Cybersecurity Senior Data Analyst

About The Position

Requirements

• A baccalaureate degree, from an accredited college including or supplemented by twenty-four (24) semester credits in cyber security, network security, computer science, computer programming, computer engineering, information technology, information science, information systems management, network administration, or a pertinent scientific, technical or related area; or
• A four-year high school diploma or its equivalent approved by a State’s department of education or a recognized accrediting organization and three years of satisfactory experience in any of the areas described in “1” above; or
• Education and/or experience equivalent to “1” or “2”, above. College education may be substituted for up to two years of the required experience in “2” above on the basis that sixty (60) semester credits from an accredited college is equated to one year of experience. In addition, twenty-four (24) credits from an accredited college or graduate school in cyber security, network security, computer science, computer programming, computer engineering, information technology, information science, information systems management, network administration, or a pertinent scientific, technical or related area; or a certificate of at least 625 hours in computer programming from an accredited technical school (post high school), may be substituted for one year of experience.

Responsibilities

• Plan and execute advisory, assessment and audit projects using information technology (IT) Governance, Risk and Compliance (GRC) best practices, methodologies and tools.
• Conduct research and analysis of the agency’ systems, IT hardware and network infrastructure, programs, IT contracts and procurement, IT professional services, and compliance with the City’s and Agency’s policies and procedures and in comparison, to federal and industry recommended standards, frameworks and controls.
• Assist in the development of cybersecurity audit plans, test plans, system analyses and IT system controls.
• Document and present IT advisory, assessment and audit reports – including test results – to all levels of management.
• Perform cybersecurity IT audits, security risk assessments, IT system integrity testing, IT controls reviews and integrated audits with fiscal auditors.
• Research, analyze and evaluate risks and controls relevant to cybersecurity and provide risk assessment and risk mitigation recommendations.
• Document project lessons learned and help identify risk management and performance improvement opportunities.
• Support Audit Management in conducting internal reviews of the Department’s general IT system controls (e.g., access control, audit and accountability, configuration management, contingency planning, incident response and disaster recovery, physical and environmental protection, data center operations, supply chain risk management, etc.), and recommend controls to mitigate risks.
• Support the assessment of Department’s compliance with federal requirements such as HIPAA Security and Privacy rules.
• Maintain ongoing and open communication with the Department’s programs – including the Division of Information Technology Office of Cybersecurity on general and application control issues and implementation of corrective actions.
• Prepare and maintain complete work paper documentation, memos, and letters.
• Act as the agency’s representative during external audits/ reviews, and as a liaison between the Comptroller’s Office, third party auditors/reviews and the division/bureau being audited
• Seek self-improvement through education, certification, training, and staying abreast of current and emerging technologies; and;
• Research and stay up-to-date on IT risk management and relevant audit concepts and methods.

Benefits

• City employees are entitled to unmatched benefits such as:
• a premium-free health insurance plan that saves employees over $10K annually, per a 2024 assessment.
• additional health, fitness, and financial benefits may be available based on the position’s associated union/benefit fund.
• a public sector defined benefit pension plan with steady monthly payments in retirement.
• a tax-deferred savings program and
• a robust Worksite Wellness Program that offers resources and opportunities to keep you healthy while serving New Yorkers.
• Depending on your position, you may be able to work up to two days during the week from home.
• Job Security - you could enjoy more job security compared to private sector employment and be able to contribute to making NYC a healthy place to live and work.