IT Security Specialist

Job Title : IT Security Specialist

Location : NYC, NY (5 days onsite)

Duration : Long Term Contract  

The IT Security Specialist will report to the Chief Information Security Officer, within the Division of Office for the Commissioner, Office of Information Technology (OIT). The unit is comprised of a Chief Information Security Officer, and a senior and junior-level Security architecture position.

Scope of Work

The IT Security Specialist will be responsible for a number of functions associated with IT security – from ensuring the security of software to selecting and/or constructing and deploying broader network security systems. The broader scope for IT Security position including:

• Security Sciences - provides highly functional, available, trusted solutions that enable the ACS to prevent, detect, respond, and recover from cyber threats. To work with CISO to enhance the security program at ACS.
• Threat Management: Threat Management leads, executes, and advises on threat prevention, detection, response, and recovery strategies. This is achieved through citywide Incident Response planning and engagement, the Security Operations Center (SOC), integrated Cyber Threat Intelligence, and Counter Threat Automation and orchestration.
• Vulnerability Management: The threat Management program at ACS provides a risk-based understanding of their vulnerability posture through a process of continuously identifying, classifying, and proactively engaging agencies on remediation and mitigation.
• Governance, Risk, Compliance. (GRC): To prioritize the implementation of cybersecurity services and capabilities to ensure compliance, reduce cybersecurity risk and improve their cybersecurity posture. Additionally, program managers/analysts are responsible for tracking and reporting on the ACS Information security program improving their cybersecurity posture and maturity. The current CISO infosec program involves Security Accreditation to maintain GRC at ACS, candidate will work in the team to help CISO with cyber SSA and Application Security.

The position of IT Security Specialist is necessary to implement critical initiatives and bridge the gap between security and IT infrastructure operational tasks and must be proficient in:

• Identifiesprobable system exposure, compromise, problems, or design flaws and escalates issues to CISO to limit serious performance impact.
• Define, manage, and monitor data security, confidentiality, integrity, and availability.
• May provide training, conduct new hire orientations, and produce ongoing monthly security awareness newsletters.
• Define, manage, and monitor security devices, including procedures for detecting, reporting, and responding to computer security incidents.
• Servesas subject matter expert regarding security design of applications, networks, servers, storage and virtualization, directory services, identity connectors, authentication, web single sign-on and federation, and application servers providing delegated administration, role management, and web services. Liaise with vendors, as necessary.
• Review and analyze design and/or accreditation documentation to ensure appropriate security controls are in place.
• Perform security assessments of applications and infrastructure.
• Analyzes, designs, implements, tests, troubleshoots, integrates, documents and configures

IT security infrastructure to maximize performance and capacity.

• Monitor developments regarding various IT architectural platforms, including hardware, software, network communication components, operating systems, LDAP, server networking, basic load-balancing, DNS, certificate management, and HTTPS.

Preferred Skills:

• Knowledge of Networking (Firewall, Networking Protocols);
• Working knowledge of Rapid 7
• Working knowledge of CrowdStrike
• Working knowledge of Information Security Domains
• Working knowledge of Security protocols
• Working knowledge of Cloud computing