Review Vacancy
The date on which the vacancy post was submitted.Date Posted 03/17/25
The last date that applications will be accepted.Applications Due04/01/25
This is the unique identifier for this vacancy.Vacancy ID182998
Indicates whether if this vacancy posting is part of the NY HELPS Program.NY HELPNo
The agency in which the vacancy exists.AgencyHomeland Security and Emergency Services, Division of
The job title for the vacancy.TitleIntelligence Analyst 1 (Information Systems)
The job title for the vacancy.Occupational CategoryOther Professional Careers
The salary grade for this vacancy. Salaries are determined by salary grade and bargaining unit.Salary Grade25
The collective bargaining unit to which this vacancy is assigned.Bargaining UnitPS&T - Professional, Scientific, and Technical (PEF)
The minimum and maximum of the salary range for this vacancy.Salary RangeFrom $93530 to $117875 Annually
Indicates whether this job is full-time or part-time. If the job is part-time, an estimated percentage will be provided. Employment Type Full-Time
This indicates the type of job, typically permanent, temporary, or provisional. 'Provisional' means that the appointment will be temporary until the incumbent takes and passes an appropriate civil service examination. Appointment Type Contingent Permanent
Estimates the percentage of time incumbents of this vacancy will be required to travel. Travel Percentage 30%
This provides information on the expected workweek. Workweek Mon-Fri
The number of hours in the workweek, typically 37.5 or 40 for full time, or any other number for part time.Hours Per Week 37.5
Workday
If checked, the agency allows flextime. Flextime allowed? No
If checked, this vacancy includes mandatory overtime. Mandatory overtime? No
If checked, this agency allows compressed workweek scheduling. Compressed workweek allowed? No
If checked, this agency allows telecommuting for this position. Telecommuting allowed? Yes
The county in which the vacancy is located. County New York
The street address where the vacancy is located. Street Address 633 3rd Ave.
The city where the vacancy is located. City New York
The state where the vacancy is located (the default is New York). StateNY
The zip code where the vacancy is located. Zip Code10017
The duties that the incumbent of the vacancy will be expected to perform. Duties Description The incumbent will report to the Cyber Incident Response Team (CIRT) in the Office of Counter Terrorism (OCT). Duties include but are not limited to:
• Serve as a subject matter expert in cybersecurity incident response.
• Provide cyber incident response support, including digital forensics and root cause analysis, for confirmed actionable incidents such as detected cyber-attacks, malware infections, or ransomware events.
• Determine root cause(s) of a cyber incident and provide affected entities with actionable recommendations to contain, eradicate, and mitigate threats.
• Respond to reported cyber incidents swiftly and ensure all incidents are documented accurately in the tracking system in a timely manner.
• Escalate and brief leadership on cyber incidents, especially those that could have an impact to health, safety, and state operations.
• Maintain clear and consistent communication with cyber partners across New York State throughout the incident response process.
• Use incident data to identify specific vulnerabilities and provide recommendations to help strengthen the affected entities security posture and prevent future threats.
• Continuously develop, review, and update digital forensics and incident response policies, procedures, and user guides to support program growth and improvement.
• Manage the digital forensics and incident response lab functions, including managing tools, resources, and workflows to stay current and prepared.
• Effectively communicate cybersecurity details and technical analysis to audiences within an organization to ensure appropriate actions are taken by decision-makers.
• Communicate cyber threats and vulnerabilities clearly and concisely, both verbally and in writing, to state and local officials, ensuring they are informed and able to take appropriate action.
• Maintain up-to-date technical knowledge of cybersecurity issues and emerging trends to stay ahead of potential risks and support proactive security development.
• Assist in developing and distributing actionable strategic, technical, and tactical cyber information and intelligence to non-executive agencies, local governments, and public authorities through weekly, monthly, or ad hoc reports, briefings, and presentations.
• Support cybersecurity meetings, presentations, seminars, etc., to foster information-sharing and raise awareness across relevant stakeholders.
• Support training exercises targeted to non-executive agencies, local governments, and public authorities focusing on cybersecurity best practices.
• Support other CIRT program areas as required.
• Travel is required
The minimum qualifications required for this vacancy. Minimum Qualifications Non-competitive:
Bachelor’s degree with at least 15 credit hours in cyber security, information assurance, or information technology; and three years of information technology experience including two years of information security or information assurance experience*.
*Experience solely in information security or information assurance may substitute for
the general information technology experience.
Substitution: bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year-for-year basis; an associate degree requires an additional two years of general information technology experience.
Desired SANS Global Information Assurance Certifications:
Certified Incident Handler Certification, GCIH
Certified Forensic Analyst, GCFA
Certified Forensic Examiner, GCFE
Cloud Forensics Responder, GCFR
Enterprise Incident Responder, GEIR
Network Forensic Analyst, GNFA
Penetration Tester Certification, GPEN
Reverse Engineering Malware, GREM
Web Application Penetration Tester, GWAPT
Additional comments regarding the vacancy. Additional Comments This position is eligible for location pay of $4,000.
Possession and maintenance of a valid Driver’s License issued by the NYS Department of Motor Vehicle is required, or otherwise demonstrate the capacity to meet the transportation needs of the job.
NOTE: Support of operations during times of emergency and disaster from State Emergency Operations Center (EOC), state field offices and/or local deployments may be required, which would result in a change and/or increase in working hours, locations and/or duties.
NOTE ON TELECOMMUTING: Employees are required to apply and obtain approval through management to telecommute according to the agency’s Telecommuting Program Guidelines.
Some positions may require additional credentials or a background check to verify your identity.
The name of the contact person for this vacancy. Name Human Resources/SB
The telephone number to use for questions about this vacancy. Telephone 518-486-5700
The fax to use for this vacancy. Fax 518-485-8432
Email address for emailing applications, or to ask questions about this vacancy. Email Address HRresumes@dhses.ny.gov
Address
The street address of the contact for this vacancy. Street NYS Division of Homeland Security and Emergency Services, HRM
1220 Washington Ave., Bldg. 7A, 5th Floor
The city for the contact for this vacancy. City Albany
The state of the contact for this vacancy (the default is New York). State NY
The zip code for the contact for this vacancy. Zip Code 12226
Instructions for potential applicants.Notes on ApplyingPlease submit a resume and cover letter detailing how you meet the minimum qualifications. Indicate the Position Title & Vacancy ID 182998 in the subject line of your application email to HRresumes@dhses.ny.gov.