The mission of the New York City Police Department is to enhance the quality of life in New York City by working in partnership with the community to enforce the law preserve, preserve peace, protect the people, reduce fear and maintain order. The NYPD strives to foster a safe and fair city by incorporating Neighborhood Policing into all facets of Department operations, and solve the problems that create crime and disorder through an interdependent relationship between the people and its police, and by pioneering strategic innovation.

The Information Technology Bureau, Strategic Technology Division is responsible for developing and coordinating deployment of emerging technology applications, strategic IT infrastructure, and enterprise platforms.

An advanced skillset position, the Senior IT Architect reports to the security manager and frequently interacts with the chief information security officer, as well as audit and compliance. The Senior IT Architect is responsible for designing security solutions that protect the business, but also allow the business to execute and innovate. The Senior IT Architect works closely with many diverse and dynamic teams, including, but not limited to, security engineering, IT infrastructure, application development, security operations, security audit and end users. This position is also responsible for architecting solutions to secure business-to-business initiatives, third-party relationships, outsourced solutions and vendors.

The Senior IT Architect provides expert guidance for addressing current security issues, but has the foresight to see where the industry is headed and proactively deliver optimal secure solutions. The architect is expected to think like an adversary and identify how solutions should evolve as the threat landscape changes. A senior-level role, the architect possesses strong communication and organizational skills, and the ability to guide less experienced coworkers. The architect provides technical leadership to delivery and solution design team members.

Job Duties:

Remain current with new security threats and assess systems to ensure they can defend the business; Constantly research capabilities of current and new disruptive solutions on the market and make recommendations to security leadership; Research, validate and deploy solutions meeting security and business needs; Formally develop security team standards, policies, procedures and processes; Influence the planning and execution of incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention); Possess a DevOps focus across technology and security architecture, automation, integration and distribution; Drive security efficiencies, enabling security team members to work on more advanced tasks; Partner, coach and functionally lead IT, engineering, development and business teams; Perform engineering performance testing to stress the limitations of security solutions while at the same time ensuring business innovation and day-to-day processes are not negatively impacted; Perform other duties as assigned.

1. A baccalaureate degree from an accredited college in computer science, information systems, engineering, mathematics or related field and six years of satisfactory full-time experience related to enterprise architecture, solutions architecture, network architecture and/or IT infrastructure systems; or

2. A baccalaureate degree from an accredited college and ten years of satisfactory full-time experience related to enterprise architecture, solutions architecture, network architecture and/or IT infrastructure systems; or

3. Education and/or experience which is equivalent to "1" or "2" above.

At least 5 to 8+ years’ experience in cybersecurity, including compliance and risk management with a background in system and network security engineering. A proven deep background (preferred 5+ years in addition to cybersecurity) in technology design, implementation and delivery. Experience in cloud computing technologies, including software-, infrastructure and platform-as-a-service, as well as public, private and hybrid environments. Extensive knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies and application controls. Excellence in communicating business risk from cybersecurity issues. Experience driving measurable improvement in monitoring and response capabilities at scale. Experience architecting SIEM systems, threat intelligence platforms, security automation and orchestration solutions, IDS/IPS, file integrity monitoring (FIM), data loss prevention (DLP) and other network and system monitoring tools. Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively Preferred Certifications/Skills: Experience managing ticket escalations, and incident response coordination across engineering, security and management teams Experience with common cyber security tools such as: IDS/IPS, SIEM, EDR, NGFW, CASB, Email Security, etc. Familiarity with the Cybersecurity Framework (CSF), CJIS Controls and MITRE ATT&CK threat intelligence framework Advance Degree in Cybersecurity or DIgital Forensics Cybersecurity Certifications (any of): Certified Information Security Manager (CISM) GIAC Security Expert (GSE) CompTIA Advanced Security Practitioner (CASP) Certified Information Systems Security Professional (CISSP) or ISC2 Associate Certified Cloud Security Professional (CCSP) Certified Forensic Computer Examiner (CFCE) Certified Information Systems Auditor GIAC Certified Forensics Examiner (GCFE) GIAC Certified Incident Handler (GCIH) Microsoft 365 Certified Enterprise Administrator Expert Systems Security Certified Practitioner (SSCP).

New York City Residency is not required for this position

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.