Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Jobs - SANS Internet Storm Center InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Joint Security Operations Center Program Manager
Company NYS Office of Information Technology Services
Location Brooklyn, NY
Preferred GIAC Certifications GSEC, GSOM
Travel 10%
Salary From $124534 to $157338 Annually
Contact Name Louise Nails
Contact Email HRResumes/at/
Expires 2022-07-13

Job Description

Under the direction of the Chief Information Security Officer for NYS Office of Information Technology Services, the Program Manager will provide leadership to ensure the New York State activities related to establishing the Joint Security Operations Center (JSOC) are identified, coordinated, and addressed in a timely manner. The New York JSOC Will Serve as a First-of-its-Kind Hub for Information Sharing and Cyber Coordination Across New York State, New York City, Local and Regional Governments, Critical Infrastructure Stakeholders and Federal Partners.

This position will initially establish the JSOC and then will transition into the leadership role directing ITS JSOC activities and continuously developing the program to maximize value of the services offered by the JSOC to participating entities.

The position requires the incumbent to act with a great deal of independence in alignment with agency and upper-level management’s strategic direction. The incumbent must be able to communicate clearly orally and in writing with various individuals including executive management, users, vendors, IT and Cybersecurity personnel regarding work priorities and performance. The selected candidate will have to work with representatives from multiple agencies and partners to resolve technically complex and politically sensitive issues under pressure.

The position requires availability during off-shift hours to ensure appropriate response to security incidents or other critical activities.

Duties include, but are not limited to:

• Manage the project to create and establish the JSOC in alignment with stakeholder guidance
o Provide leadership to assist with the planning, development, and delivery of the framework & governance model for the Joint Security Operations Center.
o Provides guidance and input on active projects to help resolve issues/problems to ensure successful outcomes are achieved.
o Lead NYS JSOC planning meetings and deliver presentations and/or proposals to high-level management for their review and consideration, including formulating recommendations on key programmatic decisions.
o Work with NYS leadership, external stakeholders, including NYC OIT and other participating entities to ensure JSOC goals are met.

• Develop the JSOC program with input from key stakeholders
o Develop a program for JSOC including security event monitoring, incident detection, notification, hand-off, and reporting.
o Develop policies and procedures within the JSOC that reflect applicable laws, policies, procedures, and regulations.

• Oversee and Manage the ITS JSOC operations once established
o Oversee and maintain the program for JSOC.
o Develop and drive the strategic goals of the JSOC.
o Provide leadership, vision, and support to the JSOC on activities related to threat and vulnerability monitoring, security event monitoring and response, and alerting.
o Manage analysis and distribution of threat or target information within JSOC partners and participants.
o Interface with external organizations to ensure appropriate and accurate dissemination of event, incident, threat, and other cybersecurity information.
o Manage analysis and distribution of threat information within JSOC partners and participants.
o Provide reports, summaries, and other situational awareness information to higher level executives.
o Oversee logistics management related to facilities, equipment, and staffing.
o Act as Liaison on behalf of NYS for issues and items related to JSOC management.
o Participate in talent management (acquisition, retention, training, etc.).
o Supervise staff in the proper performance of their duties.

Six years of information technology or project and program management experience, including five years of information security or information assurance experience and four years at a supervisory level or two years at a managerial level.
Bachelor’s degree with at least 15 credit hours in cyber security, information assurance or information technology.
Note: Bachelor’s degree candidate without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology or project and program management experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor’s degree on a year-for-year basis; an associate requires an additional two years of general information technology experience. Experience solely in information security or information assurance may substitute for the general information technology experience.

Preferred Qualifications:

Master’s Degree with a concentration or a major in Information Security, Cyber Security, Digital forensics, or a related field OR Master’s Degree with a concentration in Business Administration, Public Administration, Information Technology, or a related field with a certification in Information Security Management (e.g., CISSP, GSLC, GSTRT, CISM, CCISO)

Ability to obtain and maintain federal secret clearance

Certifications in one or more of the following:

• Information Security Management (e.g., CISSP, GSLC, GSTRT, CISM, CCISO)
• Computer Network Defense (e.g., GCIA, GCED, GDAT, GPPA, GCDA, GMON, GWEB, GCIH)
• Cyber Threat Intelligence (e.g., CTIA, GCTIA, CCIP, CSTIR)
• Digital Forensics (e.g., ACE, GCFA, GCFE, GREM, GNFA)
• Penetration Testing (e.g., GPEN, CEH, GAWN, GWAPT, LPT)
• 5+ years’ experience leading cyber projects and/or developing cybersecurity programs
• 5+ years’ experience in leading a team in related work
• 5+ years’ experience in cybersecurity event management
• 5+ years’ experience in information security incident response
• 5+ years’ experience in technical writing
• 3+ years’ experience in developing metrics and key performance indicators
• 3+ years’ experience in process development and process improvement
• 3+ years’ experience in using SIEM technologies to support in-depth investigations
• 1+ years’ experience in communication with reporting out to executive management

Candidate should be able to demonstrate the following skills and experience:
• Excellent Communication Skills
• Program Management and Reporting
• Ability to provide strong leadership and oversight including specific competencies in:
o Communication and consensus-building
o Ability to make decisions and drive program goals
o Flexibility due to changing demands and constraints
o Demonstrate leadership skills and positivity during times of change
• Critical thinking, problem solving, and analytical skills

Working Knowledge of:
• Information Security (CIA Triad, Information Classification, Risk Management, Incident Response, Vulnerability Management, Security Architecture and Engineering)
• Technical security solutions (e.g., IDS/IPS, Firewalls, WAF, EDR, SIEM, SOAR, etc.)