Review Vacancy
TitleChief Information Security Officer
Occupational CategoryI.T. Engineering, Sciences
Bargaining UnitM/C - Management / Confidential (Unrepresented)
Salary RangeFrom $120000 to $130000 Annually
Minimum Qualifications • Bachelor’s degree* and five years of information technology experience, including three years of information security or information assurance experience.
* Appropriate information security or information assurance experience may substitute for the Bachelor’s degree on a year-for-year basis; an Associate’s degree requires an additional two years of information technology, information security, or information assurance experience. Experience solely in information security or information assurance may substitute for the general information technology experience.
Duties Description The Chief Information Security Officer – Special Assistant will report to the Chief Information Officer of NYSIF and have responsibility for the coordination of NYSIF’s information security. This includes coordination with the Chief Compliance Officer. This reporting relationship creates a protocol to insure that information security policies are established and implemented to protect NYSIF’s vital information assets. Duties will include but not be limited to:
• Development of a comprehensive information security plan to improve and insure agency security levels. This includes the recommendation and design of security strategies and solicitation of internal and external customers to incorporate their needs into the plan.
• Coordination, supervision and implementation of all security initiatives as related to physical plants, technological systems and administrative operations.
• Coordination of security plan training for agency staff and assisting and training NYSIF departmental staff to conduct information asset inventories and define criticality of information.
• Monitoring of policies, procedures and practices to prevent unauthorized access to agency facilities, equipment and systems; to prevent disruption/denial of service due to unauthorized use of electronic databases; to prevent alteration of any documents and/or information stored in electronic databases.
• Implementation and oversight of security initiatives with NYSIF staff and external consultants, such as NYSIF’s Disaster Recovery provider. Dissemination of changes to policies, practices and protocols to insure consistency, efficiency in security measures.
• Maintaining communications with Executive Management and Board of Commissioners, informing them of internal/external security risks/breaches.
• Reviewing and approving all external network connections to NYSIF network, including review of the sensitivity of data to be shared, responsibilities of each party for information security, controls required to transmit and use information and examining/approving measures each user has in place to protect information. Define measures used to assess compliance and establish a schedule and procedure for reviewing controls.
• Functioning as a liaison with the Office of Cyber Security and Critical Infrastructure coordination (OCSCIC) in ensure NYSIF’s compliance with statewide security policies, standards and controls.
Additional Comments The New York State Insurance Fund (“NYSIF” or the “Fund”) is a self supporting state fund that provides workers’ compensation and disability benefits insurance in New York. With written premium of over $2 billion, NYSIF is the largest workers’ compensation insurance carrier in New York, and the sixth largest carrier in the country.
Some positions may require additional credentials or a background check to verify your identity.