The New York State Department of Financial Services seeks to build an equitable, transparent, and resilient financial system that benefits individuals and supports business. Through engagement, data-driven regulation and policy, and operational excellence, the Department and its employees are responsible for empowering consumers and protecting them from financial harm; ensuring the health of the entities we regulate; driving economic growth in New York through responsible innovation; and preserving the stability of the global financial system.

The Deputy Superintendent for Information Security will report directly to the Chief Technology Officer. The Deputy will be responsible for the supervision of the Information Security Bureau, including leading teams that ensure that information security policies and procedures are established and implemented to protect the information assets of DFS.

Duties include, but are not limited to:

• Advises the Superintendent and the DFS Senior Leadership team members on all areas of Cyber Security;
• Works with NYS ITS CISO and Chamber Cyber Security leadership on all topics related to Cyber Security;
• Works with all business units within DFS, to determine possible risks and risk management processes;
• Works to analyze emerging IT security threats in real-time and mitigates these threats as appropriate;
• Formulates, documents, implements and assess cyber governance process;
• Develops, implements and disseminates up-to-date department-wide information security policies and procedures to address issues presented by rapidly changing technology;
• Leads a risk-based process for vendor risk management, including the assessment and treatment for risks that may result from partners, consultants and other service providers;
• Manages and maintains a security and risk management awareness training program for DFS staff, contractors, and approved system users;
• Plans and executes disaster recovery and business continuity strategies;
• Assists with the development and maintenance of a Disaster Recovery/Business Continuity Plan;
• Oversees Cyber Incident Response, and coordinates efforts to restore and recover from events that may negatively affect information, systems and critical infrastructure that support Department business functions;
• Provides routine updates on cyber risks, incidents and priority initiatives, and works with executive management to prioritize initiatives and spending to reduce cybersecurity risk and improve the overall information security program;
• Functions as an internal consulting resource on information security issues, including policy and regulatory issues;
• Participates on teams charged with designing new applications or making major modifications to existing systems to ensure auditability and security are considerations from the inception;
• Ensures that security programs are in compliance with relevant laws, regulations and policies;
• Performs full range of supervisory responsibilities for the Information Security Bureau;
• Develops, justifies and implements cybersecurity investments for existing and future security solutions; and
• Reviews results of special investigations, internal audits, research studies, forecasts, and modeling exercises to provide direction and guidance as needed.

Preferred Qualifications

• Bachelor’s Degree in Information Security, Computer Science, Management of Information Systems, or related field required. Masters and professional certifications, such as CISSP, preferred.
• Minimum of ten (10) years of experience in a combination of risk management, information security and information technology fields. Experience in a leadership role is preferred. Employment history should demonstrate increasing levels of responsibility.
• Knowledge of common information security management frameworks, such as NIST.
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
• Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic environment.

Appointment method:

This is an appointment to a position in the exempt jurisdictional class. As such, the incumbent of this position would serve at the pleasure of the appointing authority.

Positions located within the New York City metropolitan area, as well as Suffolk, Nassau, Rockland, and Westchester Counties, are also eligible to receive an additional $3,400 annual downstate adjustment.

Appointment Status: This is an appointment to a position in the exempt jurisdictional class.

Appointment to this position is pending Governor Appointment’s Office and Division of Budget approval.

To Apply: Interested qualified candidates must submit a resume and letter of interest no later than Mat 7, 2024 to the email address listed below. Please include Box# (Box DSIS-DFSP3-10105) in the subject line of your email to ensure receipt of your application. Email submissions are preferred.

Nathan Keiper

Box DSIS-DFSP3-10105

New York State Department of Financial Services Office of Human Resources Management One Commerce Plaza, Suite 301 Albany, NY 12257

Email: NCE.Notifications@dfs.ny.gov Fax: (518) 402-5071

All candidates that apply may not be scheduled for an interview

Public Service Loan Forgiveness

Employment with New York State qualifies an individual for Public Service Loan Forgiveness (PSLF). This program forgives the remaining balance on any Direct Student Loans after you have made 120 qualifying monthly payments while working full-time for a U.S. federal, state, local, or tribal government or not-for-profit organization. To learn more about the program and whether you would qualify, please visit: https://studentaid.gov/manage-loans/forgiveness-cancellation/public-service

AMERICANS WITH DISABILITIES ACT: REASONABLE ACCOMMODATIONS

Under the Americans with Disabilities Act (ADA), the Department of Financial Services is required to provide reasonable accommodation for known physical or mental limitations of an otherwise qualified applicant with a disability if an accommodation would enable the applicant to perform the essential functions of the job. If the accommodation would constitute an undue hardship on the operations of the agency, the agency is not required to provide it.

All people with disabilities are encouraged to apply to all jobs for which they meet the minimum qualifications

Pursuant to Executive Order 161, no State entity, as defined by the Executive Order, is permitted to ask, or mandate, in any form, that an applicant for employment provide his or her current compensation, or any prior compensation history, until such time as the applicant is extended a conditional offer of employment with compensation. If such information has been requested from you before such time, please contact the Office of Employee Relations at (518) 473-3130 or via email at response@oer.ny.gov.

Job Type: Full-time

Pay: $162,868.00 - $201,711.00 per year

Schedule:

• Monday to Friday

People with a criminal record are encouraged to apply

Ability to Relocate:

• New York, NY 10004: Relocate before starting work (Required)

Work Location: Hybrid remote in New York, NY 10004