Deputy CISO

City of New York•New York City, NY

22h

About The Position

The Administration for Children’s Services (ACS) protects and promotes the safety and well-being of children and families through child welfare and juvenile justice services and community supports. The Office of Information Technology (OIT) department provides high quality, reliable, sustainable technology services and support. The Chief Information Security Officer (CISO) unit is responsible for establishing and maintaining the information security program at ACS, ensuring information assets and technologies are adequately protected. This unit directs staff in identifying, developing, implementing, and maintaining processes to reduce information and IT risks, responds to incidents, establishes standards and controls, manages security technologies, and directs policy implementation. OIT is seeking a highly qualified Deputy Chief Information Security Officer (DCISO) to support and strengthen the agency’s cybersecurity program. Reporting to the Chief Information Security Officer (CISO), the Deputy CISO will assist in the development, implementation, and oversight of the agency’s cybersecurity program in alignment with NYC Cyber Command, the Office of Technology and Innovation (OTI), and citywide cybersecurity policies and standards. This role requires an experienced cybersecurity professional and is not intended for entry-level candidates.

Requirements

A baccalaureate degree from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the particular position; or,
Education and/or experience which is equivalent to "1" above.
Experienced cybersecurity professional (not intended for entry-level candidates).

Responsibilities

Partner with the CISO to implement and advance ACS’s cybersecurity program, aligned with NYC Cyber Command directives, OTI policies and agency priorities.
Support key initiatives including Zero Trust, vulnerability management, identity security, and enterprise risk management.
Build, mentor, and manage a high-performing cybersecurity team.
Oversee day-to-day activities, set priorities, and ensure effective execution of security initiatives while fostering collaboration, accountability, and professional development.
Maintain and enhance security policies, standards and controls aligned with NIST, CIS, ISO, and citywide requirements.
Support risk management, audits, POA&Ms and compliance activities across ACS systems.
Partner with IT, business, and development teams to implement application security and Secure SDLC (DevSecOps) practices in Azure environments, ensuring alignment with NYC Cyber Command and OTI policies.
Support and actively contribute to operational functions (incident response, vulnerability management, security engineering, and monitoring).
Coordinate with NYC Cyber Command and internal teams to ensure effective response and remediation.
Support and advance ACS initiatives in cloud security (Azure/AWS), Zero Trust architecture, and AI governance, ensuring appropriate controls, monitoring, and protection of sensitive data.
Work closely with IT teams to ensure secure design, implementation, and operation of systems including cloud and application environments.
Provide technical guidance on configurations, integrations and remediation.
Support agency-wide awareness programs and continuously improve security posture by addressing emerging threats, including cloud and AI-related risks.
Support reporting of KPIs, KRIs, and security posture to leadership, and maintain coordination with NYC Cyber Command, OTI, and internal stakeholders.