Jump to main content.

The Official Careers Website of the City of New York

Search

Senior Manager, Cyber Security Engineering

  1. NYC HOUSING AUTHORITY
Posted on: 09/19/2024
  1. Full-time

Location

NYC-ALL BOROS

  1. No exam required

Department

Cyber Security & IT Risk MGMT

$75,000.00 – $150,000.00

Job Description

The New York City Housing Authority (NYCHA), the largest public housing authority in North America, provides decent, affordable housing for low- and moderate-income New Yorkers. NYCHA is home to 1 in 17 New Yorkers, providing affordable housing to over 500,000 authorized residents through public housing and Permanent Affordability Commitment Together (PACT) programs as well as Section 8 housing. NYCHA has nearly 200,000 apartments in over 2,400 buildings across 335 conventional public housing and PACT developments. In addition, NYCHA connects residents to critical programs and services from external and internal partners, with a focus on economic opportunity, youth, seniors, and social services. With a housing stock that spans all five boroughs, NYCHA is a city within a city.

NYCHA is seeking an experienced manager to lead a Cyber Security Engineering team. The ideal candidate for this position is a self-starter with strong technical acumen and a proven ability to lead and mentor a team in a dynamic and fast-paced environment; calm under pressure, able to manage and prioritize multiple tasks, especially during high-stress situations such as security incidents. This individual is an excellent communicator, capable of translating complex technical concepts into clear and actionable plans for both technical and non-technical stakeholders. Candidate demonstrates strong problem-solving skills, a proactive approach to identifying and mitigating risks, and an unwavering commitment to maintaining a secure and resilient environment. The ideal candidate also fosters a collaborative team culture, encourages continuous learning, and remains adaptable in the face of evolving threats and technologies. Selected candidate will lead a team of two (and growing) cybersecurity professionals and report directly to the Chief Information Security Officer. Seasoned cybersecurity professionals with a passion for safeguarding critical infrastructure and a commitment to public service are encouraged to apply and become a part of NYCHA’s mission.

Roles and Responsibilities

- Team Development: Mentor, guide, and develop team members by providing regular feedback, fostering their growth, and helping them build their skills and career paths.
- Task Delegation: Assign tasks and projects to team members based on their skills and experience, ensuring workload is balanced and deadlines are met.
- Performance Management: Monitor and evaluate team performance. Set individual and team goals.
- Recruitment: Participate in the hiring process to build and expand the team as needed.
- Security Roadmap: Develop and maintain a security engineering roadmap that aligns with the overall security strategy and business objectives.
- Process Development: Define and implement security procedures and standards to protect the environment.
- Risk Assessment: Conduct regular security risk assessments, identify potential vulnerabilities, and develop plans to mitigate those risks.
- Security Architecture: Provide input on the design, implementation, and maintenance of the security architecture, ensuring it meets the organization’s needs and industry standards.
- Solution Design and Implementation: Lead the planning, design, and implementation of innovative cybersecurity solutions.
- Tooling and Automation: Oversee the evaluation, selection, and implementation of security tools and technologies, as well as the automation of security processes.
- Creative Problem Solving: Employ innovative thinking to approach complex security challenges and encourage the team to explore alternative strategies and embrace new perspectives to overcome obstacles and achieve objectives.
- Vulnerability Management: Oversee vulnerability scanning and patch management efforts to ensure that systems remain secure and up to date.
- Collaboration with IT: Work closely with IT infrastructure teams to ensure that security is integrated into all phases of the software development lifecycle and infrastructure management.
- Compliance and Audit Support: Ensure that security practices align with regulatory and compliance requirements and support internal and external audits.
- Innovation: Stay current with the latest security trends, threats, and technologies, and continuously seek ways to improve the security posture.
- Metrics and Reporting: Establish and track objectives and key results (OKRs) and metrics to measure the effectiveness of security initiatives.
- Budget Planning: Manage the budget for the security engineering team, making sure resources are allocated efficiently to meet team and organizational goals.
- Policy Enforcement: Ensure that security policies and procedures are consistently enforced across the environment.
- Compliance Monitoring: Regularly review and update security practices to ensure compliance with industry regulations, standards, and internal policies.
- Post-Incident Analysis: Participate in post-incident reviews to identify lessons learned and implement changes to prevent future occurrences.

Additional Information

1. NYCHA employees applying for transfer, promotional, title or level change opportunities must have served a period of one year at current location and in current title and level (if applicable).
2. NYCHA residents are encouraged to apply.

Please read this posting carefully to make certain you meet the minimum qualification requirements before applying to this position.


Minimum Qualifications

A baccalaureate degree from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the particular position; or,

Education and/or experience which is equivalent to "1" above.


Preferred Skills

- Endpoint Detection and Response (EDR): Proficiency in deploying, managing, and optimizing CrowdStrike Falcon or similar EDR solutions to monitor and protect endpoints against advanced threats. - Vulnerability Assessment and Management: Extensive experience with Rapid7 or comparable tools for conducting vulnerability scans, analyzing results, and driving remediation efforts across diverse IT environments. - Firewall Management: Strong expertise in configuring and managing Palo Alto firewalls, including setting up advanced security policies, monitoring network traffic, and troubleshooting issues to safeguard the perimeter. - Security Information and Event Management (SIEM): In-depth knowledge of Splunk or equivalent SIEM platforms for real-time security monitoring, log analysis, and threat detection, with the ability to design and implement effective alerting and reporting strategies. - Data Loss Prevention (DLP): Familiarity with Microsoft Purview or other DLP tools to enforce data protection policies, monitor sensitive information flows, and ensure compliance with regulatory requirements. - Cloud Security and Networking: Hands-on experience securing and managing cloud networks in Azure and Oracle Cloud Infrastructure (OCI), including identity and access management (IAM), network security groups (NSGs), and virtual private cloud (VPC) configurations. - Automation and Scripting: Ability to leverage scripting languages (such as PowerShell, Python, or Bash) to automate security tasks, enhance operational efficiency, and streamline incident response. - Regulatory Compliance: Understanding of industry standards (e.g., NIST, ISO 27001, GDPR) and experience ensuring that security practices align with legal and regulatory requirements across cloud and on-premises environments. - 4 years of satisfactory of satisfactory full-time experience related to projects and policies. - Able to be in the office two days per week and part of a hybrid work environment.
Public Service Loan Forgiveness

As a prospective employee of the City of New York, you may be eligible for federal loan forgiveness programs and state repayment assistance programs. For more information, please visit the U.S. Department of Education’s website at https://studentaid.gov/pslf/.
Residency Requirement

NYCHA has no residency requirements.
Additional Information

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.

Job ID

679114

Title code

95622

Civil service title

IT SECURITY SPECIALIST

Title classification

Non-Competitive-5

Business title

Senior Manager, Cyber Security Engineering

  1. Experienced (non-manager)

Job level

00

Number of positions

1

Work location

C&RM-Security Engineering

  1. Technology, Data & Innovation

Senior Manager, Cyber Security Engineering

Search