Manager Information Technology Services 2 Information Security - 9865

Manager Information Technology Services 2 Information Security - 9865

Under the direction of senior leadership within the Office of Information Technology Services Chief Information Security Office Cyber Command Center, the incumbent will function as Security Operations Center (SOC) Use Case and Content Manager and lead the team responsible for the creation of procedures, the implementation of processes, and the development and maintenance of Use Cases and Content for managing and maintaining NYSOC systems. The candidate will work closely with management, cybersecurity analysts, and the threat intelligence team to create SIEM rules and analytic tool automations to improve event monitoring and response. The incumbent will lead the team in the development of use cases, rules, log source, application maintenance and updates. The candidate will collaborate with internal and external teams on SIEM functional requirements: logging, event collection, normalization, correlation, storage, system access, reporting, and customization. This position requires the incumbent to possess a solid understanding of the current cyber threat landscape, the tactics, techniques, tools, and procedures commonly leveraged, and the steps necessary to swiftly identify and contain a potential cyber threat. Additionally, this position requires an incumbent to act with a great deal of independence in alignment with agency and upper-level management strategic direction. Due to the nature of the work performed by the SOC, this position requires availability during off-shift hours to ensure appropriate response to security incidents or other critical activities as needed. This position is available and can be filled in any of the following NYSOC locations: Latham, Rochester, or New York City. Additional information on work schedule will be discussed at time of interview. Specific duties include, but are not limited to:

- Lead the Use Case team and be responsible for the strategic development and refinement of security use cases, aligning detection and response capabilities with organizational risks and the evolving threat landscape.

- Provide mentorship and guidance to use case developers in the design, development, and implementation of security use cases, elevating the team's overall expertise and effectiveness in threat detection.

- Coordinate change management processes for testing and validating systems to production.

- Provide guidance and input on active projects to help identify and resolve issues/problems to ensure successful outcomes are achieved.

- Supervise subordinate staff in the proper performance of their duties and perform the full range of administrative supervisory responsibilities.

- Work with internal and client ticketing and knowledge base systems for Incident and Problem tracking as well as procedures.

- Monitor the SIEM and Incident Management systems performance.

- Develop use cases, rules, log source, application maintenance and updates.

- Configure custom log sources for SOC applications, and management.

- Collaborate with internal and external teams on SIEM functional requirements: logging, event collection, normalization, correlation, storage, system access, reporting, and customization.

- Review log sources, alerts, and integrations for auditing.

- Conduct research, analysis, and correlation across a wide variety of SOC processes, procedures, and use cases.

- Review cases escalated by SOC analysts to investigate, respond and remediate.

- Plan and recommend modifications or adjustments based on testing results or system environment.

- Identify new use cases and playbooks that need to be developed based on incident reviews.

- Document and escalate incidents using information gathered from a variety of sources.

- Create technical reports and executive summaries related to cyber security incidents and events.

Minimum Qualifications Non-competitive: Eight years of information technology, cybersecurity, or information assurance experience, including two years at the supervisory level.

Substitutions: A bachelor's or higher-level degree in any field including or supplemented by 15 semester credit hours in computer science or related field substitutes for three years of required experience; any bachelor's substitutes for two years of required experience. An associate degree with 15 semester credit hours in computer science or related field may substitute for one year of required experience. Candidates in a bachelor's degree program with at least 15 semester credit hours in computer science or related field may substitute such credits for one year of required experience. A master's degree or higher in computer science or related field substitutes for one year of required experience.

Benefits of Working for NYS Generous benefits package, worth 65% of salary, including: Holiday & Paid Time Off- Thirteen (13) paid holidays annually- Up to Thirteen (13) days of paid vacation leave annually- Up to Five (5) days of paid personal leave annually- Up to Thirteen (13) days of paid sick leave annually for PEF.- Up to three (3) days of professional leave annually to participate in professional development Health Care Benefits- Eligible employees and dependents can pick from a variety of affordable health insurance programs- Family dental and vision benefits at no additional cost Additional Benefits- New York State Employees' Retirement System (ERS) Membership- NYS Deferred Compensation- Access to NY 529 and NY ABLE College Savings Programs, as well as U.S. Savings Bonds- Public Service Loan Forgiveness (PSLF)- And many more.

The Office of Information Technology Services is an equal opportunity employer, and we recognize that diversity in our workforce is critical to fulfilling our mission. We encourage all individuals with disabilities to apply.