Information Security Analyst - MIS
Our Vision: To make New York City the global model for inclusive innovation and economic growth, fueled by the City’s diverse people and businesses.
Our Mission: To create shared prosperity across New York City’s five boroughs by strengthening neighborhoods and growing good jobs.
Your Role: Responsible for a broad range of activities, including the day-to-day management of information security tools and devices, project implementation of security initiatives, and will include significant responsibilities for the security administration of a wide variety of IT systems across the enterprise. The individual in this position interacts closely with associates from various IT teams — including the application development, infrastructure, and help desk support teams — and with many other business areas throughout the organization. This position is also responsible for access controls, security incident detection and response, security control documentation, and reporting.
Essential Duties and Responsibilities:
- Perform IT risk assessments
- Install and manage security solutions such as firewall.
- Recommend security enhancements and purchases
- Train staff on network and information security procedures
- Cross train peers to support IT Risk management responsibilities as assigned, act as mentor for colleagues with less experience
- Create test and implement network disaster recovery plans
- Complete projects as assigned
- Other duties as assigned
- Bachelor’s degree or above
- 3+ years’ experience in support of information technology systems, networks, and related business processes
- 3+ years of relevant audit, information risk, security, or compliance experience with a firm understanding of risk assessment and analysis techniques and industry risk models
- Experience with NGFW such as Checkpoint network security gateway
- Experience with vulnerability testing preferred.
- Experience with security monitoring technology (SIEM)
- Strong communications skills, both written and oral
- Subject-matter expert in multiple IT or security disciplines such as authentication and authorization models, data protection methods, networking, firewall models, investigations, threat and vulnerability management processes
- Comfortable interfacing with other internal or external organizations regarding risk and compliance findings
- Experience with web proxy or web filtering solution is a plus, but not required
- CISSP or related information security certification is a plus, but not required
- NYC residency required within 180 days of hire