IT Security Engineer Manager


: $34,390.00 - $53,240.00 /year *

Employment Type

: Full-Time


: Information Technology

Mayor s Office of Contract Services (MOCS) oversees and supports the procurement activities of City agencies, with a goal to ensure fairness, transparency, efficiency and cost effectiveness. The Director is the City Chief Procurement Officer. Annually, agencies procure billions in products and services from a diverse pool of vendors that represent various industries. MOCS partners with industry groups to implement policies and tools that streamline and modernize procurement, resulting in the delivery of quality services to New Yorkers. Team members operate in a fast-paced, collaborative, service-oriented environment, where flexibility and ability to achieve results are valued.

MOCS is recruiting a IT Security Engineer Manager who will lead the implementation and management of information security controls to optimize the overall information security posture of MOCS. The candidate will manage and conduct periodic risk assessments to develop and implement appropriate mitigation plans. The candidate will also advise technical professionals on the implementation of security controls to meet security and privacy compliance requirements in accordance with DoITT Citywide security policies and provide overall information security awareness for the agency. Responsibilities include, but are not limited to the following:

  • Lead day to day IT security operations for MOCS.
  • Manage and coordinate operational components of incident management, including detection, response and reporting.
  • Manage production issues and incidents, and participate in problem and change management forums.
  • Assist and guide the disaster recovery planning in the selection of recovery strategies and the development, testing and maintenance of disaster recovery plans.
  • Design, coordinate and oversee security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks.
  • Collaborate with NYC Cyber Command, DOITT IT Security and IT security vendors to provide solutions addressing the full cyber event and incident response life cycle.
  • Consult with DOITT IT Engineering and operations teams to ensure that security is factored into the resolution, selection, installation and configuration of hardware, applications and software.
  • Recommend and coordinate the implementation of technical controls to support and enforce defined security policies.
  • Research, evaluate, design, test, recommend and plan the implementation of new or updated information security hardware or software.
  • Provide technical and managerial expertise for the administration of security tools.
  • Lead large-scale projects that include infrastructure upgrades, new technology, pen testing, vulnerability analysis and risk management.
  • Provide security communication, awareness and training for audiences which may range from senior leaders to field staff.
  • Work with various stakeholders to identify information asset owners to classify data and systems as part of an access control framework implementation.
  • Serve as an active and consistent participant in the information security governance process.
  • Work with the IT and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security program.
  • Assist with the design and compliance of internal security policies and applicable laws and regulations.
  • Provide support and guidance for legal and regulatory compliance efforts, including audit support.
  • Coordinate the development of risk assessments, audit plans and scopes for internal audit and compliance engagements.
  • Prepare and review internal audit and compliance reports.
  • Ensure that a full security assessment, including a vulnerability scan and penetration test is carried out so that an information security strategy is developed and aligned to service and operational requirements.
  • Perform special projects and initiatives as assigned.

Minimum Qualification Requirements:

  1. Graduation from an accredited college with a baccalaureate degree; or
  2. Graduation from an accredited community college plus two years of experience with administrative, analytic, coordinative, supervisory or liaison responsibilities; or
  3. A four-year high school diploma or its educational equivalent plus four years of experience as described in 2 above; or
  4. A satisfactory equivalent combination of education and experience

Preferred Skills:

  • Experience in large enterprise security planning, design, configuration, installation, troubleshooting, integration, security performance monitoring, product maintenance, and security product configuration enhancements
  • Demonstrated capabilities to assess organizational cybersecurity hygiene, quantify cyber risks, and recommend tactical and strategic courses of action
  • Knowledge of information security technologies, complex network architecture, internet connectivity and DMZ strategies
  • Knowledge of common information security management frameworks, such as NIST.
  • Understanding of the current cyber threat landscape, attack methodologies, and risk mitigation/ remediation strategies.
  • Experience in cyber forensics and threat analysis.
  • Knowledge of data management and data classification concepts, architecture, federation, PKI and cryptography.
  • Knowledge of data privacy regulations, and compliance issues.

Preferred business skills include:

  • Exceptional knowledge of Microsoft Office programs such as Word, Excel, Access, PowerPoint and Visio.
  • Outstanding collaboration, team building and problem-solving skills.
  • Ability to communicate with all levels of stakeholders for requirements gathering and clarifying requirements.
  • Excellent analytic, organization, presentation and facilitation skills with the ability to handle multiple tasks under tight deadlines.
  • Attention to detail.
  • Learn and adapt to new management software systems (i.e. Remedy, HP Quality Center, SharePoint, etc.)

Residency Requirement:

New York City residency is generally required within 90 days of appointment. However, City Employees in certain titles who have worked for the City for 2 continuous years may also be eligible to reside in Nassau, Suffolk, Putnam, Westchester, Rockland, or Orange County. To determine if the residency requirement applies to you, please discuss with the agency representative at the time of interview.

Additional Information:

Mayor s Office of Contract Services is an equal opportunity employer.

Special accommodations provided for applicants with disabilities.

Mayor s Office of Contract Services recognizes the unique skills and strengths gained through military service. Veterans and service members of the U.S. Armed Forces are strongly encouraged to apply.


The U.S. Department of Education provides student loan forgiveness through the Public Service Loan Forgiveness Program (PSLFP) to qualifying public service employees. As an employee of the City of New York, you may be eligible for loan forgiveness should you meet the program s eligibility requirements. For additional information on the PSLFP, please visit .

To Apply:

External Applicants, please go to and search for Job ID#: 397561.

Current City Employees, please go to and search for Job ID#: 397561.

Applicants may apply for jobs via NYCAPS with Apple products if they use the appropriate browser, such as Firefox, Chrome and/or Safari.

No phone calls, faxes, or personal inquiries permitted.

Only those candidates under consideration will be contacted.

- provided by Dice
Associated topics: chief program officer, cpo, manage, manager, management, monitor, product manager, project manager, relationship manager, task * The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.

Launch your career - Upload your resume now!

Upload your resume

Loading some great jobs for you...