Location: Northeastern Regional Information Center - 900 Watervliet-Shaker Road
The work involves responsibility for assessing, testing, reporting and recommending appropriate remediation measures within the information security and systems architecture of the Capital Region BOCES/ Northeastern Regional Information Center (NERIC) Data & Network Operations Center including end user networks and devices. This class differs from that of an Information Security Analyst by virtue of the fact that a Senior Information Security Analyst position may exercise leading the work of others. The incumbent will ensure information security access management, processes and industry standards are followed and maintained. The incumbent may assist BOCES Network Services personnel with identifying and troubleshooting issues relating to information security. Employees in this classification are tasked with assisting administration with internal investigations. Work is performed under the general supervision of a BOCES Supervisor. Does related work as required.
1. Leads the information and security work of the Data & Network Operations Center of the Regional Information Center.
2. Monitors system vulnerability, analyzes findings and performs and/or recommends necessary remediation.
3. Participates in network placement and design review.
4. Assists with activities for providing back-up, recovery and business continuity.
5. Diagnoses and resolves Information Security system, hardware and software problems.
6. Reviews daily security appliances and system logs.
7. Supports forensic and audit reviews to ensure compliance with established standards.
8. Communicates results of daily internal system log analysis and review to appropriate staff.
9. Performs patching of security platforms.
10. Certifies acceptance of data signatures.
11. Advises and assists with system performance and data related tuning.
12. Supports internal investigations by monitoring, retrieving data and reports relating to employees charged with misconduct.
13. Good knowledge of a data & network operations center, infrastructure, systems management, structures and techniques.
14. Good knowledge of electronic data processing systems, principles, practices and procedures of systems and applications programming.
15. Good knowledge of security events incident management (SEIM) platforms.
16. Good knowledge of security login platforms.
17. Working knowledge of electronic data transmission storage and access control.
18. Working knowledge of common information management frameworks.
19. Familiarity with current literature, sources of information and technological developments in the field of information security and systems architecture.
20. Ability to analyze systems requirements of a variety of applications and to design appropriate infrastructures.
21. Ability to track and maintain the inventory of infrastructure, replacement lifecycle and relative budget and planning.
22. Ability to prepare reports and diagrams relative to systems architecture.
23. Ability to direct and review the work of others.
24. Ability to prepare written and oral reports.
25. Ability to accurately convey both written and verbal directions.
26. Ability to form and maintain effective working relationships.
27. Ability to exercise independent judgment.
28. Physical condition commensurate with the demands of the position.