Agency Chief Information Security Officer

Company Description

Job Description

Job Description

The CISO is responsible for maintaining an information risk management and cybersecurity program for the New York City Deferred Compensation Plan (the Plan). The CISO will work with all areas of the Plan's business to develop a "best in class" information security and compliance program to assess appropriate technology platform risks and protect Plan information assets. As such, the CISO acts as an advisor to the Plan's CIO regarding the Plan's compliance with the Citywide Information Security Policies.

Responsibilities include strategy, architecture, solutions design, program coordination and execution, awareness, outreach, business management, and reporting on information security program effectiveness. This position requires a seasoned leader with strong business acumen and detailed working knowledge of information security technologies, practices, policies, and their application to a business. CISO should research and offer innovative solutions and improvement of existing procedures.

The CISO is an implementer who possesses the poise and ability to act calmly and competently in high- pressure, high-stress situations. This role is responsible for developing and managing strong strategic relationships within IT. Ensuring projects, initiatives and security platforms meet all required standards.

Duties and Responsibilities include, but are not limited to the following :

IT & CYBER SECURITY RISK MANAGEMENT :

• Continuously identifying, updating and maintaining information regarding potential security vulnerabilities, risk and threats to the enterprise information technology infrastructure, and distributing technology security information to appropriate staff.
• Provide instructions and coordination regarding software configuration standards for servers and desktop systems that are or may be attached to the enterprise network where necessary to ensure information technology security.
• Support corporate risk leadership to review enterprise IT and cyber risks, assess capabilities, prioritize security and risk strategies and communicate risk intelligence in a way that drives business decision- making.

CISO PROGRAM GOVERNANCE & MANAGEMENT :

CYBER SECURITY OPERATIONS / ACTIVITIES :

CERTIFIED IT ADMINISTRATOR (LA - 13652

Qualifications

Professional / vendor certification(s) in local area network administration that is required for the position to be filled. In addition, all candidates must have the following :

1. A baccalaureate degree from an accredited college, and two years of satisfactory full-time (not classroom based) experience in local area network and / or wide area network planning, design, configuration, installation, implementation, troubleshooting, integration, performance monitoring, maintenance, enhancement, and security management; or

2. A four-year high school diploma or its educational equivalent and six years of satisfactory full-time (not classroom based) information technology experience of which at least 2 years must have been as described in "1" or

3. A satisfactory equivalent of education and / or experience equivalent to "1" or "2" above. Education may be substituted for experience on the basis that 30 undergraduate semester credits from an accredited college is equivalent to 6 months of experience. A master's degree in computer science or a related field from an accredited college may be substitute for one year of experience. However, all candidates must have at least one year of satisfactory (not classroom based) full-time information technology experience as described in "1" above.

Note : In addition to meeting the minimum Qualification Requirements : Incumbents may be required to update existing and / or obtain additional professional industry-standard certification(s) for current and future technical environments(s) in which they may be assigned to work, as determined by the employing agency.

Additional Information

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.