Manager Information Technology Services 1 (Infomation Security) jobs in United States
cer-icon
Apply on Employer Site
company-logo

NYS Office of Information Technology Services · 2 weeks ago

Manager Information Technology Services 1 (Infomation Security)

positionNew York, NY
timeFull-time
remoteOnsite
senioritySenior Level
money$107K/yr - $132K/yr
date7+ years exp

The New York State Office of Information Technology Services (ITS) is responsible for providing operational support for various applications across state agencies. The Manager Information Technology Services 1 (Information Security) will develop and maintain the organization's information security program, focusing on securing transportation systems and protecting critical infrastructure.

Cyber SecurityGovernmentInformation TechnologyIT Infrastructure
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Develop, implement, and maintain a comprehensive OT/IT security program aligned with industry best practices (e.g., NIST 800-82, ISA/IEC 62443, Transportation Security Administration (TSA) guidelines), regulatory requirements, and organizational policies
Conduct risk assessments and vulnerability assessments of OT/IT systems and infrastructure to identify security gaps and prioritize remediation efforts
Develop and maintain OT/IT security policies, standards, and procedures, specifically addressing transportation safety concerns
Establish and manage an OT/IT security awareness training program for employees, contractors, and transportation partners
Perform the full range of supervisory duties
Design and implement secure network architectures for OT/IT environments, including network segmentation, firewalls, intrusion detection/prevention systems (IDS/IPS), and other security controls
Evaluate and recommend security technologies and solutions for OT/IT systems, considering the unique challenges of transportation environments (e.g., mobile assets, remote locations)
Oversee the implementation and configuration of security controls on OT/IT devices and systems, including those used in vehicles, traffic management centers, and roadside infrastructure
Ensure proper patching and vulnerability management processes are in place for OT/IT assets, with consideration for the operational impact of downtime
Develop and maintain an OT/IT incident response plan, specifically addressing transportation-related incidents (e.g., traffic signal manipulation, vehicle hacking)
Lead and participate in OT/IT security incident investigations
Conduct forensic analysis of OT/IT systems to identify the root cause of security incidents
Coordinate with OITS security teams and transportation authorities on cross-functional incident response activities
Ensure network infrastructure complies with relevant transportation safety regulations and standards (e.g., FRA, FTA, DOT)
Participate in safety audits and risk assessments related to OT network infrastructure
Implement and maintain network configurations that support failover and redundancy to ensure system availability in critical situations
Ensure compliance with relevant regulatory requirements and industry standards (e.g., NERC CIP (if applicable), TSA security directives, state DOT regulations)
Conduct regular security audits and assessments of OT/IT systems
Manage and respond to internal and external audit findings
Collaborate with relevant teams to ensure a coordinated approach to security
Communicate security risks and vulnerabilities to stakeholders in a clear and concise manner, emphasizing the impact on transportation safety and efficiency
Stay up-to-date on the latest OT/IT security threats, vulnerabilities, and trends, including those specific to the transportation sector
Participate in industry forums and working groups to share knowledge and best practices related to transportation security
Assess the security posture of OT/IT vendors and service providers
Review and approve security requirements for OT/IT vendor contracts
Monitor vendor compliance with security policies and standards

Qualification

OT/IT security programIncident response planningNetwork security architectureVulnerability assessmentInformation Security certificationsNIST standardsIDS/IPSAnalytical skillsCommunication skillsTeamwork skillsTime managementLeadership skills

Required

Seven years of information technology, cybersecurity, or information assurance experience, including one year at the supervisory level
A bachelor's or higher-level degree in any field including or supplemented by 15 semester credit hours in computer science or related field substitutes for three years of required experience; any bachelor's substitutes for two years of required experience
An associate degree with 15 semester credit hours in computer science or related field may substitute for one year of required experience
Candidates in a bachelor's degree program with at least 15 semester credit hours in computer science or related field may substitute such credits for one year of required experience
A master's degree or higher in computer science or related field substitutes for one year of required experience

Preferred

Preference for candidates holding relevant Information Security industry certification, including but not limited to Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and Certified in Risk and Information Systems Control (CRISC)
Strong understanding of OT/IT systems, including industrial control systems (ICS), SCADA systems, and distributed control systems (DCS)
Knowledge of OT/IT architectures, communication protocols, and security considerations
Knowledge of OT/IT security standards and frameworks (e.g., NIST 800-82, ISA/IEC 62443)
Experience with network security technologies, such as firewalls, intrusion detection/prevention systems (IDS/IPS), and VPNs
Experience with vulnerability assessment and penetration testing tools
Strong analytical and problem-solving skills
Excellent communication and interpersonal skills
Ability to work independently and as part of a team
Ability to prioritize tasks and manage time effectively
Ability to communicate technical information to non-technical audiences
Strong leadership and mentoring skills

Benefits

Thirteen (13) paid holidays annually
Up to Thirteen (13) days of paid vacation leave annually
Up to Five (5) days of paid personal leave annually
Up to Eight (8) days of paid sick leave annually
Up to three (3) days of professional leave annually to participate in professional development
Eligible employees and dependents can pick from a variety of affordable health insurance programs
Family dental and vision benefits at no additional cost
New York State Employees’ Retirement System (ERS) Membership
NYS Deferred Compensation
Access to NY 529 and NY ABLE College Savings Programs, as well as U.S. Savings Bonds
Public Service Loan Forgiveness (PSLF)
And many more

Company

NYS Office of Information Technology Services

twittertwittertwitter
company-logo
New York State Office of Information Technology Services (ITS) is transforming how State government delivers services to New Yorkers and local governments.
dateFounded in 2012
location
Albany, New York, USA
people-size5001-10000 employees
web-link
https://its.ny.gov/

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Gary Moore
CTO, Enterprise ITS - WorkPlace Solutions - Nano Tech
linkedin
leader-logo
Venkatesh Nattanmai
Deputy Chief Technology Officer - Service Delivery
linkedin

Recent News

Government Technology US
Scouting Gen Z: Finding Next-Generation Gov Tech Talent
2025-11-08
Government Technology US
Now Hiring: New York State Seeks a New Chief AI Officer
2025-07-24
Government Technology US
N.Y. State Deputy CIO Jennifer Lorenz to Leave ITS Job
2025-05-21
Company data provided by crunchbase