Minimum Qualifications Qualifications:
Formal qualifications are not filed for this position. However, the following may be considered minimally acceptable:
• Bachelor’s Degree in Information Security, Computer Science, Management of Information Systems, or related field required. Masters and professional certifications, such as CISSP, preferred.
• Minimum of six (6) years of experience in a combination of risk management, information security and information technology fields. Experience in a leadership role is preferred. Employment history should demonstrate increasing levels of responsibility.
• Knowledge of common information security management frameworks, such as NIST.
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
• Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic environment.
This is an appointment to a position in the exempt jurisdictional class. As such, the incumbent of this position would serve at the pleasure of the appointing authority.
Duties Description The Department of Financial Services (“DFS”) is seeking candidates to fill the position of Chief Information Security Officer. The incumbent of this position will be responsible for ensuring that information security policies and procedures are established and implemented to protect the information assets of DFS. Duties of this position will include, but not be limited to, the following:
• Develops, implements and disseminates up-to-date department-wide information security policies and procedures to address issues presented by rapidly changing technology;
• Leads a risk-based process for vendor risk management, including the assessment and treatment for risks that may result from partners, consultants and other service providers;
• Manages and maintains a security and risk management awareness training program for DFS staff, contractors, and approved system users;
• Assists with the development and maintenance of a Disaster Recovery/Business Continuity Plan;
• Oversees incident response, and coordinates efforts to restore and recover from events that may negatively affect information, systems and critical infrastructure that support Department business functions;
• Provides routine updates on cyber risks, incidents and priority initiatives, and works with executive management to prioritize initiatives and spending to reduce cybersecurity risk and improve the overall information security program;
• Functions as an internal consulting resource on information security issues, including policy and regulatory issues;
• Participates on teams charged with designing new applications or making major modifications to existing systems to ensure auditability and security are considerations from the inception;
• Ensures that security programs are in compliance with relevant laws, regulations and policies; and
• Performs full range of supervisory responsibilities.
Additional Comments Positions located within the New York City metropolitan area, as well as Suffolk, Nassau, Rockland, and Westchester Counties, are also eligible to receive an additional $3,026 annual downstate adjustment.
Occasional travel to Albany, NY office will be required.
Appointment to this position is pending Division of Budget approval to fill.
Some positions may require additional credentials or a background check to verify your identity.
Notes on ApplyingTo Apply: Interested qualified candidates must submit a resume and letter of interest no later than August 26, 2019 to the email address listed below. Please include Box CISO-10116 in the subject line of your email to ensure receipt of your application. Email submissions are preferred.
New York State Department of Financial Services
Office of Human Resources Management
One Commerce Plaza, Suite 301
Albany, New York 12257
Fax: (518) 402-5071
All candidates that apply may not be scheduled for an interview
AMERICANS WITH DISABILITIES ACT: REASONABLE ACCOMMODATIONS
Under the Americans with Disabilities Act (ADA), the Department of Financial Services is required to provide reasonable accommodation for known physical or mental limitations of an otherwise qualified applicant with a disability if an accommodation would enable the applicant to perform the essential functions of the job and the accommodation would not constitute an undue hardship on the operations of the agency.