS Deferred Compensation
• Access to NY 529 and NY ABLE College Savings Programs, as well as U.S. Savings Bonds
• Public Service Loan Forgiveness (PSLF)
• And many more.

The Office of Information Technology Services is an equal opportunity employer, and we recognize that diversity in our workforce is critical to fulfilling our mission. We encourage all individuals with disabilities to apply.
Some positions may require additional credentials or a background check to verify your identity.

Some positions may require additional credentials or a background check to verify your identity.

Name ITS Human Resources

Telephone

Fax

Email Address

Address

Street Empire State Plaza

Swan Street Building, Core 4, Floor 1

City Albany

State NY

Zip Code 12220

Notes on Applying To apply for this position, please submit a cover letter and resume clearly indicating how you qualify. Ensure that you include the vacancy ID in the subject of your email for prompt routing. Your Social Security number may be required to confirm eligibility.