Information Security Analyst

Posted: 08/16/17 | SHARE:

Description:

The work involves responsibility for assessing, testing, reporting and recommending appropriate remediation measures within the information security and systems architecture of the Northeastern Regional Information Center (NERIC) Data & Network Operations Center including end user networks and devices. The incumbent will ensure information security access management, processes and industry standards are followed and maintained. The incumbent may assist BOCES Network Services personnel with identifying and troubleshooting issues relating to information security. Work is performed under the general supervision of a BOCES Supervisor. Does related work as required.

 Reviews daily security appliances and system logs;

 Monitors system vulnerability, analyzes findings and identifies areas requiring remediation;

 Assists with activities for providing back-up, recovery and business continuity;

 Updates configuration and certification acceptance of data signatures;  Advises and assists with system performance and data related tuning;

 Supports forensic and audit reviews to ensure compliance with established standards;

 Prepares reports as needed;

 Communicates results of daily internal system log analysis and review to appropriate staff.

 Good knowledge of networking and operating systems;

 Good knowledge of current literature, sources of information and technological developments in the field of information security and systems architecture;

 Working knowledge of security events incident management (SEIM) platforms;

 Working knowledge of security login platforms;

 Ability to analyze systems requirements of a variety of applications;

 Ability to prepare written and oral reports;

 Ability to accurately convey both written and verbal directions;

 Ability to form and maintain effective working relationships;

 Ability to work well with customers and service agencies;

 Physical condition commensurate with the demands of the position.

Qualifications:

-Graduation from a regionally accredited college or university or one accredited by the New York State Board of Regents to grant degrees with a Bachelor’s degree in information security, information systems, computer science, information resources management, information technology or a closely related field, and four (4) years of work experience in information technology, two (2) years of which included, or was closely related to, two of the eight domains of information security1; OR,

-Graduation from a regionally accredited college or university or one accredited by the New York State Board of Regents to grant degrees with an Associate’s degree in information security, information systems, computer science, information resources management, information technology or a closely related field, and six (6) years of work experience in information technology, two (2) years of which included, or was closely related to, two of the eight domains of information security1.

NOTES:

-The following are the eight domains of information security: 1. Security and Risk Management; 2. Asset Security; 3. Security Engineering; 4. Communication and Network Security; 5. Identity and Access Management; 6. Security Assessment and Testing; 7. Security Operations; and, 8. Software Development Security.

-Certifications in the domains of information security, such as CISSP, SSCP, CCSP, CAP, CSSLP, CCFP, or HCISPP, may be substituted for up to two (2) years of experience.

Vacancies are filled by certified list provided by Albany County Civil Service. Should no certified list be available, candidates appointed to this position will be serving in a provisional appointment in accordance with New York State Civil Service Law. The candidate must successfully complete a competitive examination and be eligible for appointment in accordance with Civil Service Law and the Civil Service Rules for Albany County to obtain a permanent appointment.

Application Deadline: August 18, 2017

Apply to: CRBRecruitment@neric.org which should include your letter of interest and resume.

Return to job listings