Security Analyst Expert - PSI International (Schenectady)
Compensation: $95,696.67 - $187,860.00 /year *
Employment Type: Full-Time
Industry: Information Technology
Agency Name: NYS Department of Financial Services
Is this a Project/Program specific Position?
If YES, list the Project/Program Name:
Provide a short description of the Position:
IT systems security of Client.
Provide a list of the day to day tasks to be performed by the Selected Candidate:
The Security Analyst performs two core functions for the enterprise. The first is guiding the operations of the enterprise's security solutions through management of the organization's security analysts. The second is establishing an enterprise security stance through policy, architecture and training processes. Secondary tasks will include the selection of appropriate security solutions and guiding any vulnerability audits and assessments. The Security Analyst is expected to interface with peers in the Systems and Network departments as well as with the leaders of the business units to both share the corporate security vision with those individuals and to solicit their involvement in achieving higher levels of enterprise security through information sharing and co-operation.
Strategy & Planning
\" Create and maintain the enterprise's security architecture design.
\" Create, and maintain the enterprise's security awareness training program.
\" Create and maintain the enterprise's security documents (policies, standards, baselines, guidelines and procedures).
\" Create and maintain the enterprise's Business Continuity Plan and Disaster Recovery Plan, where appropriate.
Acquisition & Deployment
\" Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
\" Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security as per the enterprise's existing procurement processes.
\" Guide the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically.
\" Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other data repositories.
\" Ensure the enforcement of enterprise security documents.
\" Guide all investigations into problematic activity and provide on-going communication with senior management.
\" Guide the design and execution of vulnerability assessments, penetration tests and security audits.
\" Perform regular security awareness training for all employees to ensure consistently high levels of compliance with enterprise security documents.
\" Engage in ongoing communications with peers in the Systems and Networking groups as well as the various business groups to ensure enterprise wide understanding of security goals, to solicit feedback and to foster co-operation.
Number of Position(s) being requested:
(Maximum of 5 per Attachment 7, Section 1.2.1)
Position Job Title:
(Per Attachment 4)
Position Skill Level:
(Per Attachment 4)
Number of Form 2 Candidate Responses allowed per Contractor, per Position?
(1 or 2 per Attachment 7, Section 1.2.2)
Target Start Date:
(30 Business Days minimum and 90 Calendar Days maximum from date of request)
Engagement Length in Months:
(2 to 30 per Attachment 7, Section 1.2.3)
Is this a Full or Part-Time Position?
(Full-Time is 40 Hours Per Week)
If Part-Time, enter approximate number of hours per week:
What are the daily work hours?
(Note if negotiable or list preferred start and end time):
Where is the Home Base Region?
(Per Attachment 4)
Where is the physical work office located?
One State Street Plaza, Second Floor, New York, New York 10004
What type of software is typically used by the Agency?
What type of hardware is typically used by the Agency?
Position Mandatory Qualification (Per Attachment 7, Section 1.2.4)
Plans and carries out security measures to protect an organization's computer networks and systems.
Skill level of Expert:
Expert 84+ Months Candidate is able to provide guidance to large teams and/or has extensive industry experience and is considered at the top of his/her field.
84 Months of experience enterprise security architecture design.
84 months of experiences in designing and delivering employee security awareness training.
84 months of experiences in designing and executing vulnerability tests
84 months of experience in software security assurance
Certifications in CISSP, CISA, or CISM
Additional Information Requests:
Are there additional security requirements for the Authorized User?
If YES, include the additional security requirements:
Will additional training potentially be required during the Engagement?
If YES, provide description of anticipated training:
What type and/or manner, of knowledge transfer is requested during the Engagement?
Person to Person
Is travel anticipated during the Engagement?
If YES, list anticipated frequency and locations for travel:
Associated topics: attack, cybersecurity, identity access management, information assurance, information security, information technology security, phish, protect, security analyst, threat
* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.
Loading some great jobs for you...