Minimum Qualifications
Non-competitive minimum qualifications:
Bachelor's degree and four years of information system intelligence analysis; OR associate's degree and six years of relevant experience; OR eight years of relevant experience in intelligence analysis for a governmental entity.
Duties Description
The incumbent will report to the Office of Counter Terrorism's (OCT) Cyber Incident Response Team (CIRT). Duties include but are not limited to:
- Serve as a subject matter expert in cyber security incident response.
- Serve as a subject matter expert for all DHSES CIRT programs and initiatives focused on Vulnerability and Penetration Testing.
- Generate actionable reports based on vulnerability scans and penetration tests and provide customer-based follow-up.
- Help develop Penetration Testing plans, processes, and procedures.
- Conduct cyber security assessments for various state and local agencies to include network scans, and cyber threat and vulnerability analysis; and make recommendations for mitigating cyber risks based on findings.
- Manage and participate in all phases of design, configuration, and construction, including acquisition of hardware and software for the CIRT LAB and mobile equipment kits.
- Monitor cyber incident phone line and respond to reported incidents swiftly.
- Provide Cyber Incident Response (IR) support when analysis confirms an actionable incident, such as a detected cyber-attack, malware, or ransomware.
- Determine root causes of a cyber incident and work with affected agencies to implement efficient remediation plans.
- Detect host and network-based intrusions via intrusion detection technologies.
- Use incident data to identify specific vulnerabilities and make recommendations for improvements.
- Effectively communicate cyber security details and technical analysis to audiences within an organization.
- Maintain up-to-date technical knowledge of cyber security issues and emerging trends.
- Communicate effectively, orally and in writing, with state and local officials regarding cyber threats and vulnerabilities.
- Help develop and disseminate actionable strategic, technical, and tactical cyber information and intelligence to non-Executive agencies, local governments, and public authorities through weekly, monthly, or ad hoc reports, briefings, and presentations.
- Support cyber security meetings, presentations, seminars, etc., to foster information-sharing and enhance awareness.
- Support training exercises targeted to non-Executive agencies, local governments, and public authorities on cyber security best practices.
Additional Comments
This position is eligible for location pay of $3,400.
Possession and maintenance of a valid Driver's License issued by the NYS Department of Motor Vehicle is required.
NOTE: Support of operations during times of emergency and disaster from State Emergency Operations Center (EOC), state field offices and/or local deployments may be required, which would result in a change and/or increase in working hours, locations and/or duties.
NOTE ON TELECOMMUTING: Employees are required to apply and obtain approval through management to telecommute according to the agency’s Telecommuting Program Guidelines.