Information Security Engineer/Architect

The New York City Department of Transportation’s (DOT) IT & Telecom division is seeking a capable Information Security Engineer, who enjoys security work and possesses both deep and wide expertise in the cybersecurity space. Under the direction of the Executive Director of Information Security and in coordination and cooperation with DOT business units, the successful candidate will conduct regular system tests and ensuring continuous monitoring of network security, promptly respond to all security incidents and providing thorough post-event analyses and make things more secure by protecting system boundaries, keeping computer systems and network devices hardened against attacks and securing highly sensitive data.

Responsibilities:

• Plan, define and maintain policies, standards, configuration and operating procedures and guidelines regarding security, identity, and access.
• Monitors industry developments; liaises with vendors. Ensures compliance with Citywide and agency security policies and standards. Recommends updates and improvements to agency security policies and standards.
• Identifies probable system exposure, compromise, problems, or design flaws and escalates issues to upper management to limit serious performance impact.
• Define, manage, and monitor data security, confidentiality, integrity, and availability.
• May provide training, conduct new hire orientations, and produce ongoing monthly security awareness newsletters.
• Analyzes, designs, implements, tests, troubleshoots, integrates, documents, and configures IT security infrastructure to maximize performance and capacity.
• Plan, initiate and implement new security infrastructure architecture or design changes.
• Consult with agency executives to provide IT Security policy guidance.
• As per requirement, offers support to application development, network, server, database and storage teams regarding new technologies, services, and system requirements.
• Provide security design assistance on new products and internally developed projects.
• Define, manage, and monitor security devices, including procedures for detecting, reporting, and responding to computer security incidents.
• Serves as subject matter expert regarding security design of applications, networks, servers, storage and virtualization, directory services, identity connectors, authentication, web single sign-on and federation, and application servers providing delegated administration, role management, and web services.
• Liaise with vendors, as necessary.
• Monitor developments regarding various IT architectural platforms, including hardware, software and network communication components, operating systems, LDAP, server networking, basic load-balancing, DNS, certificate management, and HTTPS.
• Review and analyze design and/or accreditation documentation to ensure appropriate security controls are in place.
• Perform security assessments of applications and infrastructure.
• Oversees multiple projects, supervises employees.
• Architect, design, implement, maintain, and operate information system security controls and countermeasures.
• Responds to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement.

A baccalaureate degree from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the particular position; or,

Education and/or experience which is equivalent to above.