Cyber Risk Analyst, Office of Chief Information Officer

Job Description

OPEN TO PERMANENT COMPUTER SYSTEMS MANAGER **

The Division of Information Technology's mission and vision is to promote and protect the health of all New Yorkers through the use of innovative technology and health information that is useful and available.

DUTIES WILL INCLUDE BUT NOT BE LIMITED TO:
- Collaborate with cross-functional teams to identify and assess cybersecurity risks associated with digital operations, applications, cloud solutions, firewalls, IoT devices, software, custom development, and technology acquisitions.
- Fulfill risk assessment tickets in a timely manner, ensuring accurate documentation and meeting go-live conditions.
Stay abreast of the latest security, privacy, and regulatory concerns, ensuring a proactive approach to third-party risk management. Advise the organization on security and privacy provisions within agreements or contracts, responding to changes requested by third parties to ensure compliance and data protection.
- Develop and implement efficient processes for risk acceptances, balancing business needs with cybersecurity requirements for various technology domains.
- Lead initiatives to enhance the efficiency and effectiveness of risk assessment processes.
- Regularly assess the methodology and tools used for risk assessment, identifying areas for improvement to ensure continuous alignment with industry best practices. Implement improvements in risk assessment workflows, ensuring they remain adaptive to emerging cybersecurity threats for all technology domains. Proactively monitor and analyze the latest cybersecurity threats, vulnerabilities, and attack vectors.
- Stay current with industry best practices, emerging technologies, and evolving regulatory requirements to ensure our cybersecurity measures remain at the forefront of the field.
- Engage in continuous learning through participation in industry conferences, workshops, and professional development opportunities to expand your knowledge base.
- Collaborate with IT project management and operational teams to conduct thorough security analyses encompassing a diverse range of technologies.
This includes, but is not limited to, cloud solutions, network security, connected devices, software applications, custom development projects, and technology acquisitions.

PREFERRED SKILLS:
- In addition to the foundational skills mentioned earlier, an experienced candidate should also possess:

- Demonstrated experience in leading cybersecurity initiatives and driving risk-based decision-making across diverse technology domains.
- Proven ability to assess and communicate complex cybersecurity concepts to stakeholders at all levels of the organization.
- Extensive knowledge of security controls, frameworks, and industry standards, with a focus on continuous improvement.

Desired Skills:

- Bachelor's degree in information technology or Computer Science.
- Industry-recognized certifications within information security and privacy domains (e.g., CISSP, GIAC, CISM, CISA, CIPP, CTPRP, CCSP, etc.).
- 5+ years of experience in an IT computer-related field.
- 3+ years of experience with Cybersecurity efforts and emerging technology aligned with the Risk

Why you should work for us:

- Loan Forgiveness: As a prospective employee of the City of New York, you may be eligible for federal/state loan forgiveness and repayment assistance programs that lessen your payments or even fully forgive your full balance. For more information, please visit the U.S. Department of Education’s website (https://studentaid.gov/pslf/)
- Benefits: City employees are entitled to unmatched benefits such as:
o a premium-free health insurance plan that saves employees over $10K annually, per a 2024 assessment.
o additional health, fitness, and financial benefits may be available based on the position’s associated union/benefit fund.
o a public sector defined benefit pension plan with steady monthly payments in retirement.
o a tax-deferred savings program and
o a robust Worksite Wellness Program that offers resources and opportunities to keep you healthy while serving New Yorkers.
- Work From Home Policy: Depending on your position, you may be able to work up to two days during the week from home.
- Job Security - you could enjoy more job security compared to private sector employment and be able to contribute to making NYC a healthy place to live and work.

Established in 1805, the New York City Department of Health and Mental Hygiene (NYC Health Department) is the oldest and largest health department in the U.S., dedicated to protecting and improving the health of NYC. Our mission is to safeguard the health of every resident and cultivate a city where everyone, regardless of age, background, or location, can achieve their optimal health. We provide a wide array of programs and services focused on food and nutrition, anti-tobacco support, chronic disease prevention, HIV/AIDS treatment, family and child health, environmental health, mental health, and social justice initiatives. As the primary population health strategist and policy authority for NYC, with a rich history of public health initiatives and scientific advancements, from addressing the 1822 yellow fever outbreak to the COVID-19 pandemic, we serve as a global leader in public health innovation and expertise.

Come join us and help to continue our efforts in making a difference in the lives of all New Yorkers!

The NYC Health Department is an inclusive equal opportunity employer committed to providing access and reasonable accommodation to all individuals. To request reasonable accommodation to participate in the job application or interview process, contact Sye-Eun Ahn, Director of the Office of Equal Employment Opportunity, at sahn1@health.nyc.gov or 347-396-6549.

Qualifications

1. A master's degree in computer science from an accredited college or university and three (3) years of progressively more responsible, full-time, satisfactory experience in Information Technology (IT) including applications development, systems development, data communications and networking, database administration, data processing, or user services. At least eighteen (18) months of this experience must have been in an administrative, managerial or executive capacity in the areas of applications development, systems development, data communications and networking, database administration, data processing or in the supervision of staff performing these duties; or

2. A baccalaureate degree from an accredited college or university and four (4) years of progressively more responsible, full-time, satisfactory experience as described in "1" above; or

3. A four-year high school diploma or its educational equivalent, and six (6) years of progressively more responsible, full-time, satisfactory experience as described in "1" above; or

4. A satisfactory combination of education and experience equivalent to "1", "2" or "3" above. However, all candidates must have at least a four-year high school diploma or its educational equivalent and must possess at least three (3) years of experience as described in "1" above, including the eighteen (18) months of administrative, managerial, executive or supervisory experience as described in "1" above.

In the absence of a baccalaureate degree, undergraduate credits may be substituted for a maximum of two (2) years of the required experience in IT on the basis of 30 semester credits for six (6) months of the required experience. Graduate credits in computer science may be substituted for a maximum of one (1) year of the required experience in IT on the basis of 30 graduate semester credits in computer science for one (1) year of the required IT experience. However, undergraduate and/or graduate credits may not be substituted for the eighteen (18) months of experience in an administrative, managerial, executive, or supervisory capacity as described in "1" above.

Additional Information

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.