THE SILVER STARS PROGRAM OFFERS RETIRED CITY EMPLOYEES THE OPPORTUNITY TO WORK PART-TIME ON PROJECT BASED ASSIGNMENTS AT A CITY AGENCY.

THIS POSITION IS ONLY AVAILABLE TO CANDIDATES WHO HAVE RETIRED FROM CITY SERVICE. THIS POSITION IS PART-TIME, UP TO 21 HOURS A WEEK, NOT TO EXCEED 12 MONTHS THROUGH SECTION 212 OF THE NEW YORK STATE'S RETIREMENT AND SOCIAL SECURITY LAW (RSSL). A RETIRED CITY EMPLOYEE CAN EARN UP TO $35,000 ON A CALENDAR BASIS (JANUARY THROUGH DECEMBER) AND CONTINUE TO RECEIVE FULL PENSION BENEFITS, HEALTH CARE INSURANCE, AND POSSIBLY SOCIAL SECURITY BENEFITS. SOME EXCEPTIONS MAY APPLY.

The New York City Department of Investigation (“DOI”) is one of the oldest law enforcement agencies in the country with a mission of combating municipal corruption. It serves the people of New York City by acting as an independent and nonpartisan watchdog for New York City government, City agencies, and City employees, vendors with City contracts, individuals and entities that receive City funds.

The Information Technology Unit of the NYC Department of Investigation is currently seeking a highly skilled and motivated Cyber and Information Security Engineer to join our team and play a pivotal role in safeguarding our organization against cyber threats and attacks.. If you're passionate about defending against cyber threats and want to be part of a dynamic and innovative organization, we want to hear from you.

Key Responsibilities:
As a Cyber and Information Security Engineer at DOI, your duties include but are not limited to:

- Design and implement cutting-edge security measures to protect our computer systems, networks, and data.
- Develop and enforce security policies, procedures, and best practices to maintain the confidentiality, integrity, and availability of our digital assets.
- Conduct risk assessments and vulnerability assessments to identify and address potential security weaknesses.
- Lead incident response efforts, investigating security breaches and implementing measures to mitigate future incidents.
- Provide comprehensive security training and awareness programs to educate our employees and users.
- Ensure compliance with security regulations and standards relevant to our industry.
- Configure and manage network security controls to defend against unauthorized access and network-based threats.
- Manage user accounts and access permissions through effective Identity and Access Management (IAM).
- Stay current with cybersecurity trends and technologies, evaluating and implementing new security tools and solutions.
- Collaborate closely with cross-functional teams to integrate security measures into all aspects of our operations and projects.
- Conduct digital forensics investigations to gather evidence and understand security incidents.

1. A baccalaureate degree, from an accredited college including or supplemented by twenty-four (24) semester credits in cyber security, network security, computer science, computer programming, computer engineering, information technology, information science, information systems management, network administration, or a pertinent scientific, technical or related area; or

2. A four-year high school diploma or its equivalent approved by a State’s department of education or a recognized accrediting organization and three years of satisfactory experience in any of the areas described in “1” above; or

3. Education and/or experience equivalent to “1” or “2”, above. College education may be substituted for up to two years of the required experience in “2” above on the basis that sixty (60) semester credits from an accredited college is equated to one year of experience. In addition, twenty-four (24) credits from an accredited college or graduate school in cyber security, network security, computer science, computer programming, computer engineering, information technology, information science, information systems management, network administration, or a pertinent scientific, technical or related area; or a certificate of at least 625 hours in computer programming from an accredited technical school (post high school), may be substituted for one year of experience.

- Advanced Technical Expertise: Proficiency in computer systems, networks, operating systems, and a deep understanding of cybersecurity tools and technologies. - Security Architecture: Capability to design and implement security architectures aligned with business goals and industry best practices, including network segmentation and defense-in-depth strategies. - Cyber Threat Management: Knowledge of emerging threats and the ability to adapt security measures accordingly, including the analysis of threat intelligence feeds. - Incident Response Leadership: Proficiency in leading and coordinating incident response efforts effectively, including incident planning and execution. - Risk Assessment and Management: Expertise in assessing, prioritizing, and managing security risks using risk assessment methodologies. - Secure Coding Knowledge: Understanding of secure coding principles and collaboration with developers to ensure application security. - Encryption and Data Protection: Proficiency in encryption techniques for data at rest and in transit, along with knowledge of data loss prevention (DLP) strategies. - Cloud Security: Familiarity with cloud security best practices and the ability to secure cloud environments (e.g., AWS, Azure, Google Cloud). - Compliance and Regulations: Knowledge of security standards, compliance frameworks (e.g., NIST, ISO 27001), and relevant regulations (e.g., GDPR, HIPAA). - Effective Communication and Leadership: Excellent communication and leadership skills for collaborating with cross-functional teams, providing security guidance, and maintaining documentation. Additional Skills - Security+, CySA+ , CCSP, SSCP, CCNA Certifications are a plus. - Expertise in working on Linux Server, Windows Server and Windows 10/11 OS including command-line functions and occasional registry editing. - Experience with MS Office 2019 and Office 365. Experience with Remote Desktop. - Hands-on experience with removing viruses and spyware using various tools valued. - Experience with Web-based applications support is strongly preferred. - Note: Additional information concerning filing for and taking civil service examinations can be found on the Department of Citywide Administrative Services website at www.nyc.gov/html/dcas

This position is also open to qualified persons with a disability who are eligible for the 55-a Program. Please indicate at the top of your resume and cover letter that you would like to be considered for the position through the 55-a Program.

As a prospective employee of the City of New York, you may be eligible for federal loan forgiveness programs and state repayment assistance programs. For more information, please visit the U.S. Department of Education’s website at https://studentaid.gov/pslf/.

New York City residency is generally required within 90 days of appointment. However, City Employees in certain titles who have worked for the City for 2 continuous years may also be eligible to reside in Nassau, Suffolk, Putnam, Westchester, Rockland, or Orange County. To determine if the residency requirement applies to you, please discuss with the agency representative at the time of interview.

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.