10101 - Application Security Risk Analyst

The Fund for Public Health in New York City (FPHNYC) is a 501(c)3 non-profit organization dedicated to advancing the health and well-being of all New Yorkers.  To this end, in partnership with the New York City Department of Health and Mental Hygiene (DOHMH), FPHNYC incubates innovative public health initiatives implemented by DOHMH to advance community health throughout the city. It facilitates partnerships, often new and unconventional, between the government and the private sector to develop, test, and launch new initiatives. These collaborations speed the execution of demonstration projects, effect expansion of successful pilot programs, and support rapid implementation to meet the public health needs of individuals, families, and communities across New York City.

PROGRAM OVERVIEW

The Division of Information Technology aims to align technology solutions with the DOHMH mission by prioritizing resource use and deploying innovations that facilitate the agency’s day-to-day activities and enhance staff productivity and efficiency. Our goal is to provide users with a reliable, stable, and safe computing environment through the collaboration of the Bureau of Technology Strategy & Project Management, which includes business analysis and IT project management services to define and deliver IT solutions that meet all program needs.  

POSITION OVERVIEW:

The New York City Department of Health and Mental Hygiene (DOHMH) seeks a qualified consultant for the Application Security Risk Analyst role. The application security analyst will join a team responsible for security assessments of applications and other software to identify vulnerabilities, threats, and risks.  The analyst will lead vulnerability assessments and monitoring services across several applications.  Develop proactive cybersecurity security strategies and guidance documentation to empower the agency to protect its data, integrity, and reputation.

RESPONSIBILITIES:

• Collaborate with IT project managers and operational teams to conduct thorough cybersecurity risk assessments to develop appropriate information security plans, procedures, and control techniques.  
• Ensure adequate and appropriate security controls are in place to protect the agency's digital assets from unauthorized access by both on-premises and off-premises systems. 
• Intake security requests for application deployment, software/hardware use, and changes in access control, including the report of exceptions/risk acceptance for further review and remediation. 
• Responsible for generating reports for business and technical managers to evaluate the efficacy of the security controls.  
• Continually perform research to strengthen the agency’s digital security, including programs to encrypt/protect data and prevent future hacks and breaches. 
• Monitor compliance with information security policies and procedures.

QUALIFICATIONS:

• Bachelor’s degree in Computer Science, Information technology, cybersecurity, or a related field or gain equivalent experience with relevant industry certifications.    
• 5+ years of prior relevant IT experience. 
• Ability to understand business needs and workflow requirements and translate these requirements into technical requirement documents. 
• Familiarity with web application development technologies like .NET, JavaScript, AJAX, JSON, HTML5, and CSS. 
• Familiarity with data modeling and relational databases like Oracle, SQL, MySQL, PostgreSQL, etc. 
• Knowledge of R, Python, and Data Visualization Tools. 
• Experience applying Risk Management frameworks. 
• Familiarity with regulatory compliance and standards requirements. 
• Knowledge of security controls in various commercial solutions such as Microsoft, Apple, Google, Cisco, and other enterprise network computing products. 
• Knowledge of Windows platforms and security configurations for Active Directory, Federation Services, and LDAP. 
• Strong written and verbal communication skills. 

SALARY

• Salary range is $65,000 to $95,000.

WORK SCHEDULE

9 AM – 5 PM

Monday – Friday

In-Office

Work Location

42-09 28^th Street, Long Island City, New York, 11101

BENEFITS AT A GLANCE

FPHNYC offers a comprehensive benefit package.

• Generous Paid Time Off (PTO) policy
• Medical, dental, and life insurance with low or no employee contribution
• A retirement savings plan with generous employer contribution
• Flexible spending medical and commuter benefits plan
• Meaningful work at an organization striving to advance health equity and social justice.

RESIDENCY REQUIREMENT

You must live in New York City Tri-state area (NY, NJ, CT) to be considered for a position at FPHNYC.

TO APPLY

To apply, upload Resume, including how your experience relates to this position. Applicants who best match the position needs will be contacted.

The Fund for Public Health in New York City is an Equal Opportunity Employer and encourages a diverse pool of candidates to apply.