Manager Information Technology Services 1 (Infomation ...

NY HELP No Agency Information Technology Services, Office of Title Manager Information Technology Services 1 (Infomation Security) Occupational Category I.T. Engineering, Sciences Salary Grade 27 Bargaining Unit PS&T - Professional, Scientific, and Technical (PEF) Salary Range From $106898 to $131665 Annually Employment Type Full-Time Appointment Type Contingent Permanent Jurisdictional Class Non-competitive Class Travel Percentage 0% Workweek Mon-Fri Hours Per Week 37.5 Workday From 8 AM To 5 PM Flextime allowed? No Mandatory overtime? No Compressed workweek allowed? No Telecommuting allowed? Yes County Albany Street Address 50 Wolf Road, Floor 2 City Albany State NY Zip Code 12232 Duties Description The New York State Office of Information Technology Services (ITS) provides operational support 24 hours a day, 7 days a week, 365 days of the year, supporting more than 4,900 applications for 53 New York State Agencies.The New York State Department of Transportation (DOT) Office of Traffic Safety and Mobility (OTSM) and ITS are in year one of five years, implementing a Technology Plan designed to improve both safety and mobility by enhancing, streamlining, and improving resiliency of transportation system management and operations (TSMO) strategies. The portfolio of work includes 29 overall projects that address governance, legacy technology replacement, and installation of proven technology innovations. OTSM and ITS have established a joint Operational Technology Team (OT Team) to design, build, test and implement the portfolio of work and provide ongoing operational support of the portfolio. Under the direction of the Director of IT/OT Convergence within Dedicated Support, Department of Transportation (DOT), the Manager Information Technology Services 1 (Information Security) will be responsible for developing, implementing, and maintaining the organization's information security program, with a specific focus on OT environments within the transportation sector. This includes securing Intelligent Transportation Systems, ensuring transportation safety, and protecting critical infrastructure. The role focuses on protecting the confidentiality, integrity, and availability of OT/IT systems. The OT/IT Security Officer will collaborate with the TSMO Technology team to establish and maintain a robust and effective security posture across the TSMO landscape.Duties include, but are not limited to, the following:OT/IT Security Program Development and Managementu2022 Develop, implement, and maintain a comprehensive OT/IT security program aligned with industry best practices (e.g., NIST 800-82, ISA/IEC 62443, Transportation Security Administration (TSA) guidelines), regulatory requirements, and organizational policies.u2022 Conduct risk assessments and vulnerability assessments of OT/IT systems and infrastructure to identify security gaps and prioritize remediation efforts.u2022 Develop and maintain OT/IT security policies, standards, and procedures, specifically addressing transportation safety concerns.u2022 Establish and manage an OT/IT security awareness training program for employees, contractors, and transportation partners.u2022 Perform the full range of supervisory duties.Security Architecture and Implementation u2022 Design and implement secure network architectures for OT/IT environments, including network segmentation, firewalls, intrusion detection/prevention systems (IDS/IPS), and other security controls.u2022 Evaluate and recommend security technologies and solutions for OT/IT systems, considering the unique challenges of transportation environments (e.g., mobile assets, remote locations).u2022 Oversee the implementation and configuration of security controls on OT/IT devices and systems, including those used in vehicles, traffic management centers, and roadside infrastructure.u2022 Ensure proper patching and vulnerability management processes are in place for OT/IT assets, with consideration for the operational impact of cident Response and Forensicsu2022 Develop and maintain an OT/IT incident response plan, specifically addressing transportation-related incidents (e.g., traffic signal manipulation, vehicle hacking).u2022 Lead and participate in OT/IT security incident investigations.u2022 Conduct forensic analysis of OT/IT systems to identify the root cause of security incidents.u2022 Coordinate with OITS security teams and transportation authorities on cross-functional incident response activities.Transportation Safety and Complianceu2022 Ensure network infrastructure complies with relevant transportation safety regulations and standards (e.g., FRA, FTA, DOT).u2022 Participate in safety audits and risk assessments related to OT network infrastructure.u2022 Implement and maintain network configurations that support failover and redundancy to ensure system availability in critical pliance and Auditingu2022 Ensure compliance with relevant regulatory requirements and industry standards (e.g., NERC CIP (if applicable), TSA security directives, state DOT regulations).u2022 Conduct regular security audits and assessments of OT/IT systems.u2022 Manage and respond to internal and external audit findings.Collaboration and Communicationu2022 Collaborate with relevant teams to ensure a coordinated approach to security.u2022 Communicate security risks and vulnerabilities to stakeholders in a clear and concise manner, emphasizing the impact on transportation safety and efficiency.u2022 Stay up-to-date on the latest OT/IT security threats, vulnerabilities, and trends, including those specific to the transportation sector.u2022 Participate in industry forums and working groups to share knowledge and best practices related to transportation security.Vendor Managementu2022 Assess the security posture of OT/IT vendors and service providers.u2022 Review and approve security requirements for OT/IT vendor contracts.u2022 Monitor vendor compliance with security policies and standards. Minimum Qualifications MINIMUM QUALIFICATIONS:Non-competitive: Seven years of information technology, cybersecurity, or information assurance experience, including one year at the supervisory level.EDUCATION/EXPERIENCE SUBSTITUTIONS:A bachelor's or higher-level degree in any field including or supplemented by 15 semester credit hours in computer science or related field substitutes for three years of required experience; any bacheloru2019s substitutes for two years of required experience.An associate degree with 15 semester credit hours in computer science or related field may substitute for one year of required experience. Candidates in a bacheloru2019s degree program with at least 15 semester credit hours in computer science or related field may substitute such credits for one year of required experience.A masteru2019s degree or higher in computer science or related field substitutes for one year of required experiencePREFERRED QUALIFICATIONS:Certificationsu2022 Preference for candidates holding relevant Information Security industry certification, including but not limited to Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and Certified in Risk and Information Systems Control (CRISC).Skillsu2022 Strong understanding of OT/IT systems, including industrial control systems (ICS), SCADA systems, and distributed control systems (DCS).u2022 Knowledge of OT/IT architectures, communication protocols, and security considerations.u2022 Knowledge of OT/IT security standards and frameworks (e.g., NIST 800-82, ISA/IEC 62443).u2022 Experience with network security technologies, such as firewalls, intrusion detection/prevention systems (IDS/IPS), and VPNs.u2022 Experience with vulnerability assessment and penetration testing tools.Soft Skillsu2022 Strong analytical and problem-solving skills.u2022 Excellent communication and interpersonal skills.u2022 Ability to work independently and as part of a team.u2022 Ability to prioritize tasks and manage time effectively.u2022 Ability to communicate technical information to non-technical audiences.u2022 Strong leadership and mentoring skills.Please Note:u2022 Appointment to this position and continued employment with the agency is contingent upon obtaining and/or maintaining New York State residency within six months of hiring. u2022 Appointment to this position is not final until all agency approvals have been granted. Additional Comments ITS will not offer permanent employment to any candidate unless the candidate provides documentation that they are authorized to accept work in the United States on a permanent basis. It is the policy of ITS not to hire F1 or H1 visa holders for permanent employment or to sponsor non-immigrant aliens for temporary work authorization visas or for permanent residence.Fingerprinting and background check are required for employment with ITS.Details of the position will be described further if you are selected for an interview. Salary Commensurate with experience Benefits of Working for NYS Generous benefits package, worth 65% of salary, including: Holiday & Paid Time Off u2022 Thirteen (13) paid holidays annually u2022 Up to Thirteen (13) days of paid vacation leave annually u2022 Up to Five (5) days of paid personal leave annually u2022 Up to Eight (8) days of paid sick leave annually u2022 Up to three (3) days of professional leave annually to participate in professional development Health Care Benefits u2022 Eligible employees and dependents can pick from a variety of affordable health insurance programs u2022 Family dental and vision benefits at no additional cost Additional Benefits u2022 New York State Employeesu2019 Retirement System (ERS) Membership u2022 NYS Deferred Compensation u2022 Access to NY 529 and NY ABLE College Savings Programs, as well as U.S. Savings Bonds u2022 Public Service Loan Forgiveness (PSLF) u2022 And many moreThe Office of Information Technology Services is an equal opportunity employer, and we recognize that diversity in our workforce is critical to fulfilling our mission. We encourage all individuals with disabilities to apply.This position may require critical services to be performed outside of normal work schedule. Some positions may require additional credentials or a background check to verify your identity. Name Michael Penticuff Telephone 518-473-0398 Fax 518-402-4924 Email Address Address Street Empire State Plaza Swan Street Building, Core 4, Floor 1 City Albany State NY Zip Code 12220 Notes on Applying To apply, please submit a cover letter and resume. Please indicate that you are applying for the Manager Information Technology Services 1 (Information Security) position and include the Vacancy ID in the subject of your email.Your Social Security number may be required to confirm eligibility.

Created: 2025-10-06