Location: Northeastern Regional Information Center - 900 Watervliet-Shaker Road
Basic Function: The Information Security Technician is the primary contact for employees regarding possible security risks to their systems. Incumbent provides prescribed technical assistance to users via the telephone for problems that relate to information security and systems architecture of the Capital Region BOCES/Northeastern Regional Information Center (NERIC) Data & Network Operations Center. The work involves responsibility for documenting the reported issue and escalating the issue to the Information Security Analyst and assisting with the appropriate remediation measures within the information security and systems architecture, including end user networks and devices. The incumbent will assist in ensuring that information security access management; processes and industry standards are followed and maintained. Unlike the Information Security Analyst, employees in this classification are not tasked with assisting administration with internal investigations, though may provide detailed documentation to be used in such investigations. Work is performed under the general supervision of a BOCES Supervisor. Does related work as required.
Responsibilities:
1. Monitors results of daily internal system log analysis and alerts appropriate staff of any concerns.
2. Assists in the daily review of security appliances and system logs.
3. Monitors system vulnerability and escalates issues needing analysis, as required.
4. Assists with security scanning or testing.
5. Reviews forensic and audit reviews to assist with compliance established standards.
6. Assists with activities for providing back-up, recovery and business continuity.
7. Assists with the configuration and certification acceptance of data signatures.
8. Assists with system performance and data related tuning.
9. Receives notifications via telephone, e-mail, facsimile, mail, and in person regarding possible security systems issues.
10. Prepares reports as needed.
11. Working knowledge of networking and operating systems.
12. Working knowledge of current literature, sources of information and technological developments in the field of information security and systems architecture.
13. Working knowledge of security events incident management (SEIM) platforms.
14. Working knowledge of security login platforms.
15. Ability to understand systems requirements of a variety of applications.
16. Ability to prepare written and oral reports.
17. Ability to accurately convey both written and verbal directions.
18. Ability to form and maintain effective working relationships.
19. Ability to work well with customers and service agencies.
20. Physical condition commensurate with the demands of the position.
A. Graduation from a regionally accredited college or university or one accredited by the New York State Board of Regents to grant degrees with a Bachelor’s degree in information security, information systems, computer science, information resources management, information technology or a closely related field; OR
B. Graduation from a regionally accredited college or university or one accredited by the New York State Board of Regents to grant degrees with an Associate’s degree in information security, information systems, computer science, information resources management, information technology or a closely related field, and two (2) years of work experience in information technology which include, or are closely related to, two of the eight domains of information security1.
NOTES:
1. The following are the eight domains of information security: 1. Security and Risk Management; 2. Asset Security; 3. Security Engineering; 4. Communication and Network Security; 5. Identity and Access Management; 6. Security Assessment and Testing; 7. Security Operations; and, 8. Software Development Security.
2. Certifications in the domains of information security, such as SSCP, CCSP, CAP, CSSLP, CCFP, or HCISPP may be substituted for two (2) years of experience.
Vacancies are filled by certified list provided by Albany County Civil Service. Should no certified list be available, candidates appointed to this position will be serving in a provisional appointment in accordance with New York State Civil Service Law. The candidate must successfully complete a competitive examination and be eligible for appointment in accordance with Civil Service Law and the Civil Service Rules for Albany County to obtain a permanent appointment.