Deputy CISO at CityOfNewYork

THE SELECTED CANDIDATE WILL BE OFFERED A SALARY BETWEEN $155,000.00-$165,000.00. The Administration for Children’s Services (ACS) protects and promotes the safety and well-being of children and families through child welfare and juvenile justice services and community supports. ACS manages community-based supports and foster care services and provides subsidized childcare vouchers. ACS child protection staff respond to allegations of child maltreatment. In juvenile justice, ACS oversees detention, placement, and programs for youth in the community. The Office of Information Technology department has the responsibility to provide high quality, reliable, sustainable technology services, and support to meet the needs of the families and children we serve through ACS, its vendor partners and other city agencies. The Chief Information Security Officer (CISO) unit is responsible for establishing and maintaining the information security program at ACS to ensure information assets and technologies are adequately protected. This unit directs staff in identifying, developing, implementing, and maintaining processes across ACS and its program divisions to reduce information and IT risks. The CISO department responds to incidents, establishes appropriate standards and controls, manages security technologies, and directs establishment and implementation of policies and procedures. Responsibilities include Computer Security Incident response team, Cybersecurity, Disaster Recovery, business continuity management, Identity and Access management, Information Privacy, Information Regulatory Compliance (PII, HIPAA, PCI/DSS), Digital Forensics and Information security operation center (ISOC). OIT is seeking a highly qualified Deputy Chief Information Security Officer (DCISO) to support and strengthen the agency’s cybersecurity program. ACS is dedicated to protecting the safety and well-being of New York City’s children and families through services in child welfare, juvenile justice, and early care and education. Reporting to the Chief Information Security Officer (CISO), the Deputy CISO will assist in the development, implementation, and oversight of the agency’s cybersecurity program in alignment with NYC Cyber Command, the Office of Technology and Innovation (OTI), and citywide cybersecurity policies and standards. This role requires an experienced cybersecurity professional who can immediately contribute to both strategic initiatives and day-to-day operations and is not intended for entry-level candidates. Strategic Leadership and Program Execution: - Partner with the CISO to implement and advance ACS’s cybersecurity program, aligned with NYC Cyber Command directives, OTI policies and agency priorities. - Support key initiatives including Zero Trust, vulnerability management, identity security, and enterprise risk management. Team Leadership and Management: - Build, mentor, and manage a high-performing cybersecurity team. Oversee day-to-day activities, set priorities, and ensure effective execution of security initiatives while fostering collaboration, accountability, and professional development. Governance, Risk, and Compliance: - Maintain and enhance security policies, standards and controls aligned with NIST, CIS, ISO, and citywide requirements. - Support risk management, audits, POA&Ms and compliance activities across ACS systems. Application Security: - Partner with IT, business, and development teams to implement application security and Secure SDLC (DevSecOps) practices in Azure environments, ensuring alignment with NYC Cyber Command and OTI policies. Security Operations and Incident Response: - Support and actively contribute to operational functions (incident response, vulnerability management, security engineering, and monitoring). - Coordinate with NYC Cyber Command and internal teams to ensure effective response and remediation. Cloud, Zero Trust and AI Security: - Support and advance ACS initiatives in cloud security (Azure/AWS), Zero Trust architecture, and AI governance, ensuring appropriate controls, monitoring, and protection of sensitive data. IT Collaboration and Technical Execution: - Work closely with IT teams to ensure secure design, implementation, and operation of systems including cloud and application environments. - Provide technical guidance on configurations, integrations and remediation. Security Awareness and Continuous Improvement: - Support agency-wide awareness programs and continuously improve security posture by addressing emerging threats, including cloud and AI-related risks. Reporting and Stakeholder Engagement: - Support reporting of KPIs, KRIs, and security posture to leadership, and maintain coordination with NYC Cyber Command, OTI, and internal stakeholders. ADDITIONAL INFORMATION: Section 424-A of the New York Social Services Law requires an authorized agency to inquire whether a candidate for employment with child-caring responsibilities has been the subject of a child abuse and maltreatment report. TO APPLY: Please go to www.cityjobs.nyc.gov or www.nyc.gov/ess for current NYC employees and search for Job ID#775923 No phone calls, faxes or personal inquiries permitted. Note: Only candidates under consideration will be contacted. IT SECURITY SPECIALIST - 95622