Job Description

The New York City Department of Correction (DOC) is an integral part of the City’s evolving criminal justice system, participating in reform initiatives and strategies. The DOC is responsible for maintaining a safe and secure environment for our employees, visitors, volunteers and people in our custody. Importantly, safe jails enable DOC to provide people in custody with the tools and opportunities they need to successfully re-enter their communities. The DOC operates facilities and court commands across the five boroughs with more than 6,000 incarcerated individuals and 7,500 diverse professionals and knowledgeable experts.

The New York City Department of Correction is currently seeking a dynamic and experienced candidate with proven leadership skills to lead and serve as the Associate Commissioner of Security Operations. Reporting directly to the Deputy Commissioner of Security Operations, the selected individual will be responsible for assisting with leading the agency’s security operation portfolio work in facilities on Rikers Island, borough commands, and hospital prison wards.

• Conduct regular security audits and risk assessments to identify vulnerabilities and ensure compliance with relevant regulations.
• Monitor the agency’s security systems, videos, and networks for potential threats and defects, and promptly investigate and mitigate security incidents.
• Develop and maintain incident response plans, ensuring timely and effective responses to security breaches.
• Assist in providing technical support on correctional security best practices and resolving difficult classification decisions.
• Support the training of staff in security procedures, operations, and methodologies.
• Maintain and update the Department’s security directives in conjunction with the Policy and Procedures unit.
• Establish standards and procedures for the collection of data and information on persons in custody, and use data to make constructive and sensitive decisions.
• Lead proactive security awareness programs and training initiatives to educate employees about best practices and potential threats.
• Help track security-related trends and proactively develop comprehensive security plans.
• Collaborate effectively with the Assistant Chief of Security Operations, Information Technology Division, Correctional Intelligence Bureau, Office of Facility Operations, Division of Strategic Operations and other relevant stakeholders.

Required Qualifications

NA

Preferred Qualifications

NA

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.

Job Description Summary

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Company Overview

LOB Overview: Global Information Security (GIS) is responsible for protecting bank information systems, confidential and proprietary data, and customer information. GIS develops the bank's Information Security strategy and policy, manages the Information Security program, identifies and addresses vulnerabilities and operates a global security operations center that monitors, detects and responds to cybersecurity incidents. Within GIS, Identity and Access Management (IAM) is a security discipline that enables the right individuals to access the right resources at the right times and in the right context. IAM addresses the mission-critical need to ensure appropriate access to the resources across increasingly heterogeneous technology environments, and to meet increasingly rigorous compliance requirements.

• An advocate and leader reinforcing the need for restricting permission assignment to users and birthright access application through hands-on support activities.
• Leads the team in providing tool and process support on bundle creation and maintenance.
• Connects with First Line of Defense on product pain points and recommends product and capability improvements.
• Respond to audit and regulatory requests as needed.
• Work closely with Cybersecurity, audit, compliance, legal, and stakeholders to define access policies, user roles, and access control procedures for our diverse technology and lines of business landscape.
• Ensure the team coordinates with Governance services on new or changing controls and executes accordingly.
• Establishes a framework of policies and technologies as it relates to role and attribute-based access controls through collaboration with FLU, Technology, Product, and Architecture. Advises on access model best practices by acting as SME.
• Support the team members by providing technical guidance as well as assist other on-going engagements for resolving critical issues.
• Investigate and troubleshoot complex technical issues, perform root-cause analysis for high severity issues, and provide permanent resolution.
• Work with technology vendors as appropriate to resolve product issues, technology evaluations, and design reviews.
• Meets demands of managing multiple work streams, communicating effectively with senior technology and business leadership, and demonstrate experience leading large and complex projects and global programs.
• Assess and advise on modernizing IAM capabilities and methodologies, including development of strategies, readiness assessment, development of training and communications.
• Operate as an advisor for our distributed IAM teams to help them to elect the best solution for resolving the identified / possible technical issues or security threats in the system / infrastructure.
• Harness familiarity with IT security and risk management practices on risk mitigants.

Required Qualifications:

• 10+ years experience in IAM working on complex projects and programs
• Strong interpersonal and influencing skills
• Excellent organizational skills, able to manage multiple work streams simultaneously and respond to rapidly changing demands
• Demonstrated experience working with frequently-utilized IAM vendor solutions such as SailPoint, Savyint, ForgeRock, Ping, Okta, Varonis, and CyberArk in large enterprises for the purpose of governing security.
• Experience in configuring and deployment of Single Sign On and MFA solutions, IGA solutions, and PAM Solutions
• Hands-on on WAM products and particularly on Ping suite of products (Ping Access, Ping Federate and PingID) and federation concepts

Preferred Qualifications:

• Good knowledge of Web / Application servers (e.g. IIS, WebSphere, WebLogic, JBoss, and Apache etc.)
• Strong technical knowledge of authentication and authorization including Authz and Authn, OIDC, SAML, XACML, LDAP, OAuth, OpenID
• Experience working on various operating systems such as Windows, Linux, Solaris etc.
• Working knowledge on Databases such as MS SQL, Oracle, mySQL
• Good understanding or hands-on experience on JSON, REST and SOAP
• Advanced knowledge of cloud platforms (AWS, Azure, GCP etc.) experience in deploying and managing AM solutions on cloud platforms. AWS is preferred
• Deep knowledge and experience working with technology infrastructure including Windows, Active Directory, LDAP, Unix/Linux, databases, authentication protocols, and containers

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

Shift: 1st shift (United States of America)

Hours Per Week: 40

Pay Transparency details

US - CO - Denver - 1144 15th St - Denver Gis (CO9926), US - DC - Washington - 1800 K St NW - 1800 K Street NW (DC1842)

Pay and benefits information

Pay range

$160,000.00 - $185,100.00 annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

Benefits

This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.

Summary of This Role

Develops and leads one or more of the following highly technical and specialized areas within information security: Security Engineering, Security Architecture, Forensics Analysis, Threat Analysis, Threat Hunting, and Penetration Testing. Manages the development, deployment, and execution of enterprise security controls and defenses. Monitors, analyzes, and exploits system vulnerabilities to detect potential threats. Executes containment, mitigation, and protection processes to safeguard against real-time threats while maintaining critical documentation and evidence. Determines risk and exposure from security breaches and resolves incidents while providing guidance to business decision-makers.

Company Overview

Every day, Global Payments makes it possible for millions of people to move money between buyers and sellers using our payments solutions for credit, debit, prepaid, and merchant services. Our worldwide team helps over 3 million companies, more than 1,300 financial institutions, and over 600 million cardholders grow with confidence and achieve amazing results. We are driven by our passion for success and we are proud to deliver best-in-class payment technology and software solutions. Join our dynamic team and make your mark on the payments technology landscape of tomorrow.

• Tracks and supports the delivery of information security solutions. Manages the tactical activities of installing and configuring security systems, software, and applications. Coordinates responses to intrusions and provides remediation guidance and support.
• Coordinates resources on highly complex development projects including approval of design specifications and scope. Provides input to short-term security technology roadmaps regarding the applicability of new technologies. Disseminates updates to InfoSec Architectural policies, standards, and guidelines to team members.
• Reviews forensic investigations and analysis of reported cyber incidents to evaluate root cause vectors and necessary control measures needed to prevent future occurrence. Implements appropriate countermeasures to recover deleted, hidden, or lost user data.
• Coordinates research and analysis of threat actor profiles and associated indicators to detect potential threats. Implements recommended actions and security tools to identify, monitor, and mitigate attacks. Coordinates with external security organizations to exchange threat intelligence.
• Coordinates complex threat assessment to evaluate incident impact and risk exposure. Reviews cyber operations intelligence and/or indications and warnings intelligence products (e.g., threat assessments, briefings, intelligence studies, country studies), and draws conclusions on possible implications or applicability. Guides the threat intelligence collection process to enhance analytical capabilities.
• Manages execution of penetration testing activities on core systems. Articulates the outcome of stimulated attacks and underlying security issues or system weaknesses. Recommends and institutes remediation techniques or improvements to protect and maintain security frameworks and controls.
• Supports the evaluation and selection of security applications and systems. Manages the implementation of access control defenses. Provides quality review on the evaluation and documentation of team procedures. Manages development, deployment, and support activities for multiple critical security technologies to include problem resolution and management, application maintenance, project requests, and system enhancements.
• Not an exhaustive list; other duties as assigned.

Minimum Qualifications

• Bachelor's Degree
• Relevant Experience or Degree in: Information Security or Computer Science preferred. Other majors will be considered.
• Typically a minimum of 6 years related professional experience and prefers a minimum of 1-2 years experience in a supervisory position.
• One or more of the following-CISSP, CISA, CISM, PCI-QSA, PA-QSA, PCIP, CRISC, CGEIT, Certified Forensic Computer Examiner (CFCE), Certified Cyber Threat Analyst (CCTA), Certified Computer Examiner (CCE)

Preferred Qualifications

• Prior Global Payments, payment or technology industry experience is preferred.
• Master's Degree in a related field of study from an accredited university.

Global Payments Inc. is an equal opportunity employer. Global Payments provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including pregnancy), national origin, ancestry, age, marital status, sexual orientation, gender identity or expression, disability, veteran status, genetic information or any other basis protected by law. If you wish to request reasonable accommodations related to applying for employment or provide feedback about the accessibility of this website, please contact jobs@globalpay.com.