×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant

Information Systems Auditor; Cybersecurity Analyst

Job in New York, New York County, New York, 10261, USA
Listing for: New York State Department of Health
Full Time position
Listed on 2026-02-18
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Position: Information Systems Auditor (Cybersecurity Analyst) - 23540
Location: New York

Duties May Include But Are Not Limited To Following Duties Description

  • Assist in developing DOH Cybersecurity Program in alignment with regulatory requirements and industry best practices.
  • Assist in developing DOH cybersecurity Governance, Risk and Compliance (GRC) Initiatives.
  • Assist in developing cybersecurity regulation, policies, standards, and best practices for DOH and DOH’s regulated entities.
  • Serve as an information security expert and evaluate systems and contracts for alignment with agency and State information security policies.
  • Serve as information security expert and advise and provide assistance to DOH programs in cybersecurity related matters.
  • Conduct cybersecurity risk assessments, threat and vulnerability analysis, and perform security testing.
  • Maintain cybersecurity risk register, including reporting and tracking of remediations.
  • Develop communication materials for both technical and non‑technical audiences as directed.
  • Assist in developing cyber incident response plan, procedures and playbooks.
  • Assist in designing, planning, and facilitating cyber security tabletop exercises to foster information‑sharing and enhance cyber awareness with relevant stakeholders.
  • Perform cyber incident response and recovery activities as required and assigned.
  • Administer security awareness training exercises targeted to department staff members and regulated entities on cyber security best practices.
  • Perform other duties as required.
Qualifications

Minimum Qualifications

Non‑Competitive: a bachelor’s degree and three years of IT auditing experience*; or an associate’s degree and five years of IT auditing experience*.

  • IT auditing experience must have been gained in any one or combination of the following: an information system or audit professional with responsibility for designing, developing, and evaluating mainframe and server‑based audit systems; an information system or audit professional with responsibility for designing and programming tests to perform audits of physical and logical access controls of mainframe and server‑based systems; an information system or audit professional with responsibility for data extraction, manipulation and analysis using information from diverse sources, including preparation and presentation of written reports of findings suitable for non‑technical audience;

    and an information system or audit professional with responsibility for supporting an audit group, including developing and maintaining audit systems and identifying and providing data in support of audit activity.
Preferred Qualifications
  • Master’s degree in Cybersecurity, Risk Management, Information Systems, Health Information Management, Computer Science, or a related field.
  • Certification in one or more of the following:
  • Certified Information Systems Auditor (CISA)
  • Certified Information Systems Security Professional (CISSP)
  • (ISC)2 Systems Security Certified Practitioner (SSCP)
  • Certified in Risk and Information Systems Control (CRISC)
  • Certified Information Security Manager (CISM)
  • CompTIA Security+
  • CEH:
    Certified Ethical Hacker
  • Ability to work effectively in a team environment - Being highly organized, motivated and a self‑directed professional.
  • Knowledge of hardware, software, data, and network principles and systems related to health or public health sector.
  • Understanding of commonly used computer operating systems, databases, network structures.
  • Familiarity with cybersecurity regulations and framework(s) (HIPAA, HITECH, NIST, PCI, ISO 27001/27002, CIS, OWASP Top 10).
  • Investigative and analytical skills.
  • Excellent oral and written communication skills, including the ability to explain complex technical issues in plain language.
  • Knowledge of the current and evolving cyber threat landscape.
  • Knowledge of laws, regulations, policies, and ethics related to cybersecurity and information privacy.
Additional Comments

This position is being recruited in both New York City and Albany; the position may be filled at either location.

This position may require travel throughout New York State including overnights to areas not served by public transportation.

We offer a work‑life balance and a generous benefits package, worth 65% of salary,…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search