IT Security Specialist

NYC Department of Health
This job has been expired

Job Description

Established in 1805, the New York City Department of Health and Mental Hygiene (the NYC Health Department) is the oldest and largest health department in the country. Our mission is to protect and improve the health of all New Yorkers, in service of a vision of a city in which all New Yorkers can realize their full health potential, regardless of who they are, how old they are, where they are from, or where they live.

As a world-renowned public health agency with a history of building transformative public health programming and infrastructure, innovating in science and scholarship to advance public health knowledge, and responding to urgent public health crises — from New York City’s yellow fever outbreak in 1822, to the COVID-19 pandemic — we are a hub for public health innovation, expertise, and programs, and services. We serve as the population health strategist, and policy, and planning authority for the City of New York, while also having a vast impact on national and international public policy, including programs and services focused on food and nutrition, anti-tobacco support, chronic disease prevention, HIV/AIDS treatment, family and child health, environmental health, mental health, and racial and social justice work, among others.

Our Agency’s five strategic priorities, building off a recently-completed strategic planning process emerging from the COVID-19 emergency, are:
1) To re-envision how the Health Department prepares for and responds to health emergencies, with a focus on building a “response-ready” organization, with faster decision-making, transparent public communications, and stronger surveillance and bridges to healthcare systems 2) Address and prevent chronic and diet-related disease, including addressing rising rates of childhood obesity and the impact of diabetes, and transforming our food systems to improve nutrition and enhance access to healthy foods
3) Address the second pandemic of mental illness including: reducing overdose deaths, strengthening our youth mental health systems, and supporting people with serious mental illness
4) Reduce black maternal mortality and make New York a model city for women’s health
5) Mobilize against and combat the health impacts of climate change

Our 7,000-plus team members bring extraordinary diversity to the work of public health. True to our value of equity as a foundational element of all of our work, and a critical foundation to achieving population health impact in New York City, the NYC Health Department has been a leader in recognizing and dismantling racism’s impacts on the health of New Yorkers and beyond. In 2021, the NYC Board of Health declared racism as a public health crisis. With commitment to advance anti-racist public health practices that dismantle systems that perpetuate inequitable power, opportunity and access, the NYC Health Department continues to work in and with communities and community organizations to increase their access to health services and decrease avoidable health outcomes.


The nation’s leading public health agency, The New York City Department of Health and Mental Hygiene (DOHMH) is seeking a Cyber Audit Manager to join DOHMH’s Bureau of Audit Services, the internal audit function for DOHMH. The Cyber Audit Manager will supervise a team of IT audit and data analysis team and will report to the Assistant Commissioner for Audit Service and Medicaid Compliance Officer, who reports to the Chief Operating Officer/Executive Deputy Commissioner. The Bureau of Audit Services plays a leading role in risk-based assessments of the Department’s operational efficiencies, control effectiveness and compliance with federal laws, such as the Health Insurance Portability and Accountability Act (HIPAA), New York State’s Code of Rules and Regulations, New York City’s Administrative and Health codes and Comptroller directives. 


–Develop and implement a technology risk assessment process that is designed to identify, trend, evaluate and report on the top technology and Cyber security vulnerabilities across DOHMH.

–Analyze and evaluate risks and controls relevant to cyber security including, identity and access security, web applications security, mobile applications, data sharing, third-party providers etc. and provide risk reduction recommendations.

–Perform system control audits, general control reviews and integrated audits.

–Assess Department’s compliance with HIPAA Privacy and Security laws, evaluate Department’s Cybersecurity governance, policies and procedures against National Institute of Standards and Technology (NIST), applicable regulatory and citywide standards. Recommend solutions to control weaknesses and to policies and procedures.

–Develop written reports of IT and business risks, control descriptions, findings and recommendations.

–Manager, supervise and mentor the Cyber audit staff and data analysts.

–Maintain on going and open communication with the Department’s IT leadership.

–Validate the implementation of corrective actions.

–Research and stay up to date on Cyber security risk management and relevant audit concepts and methods.

Minimum Qual Requirements

A baccalaureate degree from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the particular position; or,

Education and/or experience which is equivalent to “1” above.

Preferred Skills

The preferred candidate should possess the following:
o A baccalaureate degree from an accredited college or university with 24 semester credits in forensic accounting, fraud examination, data analytics, cyber security, information systems management, or information systems related field,
o Professional audit licensure/certification: Certified Public Accountant (CPA), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), or Certified Information Systems Security Professional (CISSP) preferred IT quality assurance experience a plus.
o At least 3 to 5 years of experience in planning and conducting IT audits and cybersecurity assessments, and data analytics.
o 2+ years managing information security assessments.
o Strong knowledge of audit processes and ability to review and manage the quality of audit work.
o Experience in auditing applications, interfaces, system infrastructure, data processing and technology general controls.
o Proficient knowledge of enterprise class networks, data center, virtualization, storage, backup, disaster recovery, high availability, encryption, mobile and cloud systems
o Experienced in integrated audits, Systems Development Life Cycle (SDLC)
o Experienced in the application of Control Objectives for Information and Related Technologies (COBIT) framework and NIST
o Highly organized, motivated and self-directed professional.
o Excellent task management, information management, and organizational skills.
o Excellent interpersonal and relationship building skills

Additional Information


Please note:  If you are called for an interview you will be required to bring to your interview copies of original documentation, such as:
• A document that establishes identity for employment eligibility, such as: A Valid U.S. Passport, Permanent Resident Card/Green Card, or Driver’s license. 

• Proof of Education according to the education requirements of the civil service title. 

• Current Resume  

• Proof of Address/NYC Residency dated within the last 60 days, such as: Recent Utility Bill (i.e. Telephone, Cable, Mobile Phone)

Additional documentation may be required to evaluate your qualification as outlined in this posting’s “Minimum Qualification Requirements” section. Examples of additional documentation may be, but not limited to: college transcript, experience verification or professional trade licenses.

If after your interview you are the selected candidate you will be contacted to schedule an on-boarding appointment.   By the time of this appointment you will be asked to produce the originals of the above documents along with your original Social Security card.


As a prospective employee of the City of New York, you may be eligible for federal loan forgiveness programs and state repayment assistance programs. For more information, please visit the U.S. Department of Education’s website at


To Apply

Apply online with a cover letter to  In the Job ID search bar, enter: job ID number # 588053.

We appreciate the interest and thank all applicants who apply, but only those candidates under consideration will be contacted.

The NYC Health Department is committed to recruiting and retaining a diverse and culturally responsive workforce. We strongly encourage people of color, people with disabilities, veterans, women, and lesbian, gay, bisexual, and transgender and gender non-conforming persons to apply.

All applicants will be considered without regard to actual or perceived race, color, national origin, religion, sexual orientation, marital or parental status, disability, sex, gender identity or expression, age, prior record of arrest; or any other basis prohibited by law.

NOTE: This position is open to qualified persons with a disability who are eligible for the 55-a Program. Please indicate in your resume that you would like to be considered for the position under the 55-a Program.

Residency Requirement

New York City Residency is not required for this position