SENIOR INFORMATION SECURITY ARCHITECT

The Department of Social Services (DSS) is comprised of the administrative units of the New York City Human Resources Administration (HRA) and the Department of Homeless Services (DHS).

HRA is dedicated to fighting poverty and income inequality by providing New Yorkers in need with essential benefits such as Food Assistance and Emergency Rental Assistance.

DHS is committed to preventing and addressing homelessness in New York City by employing a variety of innovative strategies to help families and individuals successfully exit shelter and return to self-sufficiency as quickly as possible.

Information Technology Services (ITS) is DSS’s technology services organization. ITS mission is to support the daily, emergent, and long-term needs of both agencies.

ITS creates and enhances the technology infrastructure and computer applications that support HRA and DHS and develops applications, including a variety of client eligibility and recertification systems, case management systems, housing systems, employment / work engagement services, revenue producing computer matches, claiming systems, and personnel systems.

Information Technology Services (ITS) is recruiting for one Senior IT Architect, to function as a Senior Information Security Architect, who will :

Develop and maintain IT architecture diagrams of the security architecture for IT solutions, applying the

latest security concepts and strategies to meet the security requirements of the Agency and City.

Define and maintain the security risk management and mitigation methodology, principles, roadmap,

standards and guidelines for the IT architecture team, for security resilience implementation, reuse,

interoperability and integration.

Confirm the conformance of applications, components, and services to established City and Agency

cybersecurity standards. Ensure. compliance with architecture security standards and guidelines

throughout the application development lifecycle.

Assist with major internally developed projects, to ensure security is properly considered, and in the

selection of new software products, to assess and analyze their compliance with security mandates

and best practices. This includes ensuring that continued security monitoring is implemented and

performed after the deployment of internally developed or procured software products, documenting

software security accreditation and training personnel on the latest cybersecurity best practices.

Identify probable system security problems or security design flaws, by analyzing architecture designs

and performing security vulnerability testing, and escalates issues to the CIO before serious security

breaches occur.

Hours / Shift :

Normal Business Hours

Minimum Qualifications

1. A baccalaureate degree from an accredited college in computer science, information systems, engineering, mathematics or related field and six years of satisfactory full-time experience related to enterprise architecture, solutions architecture, network architecture and / or IT infrastructure systems; or

2. A baccalaureate degree from an accredited college and ten years of satisfactory full-time experience related to enterprise architecture, solutions architecture, network architecture and / or IT infrastructure systems; or

3. Education and / or experience which is equivalent to "1" or "2" above.

Preferred Skills

• Experience in the field of information security with a demonstrated path of increasing scope and management responsibilities.
• Excellent interpersonal, leadership, presentation, and collaborative skills to work effectively with teams throughout the organization.
• Relevant security certification CISSP, CISM, GCP. - Cloud security certifications (AWS, Azure, Google). - Expertise in security frameworks such as ISO , NIST -53, NIST Cybersecurity Framework.
• Experience implementing security solutions and processes Identity and Access Management, Multi-Factor Authentication, Web Application Firewall, EndPoint solutions, Web Application Assessment securing cloud computing architecture including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) developing Zero Trust Architecture including Secure Access Service Edge (SASE) design principles.
• Experience with modern development processes and architecture including containerized delivery models. - Experience in government desired.

Residency Requirement

New York City Residency is not required for this position