Search jobs > New York, NY > Chief information security

Chief Information Security Officer

City of New York
MANHATTAN
$108.1K-$163.1K a year
Full-time

IN ORDER TO BE CONSIDERED FOR THE POSITION CANDIDATATES MUST BE A CURRENT CITY EMPLOYEE AND BE SERVING PERMANENTLY IN THE TITLE OF CERTIFIED IT ADMINISTRATOR (LAN / WAN) OR HAVE TAKEN THE MOST RECENT CERTIFIED IT ADMINISTRATIOR (LAN / WAN) CIVIL SERVICE EXAM AND BE REACHABLE FOR APPOINTMENT FROM THE RECRUITING LIST.

The CISO is responsible for maintaining an information risk management and cybersecurity program for the New York City Deferred Compensation Plan (the Plan).

The CISO will work with all areas of the Plan’s business to develop a "best in class" information security and compliance program to assess appropriate technology platform risks and protect Plan information assets.

As such, the CISO acts as an advisor to the Plan’s CIO regarding the Plan’s compliance with the Citywide Information Security Policies.

Responsibilities include strategy, architecture, solutions design, program coordination and execution, awareness, outreach, business management, and reporting on information security program effectiveness.

This position requires a seasoned leader with strong business acumen and detailed working knowledge of information security technologies, practices, policies, and their application to a business.

CISO should research and offer innovative solutions and improvement of existing procedures.

The CISO is an implementer who possesses the poise and ability to act calmly and competently in high-pressure, high-stress situations.

This role is responsible for developing and managing strong strategic relationships within IT. Ensuring projects, initiatives and security platforms meet all required standards.

Duties and Responsibilities include, but are not limited to the following :

IT & Cyber Security Risk Management :

  • Continuously identifying, updating and maintaining information regarding potential security vulnerabilities, risk and threats to the enterprise information technology infrastructure, and distributing technology security information to appropriate staff.
  • Provide instructions and coordination regarding software configuration standards for servers and desktop systems that are or may be attached to the enterprise network where necessary to ensure information technology security.
  • Support corporate risk leadership to review enterprise IT and cyber risks, assess capabilities, prioritize security and risk strategies and communicate risk intelligence in a way that drives business decision-making.

CISO Program Governance & Management :

  • Develop policies, procedures, standards and partner with agency employees and consultants to ensure understanding of and adherence to the Citywide Information Security Policies.
  • Coordinates work activities, program functions with other NYC agencies, external business partners related to cyber / information security.
  • Work with the Plan’s external IT auditors during the annual Cyber Security Assessment.
  • Support the development, implementation and monitoring of a comprehensive enterprise information security, compliance and risk management program.
  • Oversee security awareness strategy and programs, including annual employee training and ongoing awareness campaigns to ensure all department employees understand and adhere to information technology policies and standards.
  • Responsible for ensuring compliance with City of New York, Citywide Information Security Policies.

Cyber Security Operations / Activities :

  • Track cyber security incidents and vulnerability reports, direct teams for remediation of issues.
  • Ensure identity and access management is properly documented in the ticketing system.
  • Produce documentation when / where needed.
  • Ensure all systems are equipped and updated with necessary cyber protection tools.
  • Continuously check for security gaps, document findings and take necessary measures to rectify issues discovered.
  • Verify patches, software updates are properly done. Missing patches, inconsistencies should be resolved.
  • Analyze vulnerability reports and operationalize them by providing specific guidance to IT support teams for remediation.
  • Assess endpoint system health and suggest improvement or remediation steps.
  • Monitor various security tools dashboard, scrutinize numbers, identify anomalies and communicate with appropriate internal and external partners.

Minimum Qualifications

Professional / vendor certification(s) in local area network administration that is required for the position to be filled.

In addition, all candidates must have the following :

1. A baccalaureate degree from an accredited college, and two years of satisfactory full-time (not classroom based) experience in local area network and / or wide area network planning, design, configuration, installation, implementation, troubleshooting, integration, performance monitoring, maintenance, enhancement, and security management; or

2. A four-year high school diploma or its educational equivalent and six years of satisfactory full-time (not classroom based) information technology experience of which at least 2 years must have been as described in "1" or

3. A satisfactory equivalent of education and / or experience equivalent to "1" or "2" above. Education may be substituted for experience on the basis that 30 undergraduate semester credits from an accredited college is equivalent to 6 months of experience.

A master’s degree in computer science or a related field from an accredited college may be substitute for one year of experience.

However, all candidates must have at least one year of satisfactory (not classroom based) full-time information technology experience as described in "1" above.

Note : In addition to meeting the minimum Qualification Requirements : Incumbents may be required to update existing and / or obtain additional professional industry-standard certification(s) for current and future technical environments(s) in which they may be assigned to work, as determined by the employing agency.

Preferred Skills

Minimum of 6 years’ experience managing information security programs, developing and applying information security, risk management, and privacy practices in local, state, or federal government.

Minimum of 6 years practical experience designing and implementing IT security solutions deep understanding of various security threats and preventative measures.

Familiarity with cyber-security frameworks such as NIST, CIS Controls, PCI-DSS, CCM etc. Strong demonstrated knowledge of LAN / WAN, systems administration, active directory, PowerShell, group policy, virtualization, cloud and IT security technologies.

Experience with systems access management, change management, security monitoring and intrusion detection, vulnerability management, endpoint security management, cloud security, data loss prevention, encryption, network security, disaster recovery, data management, physical security, vendor management.

Experience with CrowdStrike, McAfee, Pulse Secure, Cisco, firewalls, Windows Server, Rapid7, MS Office , Endpoint Security and Enterprise Mobility in the cloud.

IT certifications (1 or more) such as Security+, CISSP, CISA, CISM, CySA+, CRISC, C-CISO, SSCP, CASP, CEH, GIAC

55a Program

This position is also open to qualified persons with a disability who are eligible for the 55-a Program. Please indicate at the top of your resume and cover letter that you would like to be considered for the position through the 55-a Program.

Public Service Loan Forgiveness

As a prospective employee of the City of New York, you may be eligible for federal loan forgiveness programs and state repayment assistance programs.

For more information, please visit the U.S. Department of Education’s website at class "jobad-residencyRequirement">

Residency RequirementNew York City Residency is not required for this position

30+ days ago
Related jobs
Natixis
New York, New York

This role reports to the Chief Information Security Officer (CISO) for CIB Americas, who ensures that the bank adheres to global policies, procedures, standards, and directives as well as all U. Assist in managing the Second Line of Defense Cybersecurity and Information Security frameworks. Perform ...

City of New York
Queens, New York

Our goal is to provide users with a reliable, stable, and safe computing environment, through the collaboration of: The Bureau of Technology Strategy & Project Management The Bureau of Network Technology & Telecommunication Services The Office of Information Security The Office of IT Administration ...

GDIT
New York, New York

Information Systems Security Officer (ISSO). HOW THE INFORMATION SYSTEMS SECURITY OFFICER WILL MAKE AN IMPACT:. The Information Systems Security Officer (ISSO) shall be the overall implementer for the MTC’s RMF program. The ISSO coordinates directly with the Government ISSM and is responsible for en...

00002 Citibank, N.A.
New York, New York

The Information Security Officer (Wealth - Investments & Data) is an intermediate level position responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. Overview of the Chief Information Security Office (CISO):. The Chief Information Security O...

CAMBA
Brooklyn, New York

Position: Chief Administrative Officer of Facilities Management, Procurement & Information Technology Reports To: CEO/President Location: 20 Snyder Avenue, Brooklyn, NY 11226 What Does the Chief Administrative Officer of Facilities Management, Purchasing and Information Technology Do: Building/S...

CAMBA
Brooklyn, New York

What Does the Chief Administrative Officer of Facilities Management, Purchasing and Information Technology Do:. Develops and oversees the implementation and maintenance of an internal Building Information System (BIS). Staff Management & General Administration – for Facilities Management, Purcha...

City of New York
Queens, New York

Our goal is to provide users with a reliable, stable, and safe computing environment, through the collaboration of: The Bureau of Technology Strategy & Project Management The Bureau of Network Technology & Telecommunication Services The Office of Information Security The Office of IT Administration ...

Crédit Agricole CIB
New York, New York

US Analyst - Chief Information Officer. Chief Information Officer, US Analyst. The CIO office assists the Chief Information Officer (CIO) is setting up solid IT & non-IT governance processes -a vision of repeatable processes, clear lines of accountability within the IT organization and consistent co...

CGS
New York, New York

CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and co...

CA CIB Americas
NEW YORK, US

Position: Chief Information Officer, US AnalystStart Date: ASAPUS Analyst Program Overview: This is a two-year contractual role for individuals who have graduated and currently hold 0-1 years of experience. Team description: The CIO office assists the Chief Information Officer (CIO) is setting up so...