NYC Department of Health and Mental Hygiene
Cybersecurity Senior Data Analyst, Bureau of Audit Services
NYC Department of Health and Mental Hygiene, New York, New York, us, 10261
Cybersecurity Senior Data Analyst, Bureau of Audit Services
Join to apply for the
Cybersecurity Senior Data Analyst
role at the
NYC Department of Health and Mental Hygiene . This position reports to the Cyber Security IT Audit Manager in the Bureau of Audit Services, Office of the Chief Operating Officer, and it plays a leading role in risk‑based assessments of the Department’s operational efficiencies, control effectiveness, and compliance with federal laws such as HIPAA, Citywide policies, and the New York City Comptroller’s directives.
Responsibilities
Plan and execute advisory, assessment and audit projects using IT Governance, Risk and Compliance (GRC) best practices, methodologies and tools.
Conduct research and analysis of agency systems, IT hardware and network infrastructure, programs, IT contracts and procurement, IT professional services, and compliance with the City’s and Agency’s policies and procedures and with federal and industry standards, frameworks and controls.
Assist in developing cybersecurity audit plans, test plans, system analyses and IT system controls.
Document and present IT advisory, assessment and audit reports including test results to all levels of management.
Perform cybersecurity IT audits, security risk assessments, IT system integrity testing, IT controls reviews and integrated audits with fiscal auditors.
Research, analyze and evaluate risks and controls relevant to cybersecurity and provide risk assessment and risk mitigation recommendations.
Document project lessons learned and help identify risk management and performance improvement opportunities.
Support Audit Management in conducting internal reviews of the Department’s general IT system controls (e.g., access control, audit and accountability, configuration management, contingency planning, incident response and disaster recovery, physical and environmental protection, data center operations, supply chain risk management), and recommend controls to mitigate risks.
Support the assessment of Department’s compliance with federal requirements such as HIPAA Security and Privacy rules.
Maintain ongoing and open communication with the Department’s programs, including the Division of Information Technology Office of Cybersecurity on general and application control issues and implementation of corrective actions.
Prepare and maintain complete work paper documentation, memos, and letters.
Act as the agency’s representative during external audits/reviews, and as a liaison between the Comptroller’s Office, third party auditors/reviews and the division/bureau being audited.
Seek self‑improvement through education, certification, training, and staying abreast of current and emerging technologies; research and stay updated on IT risk management and relevant audit concepts and methods.
Qualifications
A baccalaureate (BA/BS) degree in information technology, computer science, systems engineering, cybersecurity, accounting, business, or a related area, with 24 semester credits in computer science, accounting and auditing, or related field and at least one year of experience in IT systems and cybersecurity audit, risk, governance or compliance management, incident management, or operations.
Highly motivated, self‑directed and organized professional with the ability to plan and execute projects.
Strong business analysis skills and a curious mindset; excellent oral and written communication skills.
Ability to work independently when given specific instructions.
Excellent interpersonal and relationship building skills.
Adaptability to change, ability to handle multiple projects concurrently and meet deadlines.
Understanding of the CIA Triad and cybersecurity frameworks such as ISO 27000, COBIT 5, and NIST CSF and 800‑53.
Related industry certifications or actively pursuing certifications such as Security+, CISSP, CISA, and/or CISM.
Advanced knowledge of Microsoft Office Suite: Word, Excel, PowerPoint, Access, and Visio.
Experience with ACL (Audit Command Language) or SQL is a plus.
Basic understanding of commonly used operating systems, databases and network structures.
Ability to create and maintain project plans with Gantt charts and other audit project record tools.
Minimum Qualifications
A bachelor’s degree, including 24 semester credits in cybersecurity, network security, computer science, programming, engineering, IT, information science, information systems management, network administration, or a relevant technical field; or
A four‑year high school diploma (or equivalent) with three years of satisfactory experience in any of the areas described above; or
Equivalent education and/or experience as described above; College education may be substituted for up to two years of required experience on the basis that sixty semester credits equal one year of experience. In addition, twenty‑four credits from an accredited institution in a related field, or a certificate of at least 625 hours in computer programming, may substitute for one year of experience.
Benefits
Loan forgiveness and repayment assistance programs.
Premium‑free health insurance plan with significant cost savings.
Additional health, fitness, and financial benefits (dependent on union/benefit fund).
Public sector defined benefit pension plan.
Tax‑deferred savings program.
Worksite Wellness Program.
Work‑from‑home options (up to two days per week).
Job security and opportunity to impact community health.
The NYC Health Department is an inclusive equal opportunity employer committed to providing access and reasonable accommodation to all individuals. To request reasonable accommodation to participate in the job application or interview process, contact Sye‑Eun Ahn, Director of the Office of Equal Employment Opportunity, at sahn1@health.nyc.gov or 347‑396‑6549. This position is also open to qualified persons with a disability who are eligible for the 55‑a Program. Please indicate at the top of your resume and cover letter that you would like to be considered for the position through the 55‑a Program.
Residency Requirement: New York City residency is generally required within 90 days of appointment. Certain titles may qualify for residency in other counties upon two continuous years of service with the City.
Public Service Loan Forgiveness: Eligible employees may qualify for federal loan forgiveness programs and state repayment assistance programs. For more information, visit the U.S. Department of Education’s website at https://studentaid.gov/pslf/.
The City of New York is an inclusive equal‑opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment free from discrimination and harassment based on any legally protected status or characteristic, including but not limited to sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.
#J-18808-Ljbffr
Cybersecurity Senior Data Analyst
role at the
NYC Department of Health and Mental Hygiene . This position reports to the Cyber Security IT Audit Manager in the Bureau of Audit Services, Office of the Chief Operating Officer, and it plays a leading role in risk‑based assessments of the Department’s operational efficiencies, control effectiveness, and compliance with federal laws such as HIPAA, Citywide policies, and the New York City Comptroller’s directives.
Responsibilities
Plan and execute advisory, assessment and audit projects using IT Governance, Risk and Compliance (GRC) best practices, methodologies and tools.
Conduct research and analysis of agency systems, IT hardware and network infrastructure, programs, IT contracts and procurement, IT professional services, and compliance with the City’s and Agency’s policies and procedures and with federal and industry standards, frameworks and controls.
Assist in developing cybersecurity audit plans, test plans, system analyses and IT system controls.
Document and present IT advisory, assessment and audit reports including test results to all levels of management.
Perform cybersecurity IT audits, security risk assessments, IT system integrity testing, IT controls reviews and integrated audits with fiscal auditors.
Research, analyze and evaluate risks and controls relevant to cybersecurity and provide risk assessment and risk mitigation recommendations.
Document project lessons learned and help identify risk management and performance improvement opportunities.
Support Audit Management in conducting internal reviews of the Department’s general IT system controls (e.g., access control, audit and accountability, configuration management, contingency planning, incident response and disaster recovery, physical and environmental protection, data center operations, supply chain risk management), and recommend controls to mitigate risks.
Support the assessment of Department’s compliance with federal requirements such as HIPAA Security and Privacy rules.
Maintain ongoing and open communication with the Department’s programs, including the Division of Information Technology Office of Cybersecurity on general and application control issues and implementation of corrective actions.
Prepare and maintain complete work paper documentation, memos, and letters.
Act as the agency’s representative during external audits/reviews, and as a liaison between the Comptroller’s Office, third party auditors/reviews and the division/bureau being audited.
Seek self‑improvement through education, certification, training, and staying abreast of current and emerging technologies; research and stay updated on IT risk management and relevant audit concepts and methods.
Qualifications
A baccalaureate (BA/BS) degree in information technology, computer science, systems engineering, cybersecurity, accounting, business, or a related area, with 24 semester credits in computer science, accounting and auditing, or related field and at least one year of experience in IT systems and cybersecurity audit, risk, governance or compliance management, incident management, or operations.
Highly motivated, self‑directed and organized professional with the ability to plan and execute projects.
Strong business analysis skills and a curious mindset; excellent oral and written communication skills.
Ability to work independently when given specific instructions.
Excellent interpersonal and relationship building skills.
Adaptability to change, ability to handle multiple projects concurrently and meet deadlines.
Understanding of the CIA Triad and cybersecurity frameworks such as ISO 27000, COBIT 5, and NIST CSF and 800‑53.
Related industry certifications or actively pursuing certifications such as Security+, CISSP, CISA, and/or CISM.
Advanced knowledge of Microsoft Office Suite: Word, Excel, PowerPoint, Access, and Visio.
Experience with ACL (Audit Command Language) or SQL is a plus.
Basic understanding of commonly used operating systems, databases and network structures.
Ability to create and maintain project plans with Gantt charts and other audit project record tools.
Minimum Qualifications
A bachelor’s degree, including 24 semester credits in cybersecurity, network security, computer science, programming, engineering, IT, information science, information systems management, network administration, or a relevant technical field; or
A four‑year high school diploma (or equivalent) with three years of satisfactory experience in any of the areas described above; or
Equivalent education and/or experience as described above; College education may be substituted for up to two years of required experience on the basis that sixty semester credits equal one year of experience. In addition, twenty‑four credits from an accredited institution in a related field, or a certificate of at least 625 hours in computer programming, may substitute for one year of experience.
Benefits
Loan forgiveness and repayment assistance programs.
Premium‑free health insurance plan with significant cost savings.
Additional health, fitness, and financial benefits (dependent on union/benefit fund).
Public sector defined benefit pension plan.
Tax‑deferred savings program.
Worksite Wellness Program.
Work‑from‑home options (up to two days per week).
Job security and opportunity to impact community health.
The NYC Health Department is an inclusive equal opportunity employer committed to providing access and reasonable accommodation to all individuals. To request reasonable accommodation to participate in the job application or interview process, contact Sye‑Eun Ahn, Director of the Office of Equal Employment Opportunity, at sahn1@health.nyc.gov or 347‑396‑6549. This position is also open to qualified persons with a disability who are eligible for the 55‑a Program. Please indicate at the top of your resume and cover letter that you would like to be considered for the position through the 55‑a Program.
Residency Requirement: New York City residency is generally required within 90 days of appointment. Certain titles may qualify for residency in other counties upon two continuous years of service with the City.
Public Service Loan Forgiveness: Eligible employees may qualify for federal loan forgiveness programs and state repayment assistance programs. For more information, visit the U.S. Department of Education’s website at https://studentaid.gov/pslf/.
The City of New York is an inclusive equal‑opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment free from discrimination and harassment based on any legally protected status or characteristic, including but not limited to sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.
#J-18808-Ljbffr