Governance, Risk & Compliance Lead

About The Position

Requirements

• APPLICANTS MUST BE PERMANENT IN THE COMPUTER SPECIALIST (SOFTWARE) CIVIL SERVICE TITLE.
• A baccalaureate degree from an accredited college, including or supplemented by twenty-four (24) semester credits in computer science or a related computer field and two (2) years of satisfactory full-time software experience in designing, programming, debugging, maintaining, implementing, and enhancing computer software applications, systems programming, systems analysis and design, data communication software, or database design and programming, including one year in a project leader capacity or as a major contributor on a complex project; or
• A four-year high school diploma or its educational equivalent and six (6) years of full-time satisfactory software experience as described in “1" above, including one year in a project leader capacity or as a major contributor on a complex project; or
• A satisfactory combination of education and experience that is equivalent to (1) or (2) above. College education may be substituted for up to two years of the required experience in (2) above on the basis that sixty (60) semester credits from an accredited college is equated to one year of experience. A masters degree in computer science or a related computer field may be substituted for one year of the required experience in (1) or (2) above. However, all candidates must have a four year high school diploma or its educational equivalent, plus at least one (1) year of satisfactory full-time software experience in a project leader capacity or as a major contributor on a complex project.
• NOTE: In order to have your experience accepted as Project Leader or Major Contributor experience, you must explain in detail how your experience qualifies you as a project leader or as a major contributor. Experience in computer operations, technical support, quality assurance (QA), hardware installation, help desk, or as an end user will not be accepted for meeting the minimum qualification requirements.
• Special Note To be eligible for placement in Assignment Level IV, in addition to the Qualification Requirements stated above, individuals must have one year of satisfactory experience in a project leader capacity or as a major contributor on a complex project in data administration, database management systems, operating systems, data communications systems, capacity planning, and/or on-line applications programming.

Responsibilities

• Develop, implement and maintain cybersecurity programs, policies, plans and processes which align with Citywide and regulatory cybersecurity policies.
• Identify, manage and maintain the work products required to implement cybersecurity programs, policies, plans and processes.
• Flag and communicated Agency compliance issues and areas of risk ODSM management.
• Work with CISO, allocate and manage funding for all information security activities.
• Work with GRC Manager measure and monitor cost, schedule performance against the information security plan.
• Work with AO staff on internal and external security audit responses.
• Work with GRC manager to develop track and manage Agency Cybersecurity Training and awareness.
• Develop and expand Agency vendor third party risk process.
• Liaise between Agency Privacy Officer and Legal Offices.
• Aid in incident response for compliance related issues and flag areas which may be beyond the Agency risk appetite.