Chief Information Security Officer

New York, NY, United States

Company Description

Job Description

NOTE: All applicants must be current City of New York employees serving in a permanent Civil Service title of Computer Systems Manager or Computer Operations Manager. Please clearly state your permanent civil service title on your resume and cover letter.

The Office of the Comptroller's Bureau of Information Systems provides a full range of technology support services for key business functions and Charter mandated responsibilities of the Comptroller's Office. These services include technology strategic planning, web site development, graphic design, disaster recovery, systems development, network administration, audio/visual services, business process re-engineering, change management, program management, security administration, service desk, computer operations, telecommunications, and document management.

The Office of the Comptroller's is seeking a Chief Information Security Officer (CISO) who will lead in the implementation and management of information security controls that will increase the Agency's overall information security posture. Under the direction of the CIO, the successful candidate will be responsible for the integration of information security controls and overall information security awareness across all departments and units. The CISO will be responsible for the compliance of IT systems, applications and networks with security policies and information protection strategies; develop, publish, and maintain Agency information security policies, standards, procedures, and guidelines; provide technical guidance and training to information "owners," agency IT teams, and design and implement programs for user awareness, and security compliance monitoring. The candidate will analyze potential security risks or breaches that have occurred, and implement widely accepted and automated technologies to mitigate these risks/breaches and harden security systems for effective defense.

Responsibilities will include but are not limited to the following:

- Oversee Cyber Security Governance and Controls.

- Lead the development of Comptroller's Office Cyber Security Policies, Procedures and Standards review and refresh.

- Implement Controls and Compliance to enforce hardening of networks, endpoints and applications.

- Make recommendations to the Chief Information Officer on an information security roadmap based on risk analysis and assessments for current state and future state of information security posture.

- Manage the daily use and administration of strategic cyber risk and long-term threat intelligence products.

- Lead in developing communications for Comptroller's Office end users and stakeholders around cyber security issues.

-Develop and implement a user cybersecurity awareness and training program.

- Oversee sustained and successful participation by IT security in any cyber security relevant audits; perform threat modeling and subsequent risk mitigation.

-Plan and execute regular incident response and postmortem exercises.

- Manage cyber security private/public and Federal/City relationships; and manage special cyber security projects, as assigned.

-Evaluate budgets to determine and justify the cost of cyber security upgrades.

-Stay current with and remain knowledgeable on new threats and advanced threat detection techniques.

-Performs other related assignments and special projects as may be required.

QUALIFICATION REQUIREMENTS: All applicants must be current City of New York employees serving in a permanent Civil Service title of Computer Systems Manager or Computer Operations Manager. Please clearly state your permanent civil service title on your resume and cover letter.

Qualifications

1. A master's degree in computer science from an accredited college or university and three (3) years of progressively more responsible, full-time, satisfactory experience in Information Technology (IT) including applications development, systems development, data communications and networking, database administration, data processing, or user services. At least eighteen (18) months of this experience must have been in an administrative, managerial or executive capacity in the areas of applications development, systems development, data communications and networking, database administration, data processing or in the supervision of staff performing these duties; or

2. A baccalaureate degree from an accredited college or university and four (4) years of progressively more responsible, full-time, satisfactory experience as described in "1" above; or

3. A four-year high school diploma or its educational equivalent, and six (6) years of progressively more responsible, full-time, satisfactory experience as described in "1" above; or

4. A satisfactory combination of education and experience equivalent to "1", "2" or "3" above. However, all candidates must have at least a four-year high school diploma or its educational equivalent and must possess at least three (3) years of experience as described in "1" above, including the eighteen (18) months of administrative, managerial, executive or supervisory experience as described in "1" above.

In the absence of a baccalaureate degree, undergraduate credits may be substituted for a maximum of two (2) years of the required experience in IT on the basis of 30 semester credits for six (6) months of the required experience. Graduate credits in computer science may be substituted for a maximum of one (1) year of the required experience in IT on the basis of 30 graduate semester credits in computer science for one (1) year of the required IT experience. However, undergraduate and/or graduate credits may not be substituted for the eighteen (18) months of experience in an administrative, managerial, executive, or supervisory capacity as described in "1" above.

Additional Information

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.