Job Location : New York,NY, USA
Job Description
Division/Job Summary:
The Division of Information Technology's mission and vision is to promote and protect the health of all New Yorkers through the use of innovative technology and health information that is useful and available. The nation's leading local health department seeks a Senior IT Portfolio Manager join its award-winning, innovative technology team in revolutionizing public health IT.
DIT has an opening for a Cyber Risk Analyst serving DOHMH Division of Information Technology Office of Cybersecurity. This individual will perform tasks and assignments in the fields of Cybersecurity risk assessments, and other relevant and required duties for the Cybersecurity Risk team, to further the mission of the Office of Cybersecurity (Information Security).
DUTIES WILL INCLUDE BUT NOT BE LIMITED TO:
Risk Identification and Resolution: Collaborate with cross-functional teams to identify and assess cybersecurity risks associated with digital operations, applications, cloud solutions, firewalls, IoT devices, software, custom development, and technology acquisitions. Fulfill risk assessment tickets in a timely manner, ensuring accurate documentation and meeting go-live conditions.
Third-party Risk Management: Stay abreast of the latest security, privacy, and regulatory concerns, ensuring a proactive approach to third-party risk management. Advise the organization on security and privacy provisions within agreements or contracts, responding to changes requested by third parties to ensure compliance and data protection. Develop and implement efficient processes for risk acceptances, balancing business needs with cybersecurity requirements for various technology domains.
Continuous Process Improvement in Risk Assessment: Lead initiatives to enhance the efficiency and effectiveness of risk assessment processes. Regularly assess the methodology and tools used for risk assessment, identifying areas for improvement to ensure continuous alignment with industry best practices. Implement improvements in risk assessment workflows, ensuring they remain adaptive to emerging cybersecurity threats for all technology domains.
Staying Abreast of Cybersecurity Knowledge and Trends: Proactively monitor and analyze the latest cybersecurity threats, vulnerabilities, and attack vectors. Stay current with industry best practices, emerging technologies, and evolving regulatory requirements to ensure our cybersecurity measures remain at the forefront of the field. Engage in continuous learning through participation in industry conferences, workshops, and professional development opportunities to expand your knowledge base.
Technology Assessments: Collaborate with IT project management and operational teams to conduct thorough security analyses encompassing a diverse range of technologies. This includes, but is not limited to, cloud solutions, network security, connected devices, software applications, custom development projects, and technology acquisitions. Implement and maintain security metrics to analyze risks and identify opportunities for reducing vulnerabilities in different technology domains.
Stakeholder Collaboration: Collaborate with internal and external stakeholders to obtain disposition of various technology solutions, updating the organization's inventory list and ensuring a comprehensive understanding of security measures across the enterprise.
Preferred Skills:
In addition to the foundational skills mentioned earlier, an experienced candidate should also possess:
Demonstrated experience in leading cybersecurity initiatives and driving risk-based decision-making across diverse technology domains.
Proven ability to assess and communicate complex cybersecurity concepts to stakeholders at all levels of the organization.
Extensive knowledge of security controls, frameworks, and industry standards, with a focus on continuous improvement.
Preferred Education/Skills:
In addition to the foundational skills mentioned earlier, an experienced candidate should also possess:
Demonstrated experience in leading cybersecurity initiatives and driving risk-based decision-making across diverse technology domains.
Proven ability to assess and communicate complex cybersecurity concepts to stakeholders at all levels of the organization.
Extensive knowledge of security controls, frameworks, and industry standards, with a focus on continuous improvement.
Bachelor's degree in information technology or Computer Science.
Industry-recognized certifications within information security and privacy domains (e.g., CISSP, GIAC, CISM, CISA, CIPP, CTPRP, CCSP, etc.).
5+ years of experience in an IT computer-related field.
3+ years of experience with Cybersecurity efforts and emerging technology aligned with the Risk
Why you should work for us:
- Loan Forgiveness: As a prospective employee of the City of New York, you may be eligible for federal/state loan forgiveness and repayment assistance programs that lessen your payments or even fully forgive your full balance. For more information, please visit the U.S. Department of Educations website (
- Benefits: City employees are entitled to unmatched benefits such as:
o a premium-free health insurance plan that saves employees over $10K annually, per a 2024 assessment.
o additional health, fitness, and financial benefits may be available based on the positions associated union/benefit fund.
o a public sector defined benefit pension plan with steady monthly payments in retirement.
o a tax-deferred savings program and
o a robust Worksite Wellness Program that offers resources and opportunities to keep you healthy while serving New Yorkers.
- Work From Home Policy: Depending on your position, you may be able to work up to two days during the week from home.
- Job Security - you could enjoy more job security compared to private sector employment and be able to contribute to making NYC a healthy place to live and work.
Established in 1805, the New York City Department of Health and Mental Hygiene (NYC Health Department) is the oldest and largest health department in the U.S., dedicated to protecting and improving the health of NYC. Our mission is to safeguard the health of every resident and cultivate a city where everyone, regardless of age, background, or location, can achieve their optimal health. We provide a wide array of programs and services focused on food and nutrition, anti-tobacco support, chronic disease prevention, HIV/AIDS treatment, family and child health, environmental health, mental health, and social justice initiatives. As the primary population health strategist and policy authority for NYC, with a rich history of public health initiatives and scientific advancements, from addressing the 1822 yellow fever outbreak to the COVID-19 pandemic, we serve as a global leader in public health innovation and expertise.
Come join us and help to continue our efforts in making a difference in the lives of all New Yorkers!
Commitment to Equity:
The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.
The NYC Health Department is an inclusive equal opportunity employer committed to providing access and reasonable accommodation to all individuals. To request reasonable accommodation to participate in the job application or interview process, contact Sye-Eun Ahn, Director of the Office of Equal Employment Opportunity, at ...@health.nyc.gov or 347-###-####.
Qualifications
A baccalaureate degree from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the particular position; or,
Education and/or experience which is equivalent to 1 above.
Additional Information
The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.