Review Vacancy
Date Posted: 01/14/22
Applications Due: 02/04/22
Vacancy ID: 97406
Position Information
AgencyHealth, Department of
TitleChief Information Security Officer - 95000
Occupational CategoryOther Professional Careers
Salary Grade662
Bargaining UnitM/C - Management / Confidential (Unrepresented)
Salary RangeFrom $91365 to $115490 Annually
Employment Type Full-Time
Appointment Type Permanent
Jurisdictional Class Non-competitive Class
Travel Percentage 2%
Schedule
Workweek Mon-Fri
"Other" Explanation Evenings and weekends as needed.
Hours Per Week 37.5
Workday
From 9 AM
To 5 PM
Flextime allowed? No
Mandatory overtime? Yes
Compressed workweek allowed? Yes
Telecommuting allowed? Yes
Location
County Albany
Street Address Office of Quality and Patient Safety/Center for Health Data Innovation
Corning Tower, Empire State Plaza
City Albany
StateNY
Zip Code12237
Job Specifics
Minimum Qualifications Bachelor’s degree* and five years of information technology experience, including three years of information security or information assurance experience.
*Appropriate information security or information assurance experience may substitute for the bachelor’s degree on a year-for-year basis; an associate’s degree requires an additional two years of information technology, information security, or information assurance experience. Experience solely in information security or information assurance may substitute for the general information technology experience.
Preferred Qualifications: Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA).; Experience with All payer security and privacy requirements, as well as relevant National Institute of Standards and Technology (NIST) security standards and Security Policies & Standards required by CMS (Medicaid, Medicare, Children’s Health Insurance Program) such as MARS-E 2.0 SSP, NIST SP 800-111, NIST SP 800-53, HIPAA, HITECH, FIPS 140-2, FIPS199, etc; Excellent interpersonal, written, and verbal communications skills; Excellent analytical and problem-solving skills; Experience presenting to executives and leadership teams, with the ability to communicate security and risk-related concepts.
Duties Description The CISO 1 position will work within the Center for Health Data Innovation and will ensure essential security risk management, compliance and oversight of the All Payer Database (APD) and other data systems in Office of Quality and Patient Safety (OQPS). Because the APD integrated with multiple independent systems and supported by multiple vendors, the CISO 1 will be responsible for overseeing a growing portfolio of systems that support transfer, intake, processing, and storing, of health care information.
The CISO 1 will be responsible for overseeing the implementation of State and national cyber security standards and policies in the APD; implementing security controls to ensure the confidentiality, integrity, and availability of the NYS data in the APD; and coordinating risk assessment analysis, vulnerability remediation and cyber incident response to the APD, Statewide Planning and Research Cooperative System (SPARCS), Vital Statistics (VS), Medicaid Data Mart, Health Data NY programs, data intake systems, and public and commercial health insurance program enrollment and term segment information, and COVID Registry.
Duties include, but are not limited to:
- Develop, maintain, and assure information security and risk management, and compliance with policies, standards, protocols and best practices and create and facilitate cyber security risk assessment processes, including oversight and reporting on remediation efforts for APD and other associated systems in OQPS.
- Collaborate with OQPS program managers to identify and understand the information assets in APD that support critical business functions and manage related cybersecurity risks in a manner consistent with the OQPS’s overall cybersecurity risk management strategy and business objectives.
- Ensure APD security and privacy controls are implemented to comply with all applicable New York State Security Policies & Standards; relevant National Institute of Standards and Technology (NIST) security standards and Security Policies & Standards as required by CMS (Medicaid, Medicare, Children’s Health Insurance Program) and to ensure compliance required to retain federal funding of the APD;
- Ensure compliance with a system security plan (SSP) that meets national standards and policies (such as CMS’ Minimum Acceptable Risk Standards for Exchanges (MARS-E) Version 2.0 SSP, NIST Special Publication (SP) 800-111, NIST SP 800-53, Health Insurance Portability and Accountability Act (HIPAA) Compliance, Health Information Technology for Economic and Clinical Health (HITECH) Act, FIPS 140-2 compliance, Federal Information Processing Standard (FIPS) Publication 199, etc.);
- Oversee the coordination between the OQPS programs, the New York State Office of Information Technology Services (NYS ITS), and vendors, in Information Security Risk Assessment; Plan of Action, Vulnerability Remediation, Disaster Recovery and Incident Response
- Ensure required OQPS/APD security policy documents are developed, updated, and maintained as systems evolve and expand to accommodate needs and requirements;
- Ensure supporting OQPS/APD procedure documentation is in place defining account management, system monitoring, and support services of the APD environment (combination of vendors, OQPS, and NYS ITS documentation);
- Ensure applicable OQPS personnel, ranging from support staff to technical and executive staff, have been trained on security policies & procedures;
- Perform full range of supervisory responsibilities and other duties as assigned.
Additional Comments Candidates should be prepared to provide their degree/transcript upon interview
Some positions may require additional credentials or a background check to verify your identity.
Contact Information
Name Josh Breden
Telephone 5184861812
Fax (518)473-3395
Email Address resume@health.ny.gov
Address
Street Human Resources Management Group,
Room 2217, Corning Tower, ESP
City Albany
State NY
Zip Code 12237
Notes on ApplyingSubmit resume, preferably in PDF format, by email to resume@health.ny.gov, with Reference JB/95000/CISO included in the subject line or by mail to Human Resources Management Group, JB/95000/CISO Rm 2217, Corning Tower Building, Empire State Plaza, Albany, NY 12237-0012, or by fax to (518) 473-3395. Failure to include the required information may result in your resume not being considered for this position. Resumes will be accepted until February 4, 2022
Resumes accepted throughl January 4, 2021.
FAQs • How to Get a State Job • Workers with Disabilities (55b/c) • Civil Service Exams
State Agencies: Department of Civil Service • Office of the State Comptroller
OER Link: Employee Unions and Bargaining Units
Exam announcements • General Information about NYS Government
© 2024 NYS Office of Employee Relations
StateJobsNY ℠ 2024 NYS Office of Employee Relations
Accuracy • Privacy • Accessibility • Contact