ASSISTANT DEPUTY COMMISSIONER DATA SECURITY OPERATIONS

APPLICANTS MUST BE PERMANENT IN THE COMPUTER SYSTEMS MANAGER CIVIL SERVICE TITLE.

The Department of Social Services Accountability Office (DSSAO) is responsible for supporting the integrity of social services programs administered by the New York City Human Resources Administration (HRA) Department of Social Services (DSS) and Department of Homeless Services (DHS).

DSSAO maintains the operation of the Office of Audit Services (OAS) and Office of Quality Assurance (OQA) Office of Accountability Strategies (OAS) Compliance and Contract Monitoring (CCM) Investigation Revenue and Enforcement Administration (IREA) Office of Data Security Management (ODSM) and the Accountability Initiative and Change Monitoring (AICM).

The Office of Data Security Management (ODSM) is responsible for implementing the Agencys cybersecurity program. ODSM is tasked with continuously improving the Agencys risk posture by ensuring that appropriate security controls are in place to protect the confidentiality integrity and availability of Agency information resources.

The Office of Data Security Management is recruiting for (1) Computer Systems Manager M IV to function as an Assistant Deputy Commissioner Data Security Operations who will:

Develop and implement best practices to support efficiencies and effective daily operations in an ongoing effort to meet the Agencys cybersecurity needs. Oversee the daytoday operations for the Security Operations Center and Emergency Operations and Incident Management units. Collaborate to ensure appropriate crossutilization of the various units across ODSM.

Implement the strategic goals determined by the Chief Information Security Officer (CISO) including: the strategic enterprise cybersecurity and risk management plan and a longterm roadmap to arrive at the desired future state. Ensure implementation of security controls requirements policies and standards as outlined in the strategic plan.

Monitor implementation priorities and specific initiatives necessary to achieve the future state. Ensure the CISO is updated periodically communicate changes in priorities to the relevant stakeholders monitor workstreams that support and implement agreed upon strategic goals. Develop and recommend corrective action plans where needed.

Through the direction of the CISO the ADC implements the appropriate data security management framework for the Agency. Implement established controls into daily operations to monitor compliance. Recommend IT solutions to the CISO to minimize the risk of cyberattacks and insider vulnerabilities. Support/assist the CISO in the development of operationslevel policies and proactively identify/remediate potential weaknesses. Conduct vulnerability scans monitor and analyze network logs and flows aggressively monitor the Identity and Access Management (IAM) program and data and usage discovery for investigations of employees. Present findings to the CISO the Chief Accountability Officer the DSS First Deputy Commissioner and the Commissioner.

Oversee the daytoday operations related to Security Operations Center which monitors the Agencys network perimeter endpoints and applications. Oversee the investigation of reported security breaches. Develop strategies to effectively and appropriately handle security incidents and trigger investigations. Coordinate major incident response among internal and external stakeholders oversee postmortem analyses and ensures findings are communicated and addressed appropriately.

At the direction of the CISO implement an Agencywide information security awareness program. Facilitate the implementation of methods to educate Agency personnel such as behavioral and learning tests and nudge theory.

Review and analyze reports outcome and use findings to report on the effectiveness of current program and the state of personnel preparedness. Makes recommendations to the CISO and implements corrective action plans as necessary. Ensures that the program meets all relevant city state and federal mandates and that it leverages best industry practices. Periodically reports findings monthly to agency executives including the Commissioner.



Hours/Shift: Monday to Friday: 9 am 5pm

Location:

Qualifications :

1. A masters degree in computer science from an accredited college or university and three (3) years of progressively more responsible fulltime satisfactory experience in Information Technology (IT) including applications development systems development data communications and networking database administration data processing or user services. At least eighteen (18) months of this experience must have been in an administrative managerial or executive capacity in the areas of applications development systems development data communications and networking database administration data processing or in the supervision of staff performing these duties; or

2. A baccalaureate degree from an accredited college or university and four (4) years of progressively more responsible fulltime satisfactory experience as described in 1 above; or

3. A fouryear high school diploma or its educational equivalent and six (6) years of progressively more responsible fulltime satisfactory experience as described in 1 above; or

4. A satisfactory combination of education and experience equivalent to 1 2 or 3 above. However all candidates must have at least a fouryear high school diploma or its educational equivalent and must possess at least three (3) years of experience as described in 1 above including the eighteen (18) months of administrative managerial executive or supervisory experience as described in 1 above.

In the absence of a baccalaureate degree undergraduate credits may be substituted for a maximum of two (2) years of the required experience in IT on the basis of 30 semester credits for six (6) months of the required experience. Graduate credits in computer science may be substituted for a maximum of one (1) year of the required experience in IT on the basis of 30 graduate semester credits in computer science for one (1) year of the required IT experience. However undergraduate and/or graduate credits may not be substituted for the eighteen (18) months of experience in an administrative managerial executive or supervisory capacity as described in 1 above.

Additional Information :

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic including but not limited to an individuals sex race color ethnicity national origin age religion disability sexual orientation veteran status gender identity or pregnancy.

Remote Work :

No

Employment Type :

Fulltime