Security Architect

New York, NY, United States

The New York City Department of Transportation's (DOT) IT & Telecom division is seeking a capable Information Security Engineer, who enjoys security work and possesses both deep and wide expertise in the cybersecurity space. Under the direction of the Executive Director of Information Security and in coordination and cooperation with DOT business units, the successful candidate will help implement and monitor security controls, conduct regular system tests and ensuring continuous monitoring of the Agency's information systems. Promptly respond to all security incidents and provide thorough post-event analyses. Make things more secure by protecting system boundaries, keeping computer systems and network devices hardened against attacks and securing the Agency's information.

Responsibilities:

Ensure that security architecture and designs, plans, controls, standards, and policy/procedures conform with best practices and are aligned with Citywide security policies, and the Agency's strategic security plan; Plan, define and maintain policies, standards, configuration standard operating procedures and guidelines regarding security, identity, and access; Monitors industry developments; liaises with vendors. Ensures compliance with Citywide and agency security policies and standards. Recommends updates and improvements to agency security policies and standards; Identify probable system exposure, compromise, problems, or design flaws and escalates issues to limit serious performance impact; Define, manage, and monitor data security, confidentiality, integrity, and availability; Analyze and design security controls to secure network infrastructure to maximize performance and capacity; Plan and initiate

new security infrastructure architecture or design changes;

Consult with business units to provide IT Security policy guidance; As per requirement, offers support to application development, network, server, database and storage teams regarding new technologies, services, and system requirements; Define, manage, and monitor security systems, including procedures for detecting, reporting, and responding to computer security incidents; Serves as subject matter expert regarding security design of applications, networks, servers, storage and virtualization, directory services, identity connectors, authentication, web single sign-on and federation, and application servers providing delegated administration, role management, and web services; Liaise with vendors, as necessary; Monitor developments regarding various IT architectural platforms, including hardware, software and network communication components, operating systems, LDAP, server networking, basic load-balancing, DNS, certificate management, and HTTPS; Review and analyze design and/or accreditation documentation to ensure appropriate security controls are in place; Perform security assessments of applications and network infrastructure; Oversees multiple projects; Architect, design, implement, maintain, and operate information system security controls and countermeasures; Responds to information systems security incidents, implement, countermeasures, and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement.

Minimum Qualifications

A baccalaureate degree from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the particular position; or,

Education and/or experience which is equivalent to "1" above.

Preferred Skills

Preferred Skills: A solid understanding of information security standards & methodologies Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies Security database management systems, software applications and technologies Experience with Endpoint Detection and Response products and services Experience performing threat modeling and design reviews to assess security implications and requirements for introduction of new technologies Experience with one or more major cloud service provider (AWS, Google Cloud, or Microsoft Azure) Experience with software vulnerabilities, how CVEs are reported, and how they relate to specific system packages and remediations Experience in building and maintaining security systems Detailed technical knowledge of database and operating system security Experience with network security and networking technologies and with system, security, and network monitoring tools Thorough understanding of the latest security principles, techniques, and protocols Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols Problem solving skills and ability to work under pressure Windows and Linux skills desired Experience with SIEM tools Certifications such as CISSP, GSEC, CEH or CISM desired Previous role as a Security Architect.

Residency Requirement

New York City Residency is not required for this position

Additional Information

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.

#J-18808-Ljbffr