Deputy CISO Governance, Risk & Compliance
City of New York - New York City, NY
Apply NowJob Description
Job Description The Office of Technology and Innovation (OTI) oversees all Citywide technology, privacy, cybersecurity, infrastructure, and telecommunications to ensure the security of, and enhance, City operations and service delivery to New York City's residents, businesses, employees, and visitors. As the City's technology and innovation leader, OTI is responsible for operating, maintaining, and securing IT infrastructure and systems that touch every aspect of City life from public safety to human services, from education to economic development crossing the full spectrum of governmental operations. Reporting to the Citywide Chief Information Security Officer (CISO), the Deputy CISO for Governance, Risk & Compliance (GRC) provides leadership, executive support, strategic and tactical guidance, and complete execution for the GRC program for Cyber Command. The Deputy CISO will lead an adaptable and secure business-supporting cybersecurity team of audit, compliance, risk and policy analysts. The Deputy CISO will be responsible for identifying, evaluating and reporting on information security risks, in addition to influencing and implementing tools and practices to enhance processes related to third-party risk management, agency compliance, and audit engagement. The position requires a diverse background to understand a variety of systems, including new technologies and legacy systems considered business critical. The Deputy CISO for Governance, Risk & Compliance will: Oversee the implementation and maintenance of policies, as well as a comprehensive controls framework to ensure technical systems and information assets are protected; Direct and conduct ongoing risk analysis organization-wide to uphold the GRC program; Lead a team dedicated to an ongoing security maturation program, where areas of strength are amplified and areas needing improvement are documented; Partner with business units when onboarding solutions to ensure adequate controls are available and enabled in production; Oversee audit and compliance mechanisms to measure and enforce alignment with citywide cybersecurity requirements; Oversee governance and tracking of remediation requirements from agency assessments; Oversee findings brought forward through the risk mitigation and acceptance program and report to security leadership where gaps exist; Engage in continuous professional development with team management, honing direction as well as strategic plans; Maintain a high degree of knowledge with current and proposed security changes impacting regulatory, privacy and security industry best practice guidance; Manage special projects and initiatives as assigned. Qualifications A baccalaureate degree from an accredited college including or supplemented by 24 credits in the field of voice and/or data telecommunications or in a pertinent scientific, technical, electronic or related area, and four years of satisfactory fulltime experience in the performance of analytical, planning, operational, technical, or administrative duties in a voice and/or data telecommunications or closely related electronics planning, management, and/or service organization, one year of which must have been in a highly specialized capacity and 18 months must have been in an executive, managerial, or administrative capacity or in the supervision of staff performing work in the voice and/or data telecommunications field; or An associate degree from an accredited college including or supplemented by 12 credits in the field of voice and/or data telecommunications or in a pertinent, scientific, technical, electronic or related area and five years of experience as described in '1' above; or Education and/or experience equivalent to '1' above. However, all candidates must have at least a four-year high school diploma or its educational equivalent and one year of the specialized experience as described in '1' above and must possess the 18 months of executive, managerial, administrative or supervisory experience as described in '1' above. Additional Information The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.
Created: 2024-11-02