SENIOR INFORMATION SECURITY ARCHITECT
- HRA/DEPT OF SOCIAL SERVICES
- Full-time
Location
BROOKLYN
- No exam required
Department
Mgmt Information System-NM
Job Description
The Department of Social Services (DSS) is comprised of the administrative units of the New York City Human Resources Administration (HRA) and the Department of Homeless Services (DHS). HRA is dedicated to fighting poverty and income inequality by providing New Yorkers in need with essential benefits such as Food Assistance and Emergency Rental Assistance. DHS is committed to preventing and addressing homelessness in New York City by employing a variety of innovative strategies to help families and individuals successfully exit shelter and return to self-sufficiency as quickly as possible.
Information Technology Services (ITS) is DSS’s technology services organization. ITS mission is to support the daily, emergent, and long-term needs of both agencies. ITS creates and enhances the technology infrastructure and computer applications that support HRA and DHS and develops applications, including a variety of client eligibility and recertification systems, case management systems, housing systems, employment/work engagement services, revenue producing computer matches, claiming systems, and personnel systems.
Information Technology Services (ITS) is recruiting for one (1) Senior IT Architect, to function as a Senior Information Security Architect, who will:
- Develop and maintain IT architecture diagrams of the security architecture for IT solutions, applying the
latest security concepts and strategies to meet the security requirements of the Agency and City.
- Define and maintain the security risk management and mitigation methodology, principles, roadmap,
standards and guidelines for the IT architecture team, for security resilience implementation, reuse,
interoperability and integration.
- Confirm the conformance of applications, components, and services to established City and Agency
cybersecurity standards. Ensure. compliance with architecture security standards and guidelines
throughout the application development lifecycle.
- Assist with major internally developed projects, to ensure security is properly considered, and in the
selection of new software products, to assess and analyze their compliance with security mandates
and best practices. This includes ensuring that continued security monitoring is implemented and
performed after the deployment of internally developed or procured software products, documenting
software security accreditation and training personnel on the latest cybersecurity best practices.
- Identify probable system security problems or security design flaws, by analyzing architecture designs
and performing security vulnerability testing, and escalates issues to the CIO before serious security
breaches occur.
Hours/Shift:
Normal Business Hours
1. A baccalaureate degree from an accredited college in computer science, information systems, engineering, mathematics or related field and six years of satisfactory full-time experience related to enterprise architecture, solutions architecture, network architecture and/or IT infrastructure systems; or
2. A baccalaureate degree from an accredited college and ten years of satisfactory full-time experience related to enterprise architecture, solutions architecture, network architecture and/or IT infrastructure systems; or
3. Education and/or experience which is equivalent to "1" or "2" above.
- Experience in the field of information security with a demonstrated path of increasing scope and management responsibilities. - Excellent interpersonal, leadership, presentation, and collaborative skills to work effectively with teams throughout the organization. - Relevant security certification – CISSP, CISM, GCP. - Cloud security certifications (AWS, Azure, Google). - Expertise in security frameworks such as ISO 27000, NIST 800-53, NIST Cybersecurity Framework. - Experience implementing security solutions and processes – Identity and Access Management, Multi-Factor Authentication, Web Application Firewall, EndPoint solutions, Web Application Assessment securing cloud computing architecture including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) developing Zero Trust Architecture including Secure Access Service Edge (SASE) design principles. - Experience with modern development processes and architecture including containerized delivery models. - Experience in government desired.
New York City Residency is not required for this position
The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.
Job ID
637029
Title code
95711
Civil service title
SENIOR IT ARCHITECT
Title classification
Non-Competitive-5
Business title
SENIOR INFORMATION SECURITY ARCHITECT
- Experienced (non-manager)
Job level
00
Number of positions
1
Work location
15 Metrotech
- Technology, Data & Innovation