NY HELP No Agency Homeland Security and Emergency Services, Division of Title Intelligence Analyst 1 (Information Systems) Occupational Category Other Professional Careers Salary Grade 25 Bargaining Unit PS&T - Professional, Scientific, and Technical (PEF) Salary Range From $93530 to $117875 Annually Employment Type Full-Time Appointment Type Contingent Permanent Jurisdictional Class Non-competitive Class Travel Percentage 30% Workweek Mon-Fri Hours Per Week 37.5 Workday From 8 AM To 5 PM Flextime allowed? No Mandatory overtime? No Compressed workweek allowed? No Telecommuting allowed? Yes County New York Street Address 633 3rd Ave. City New York State NY Zip Code 10017 Duties Description The incumbent will report to the Cyber Incident Response Team (CIRT) in the Office of Counter Terrorism (OCT). Duties include but are not limited to:• Serve as a subject matter expert in cybersecurity incident response.• Provide cyber incident response support, including digital forensics and root cause analysis, for confirmed actionable incidents such as detected cyber-attacks, malware infections, or ransomware events.• Determine root cause(s) of a cyber incident and provide affected entities with actionable recommendations to contain, eradicate, and mitigate threats.• Respond to reported cyber incidents swiftly and ensure all incidents are documented accurately in the tracking system in a timely manner.• Escalate and brief leadership on cyber incidents, especially those that could have an impact to health, safety, and state operations.• Maintain clear and consistent communication with cyber partners across New York State throughout the incident response process.• Use incident data to identify specific vulnerabilities and provide recommendations to help strengthen the affected entities security posture and prevent future threats.• Continuously develop, review, and update digital forensics and incident response policies, procedures, and user guides to support program growth and improvement.• Manage the digital forensics and incident response lab functions, including managing tools, resources, and workflows to stay current and prepared.• Effectively communicate cybersecurity details and technical analysis to audiences within an organization to ensure appropriate actions are taken by decision-makers.• Communicate cyber threats and vulnerabilities clearly and concisely, both verbally and in writing, to state and local officials, ensuring they are informed and able to take appropriate action.• Maintain up-to-date technical knowledge of cybersecurity issues and emerging trends to stay ahead of potential risks and support proactive security development.• Assist in developing and distributing actionable strategic, technical, and tactical cyber information and intelligence to non-executive agencies, local governments, and public authorities through weekly, monthly, or ad hoc reports, briefings, and presentations.• Support cybersecurity meetings, presentations, seminars, etc., to foster information-sharing and raise awareness across relevant stakeholders.• Support training exercises targeted to non-executive agencies, local governments, and public authorities focusing on cybersecurity best practices.• Support other CIRT program areas as required.• Travel is required Minimum Qualifications Non-competitive: Bachelor’s degree with at least 15 credit hours in cyber security, information assurance, or information technology; and three years of information technology experience including two years of information security or information assurance experience*.*Experience solely in information security or information assurance may substitute forthe general information technology experience.Substitution: bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year-for-year basis; an associate degree requires an additional two years of general information technology experience.Desired SANS Global Information Assurance Certifications:Certified Incident Handler Certification, GCIHCertified Forensic Analyst, GCFACertified Forensic Examiner, GCFECloud Forensics Responder, GCFREnterprise Incident Responder, GEIRNetwork Forensic Analyst, GNFAPenetration Tester Certification, GPENReverse Engineering Malware, GREMWeb Application Penetration Tester, GWAPT Additional Comments This position is eligible for location pay of $4,000.Possession and maintenance of a valid Driver’s License issued by the NYS Department of Motor Vehicle is required, or otherwise demonstrate the capacity to meet the transportation needs of the job.NOTE: Support of operations during times of emergency and disaster from State Emergency Operations Center (EOC), state field offices and/or local deployments may be required, which would result in a change and/or increase in working hours, locations and/or duties.NOTE ON TELECOMMUTING: Employees are required to apply and obtain approval through management to telecommute according to the agency’s Telecommuting Program Guidelines. Some positions may require additional credentials or a background check to verify your identity. Name Human Resources/SB Telephone 518-486-5700 Fax 518-485-8432 Email Address HRresumes@dhses.ny.gov Address Street NYS Division of Homeland Security and Emergency Services, HRM 1220 Washington Ave., Bldg. 7A, 5th Floor City Albany State NY Zip Code 12226 Notes on Applying Please submit a resume and cover letter detailing how you meet the minimum qualifications. Indicate the Position Title & Vacancy ID 182998 in the subject line of your application email to HRresumes@dhses.ny.gov.