Logo
City of New York

Information Security Specialist

City of New York, Corona, New York, United States, 11368


Company Description

Job Description

The New York City Department of Environmental Protection (DEP) protects public health and the environment by supplying clean drinking water, collecting, and treating wastewater, and reducing air, noise, and hazardous materials pollution. DEP is the largest combined municipal water and wastewater utility in the country, with nearly 6,000 employees. We deliver 1.1 billion gallons of high-quality drinking water per day to 8.5 million New York City residents and more than 1 million people in Upstate New York, and we collect and treat an average of 1.3 billion gallons of wastewater per day.

The New York City Department of Environmental Protection's (DEP) Business Information Technology (BIT) is responsible for providing quality business, technical and IT system support to our users. This commitment is realized through collaboration, strong relationships, and a unified vision with our partners at DEP to provide quality technological solutions to our business needs. Providing these services allows us to ensure that DEP continues its tradition of delivering excellent service to the residents of New York City.

Establishing, installing, and monitoring internal and external intrusion deterrent tools and programs will enable the agency to detect security risks, threats, and vulnerabilities of networks, systems, applications early to prevent infrastructure invasion catastrophes.

The IT Security Specialist role is a key responsibility needed in the ongoing technical, consultative, and administrative efforts to effectively safeguard the agency's IT infrastructure, networks, and information system data from internal and external intrusion.

The DEP's Bureau of Business Information Technology (BIT) seeks to hire one (1) Information Security Specialist. Under administrative direction of the Bureau's Information Security Officer the IT Security Specialist will be responsible for establishing and administering information security policies and practices, governance and reporting, training and awareness, vulnerability and risk assessment, remediation, business continuity and work closely with teams across the organization to implement a consistent security strategy. The IT Security Specialist will serve as subject matter expert on IT Security, identity, and access infrastructure; provide IT security architectural guidance; design security solutions; conduct IT risk assessments and recommend mitigation solutions, oversees multiple projects, supervises employees.

Under minimal direction of the Information Security Officer, the IT Security Specialist will be responsible for but are not limited to the tasks outlined below:

- Serve as team lead in directing the agency's data, network, and cybersecurity infrastructure. Plan, define, maintain governance and policies, standards, configuration, operating procedures and guidelines regarding security, identity, and access. Plan, initiate and implement new security infrastructure architecture changes.

- Review and administer security controls related to detection, analysis, containment, eradication, and recovery from cybersecurity incidents. Identifies probable system exposure, compromise, problems or design flaws and issues to upper management to limit serious performance impact.

- Work closely with business managers and the Agency Chief Contracting Officer (ACCO) in evaluating and procuring proposed IT projects for alignment with DEP's goals and key business strategies and adherence to established industry standards. Assist with the development and review of technical specifications for the procurement of IT security systems and services.

- Performs eDiscovery and digital forensics and conduct network security policy orchestration. Define, manage, and monitor security devices, including procedures for detecting, reporting and responding to computer security incidents.

- Perform security assessment of applications and infrastructure. Develop and manage security strategy, security awareness programs, security architecture, and security incident response.

- Roll out Security Information Event Management (SIEM) and log Management strategies for audit and compliance.

Qualifications

A baccalaureate degree from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the particular position; or,

Education and/or experience which is equivalent to "1" above.

Additional Information

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.