ORGANIZATION OVERVIEWUrban Resource Institute (URI) is a dynamic, innovative, and well-respected organization founded in 1980 that transforms the lives of domestic violence survivors and homeless families through safe shelter and comprehensive services; delivers prevention and intervention programs that break cycles of violence and poverty; and actively works for sustainable systemic change. URI is the oldest licensed provider of domestic violence (DV) shelter and services in New York State, and is the largest provider in the United States of DV shelter services, as well as a leading provider of shelter and services for homeless families. URI has a deep commitment to diversity, equity, and inclusion among leadership, staff, and clients at residential and nonresidential sites across New York City.POSITION OVERVIEW At Urban Resource Institute (URI), our success depends on our people, productivity, and procedures. The Cybersecurity Manager oversees all aspects of security including network, systems and applications security. The Manager also discovers possible network weaknesses and develops ways to prevent network or system incidents and breaches. It is the responsibility of Cybersecurity Manager to be aware of potential network vulnerabilities, remain abreast of the techniques cybercriminals use to get into information systems and employ techniques to thwart these attempts. The Cybersecurity Manager carries out his/her duties by organizing and putting security controls across the URI network and information systems. Establishing network security rules and procedures, controlling access to information, and instructing staff members on Cybersecurity Awareness. The Cybersecurity Director regularly check systems for security flaws, develop workable remedies, and deliver reports to management and senior staff. Additional responsibilities include conducting risk assessments, vulnerability testing and creating/updating Cybersecurity policies.Salary: $83,000-$137,000MAJOR DUTIES AND RESPONSIBILITIES
- Analyze and correlate information security events to determine the best course of action for managing an occurrence.
- Assess response strategies to verify their applicability.
- Check and classify potential security occurrences.
- Create operational policies and procedures for IT security Using the data gathered.
- Document information on IT security assaults, threats, risks, and controls.
- Examine security -standards, policies, and practices in light of the threats found and other data gathered.
- Compare URI incident response strategy to recommended practices in the industry.
- Determine the risks and dangers that affect an organization's systems and operations.
- Follow up on how well action plans are tackling information threats.
- Create a quarterly report on the performance of information security based on the findings of the analysis and correlation of information security events.
- Make appropriate improvements that will increase information security performance.
- Inspect the business and security environment to determine current needs.
- Organize review processes according to the organization's security risk management strategy.
- Test incident response plans frequently to verify reaction times and completed processes are satisfactory.
- Conduct frequent Cybersecurity Awareness trainings.
- Monitor completion of the online Cybersecurity course.
- Performing periodic security assessments both internally and externally.
- In charge of the annual Penetration testing both internally and externally.
- Supervise all forensic analysis on corporate digital assets when necessary.
- Responsible for Annual SOX compliance audit, findings and remediation.
- Observing all security operations occurring across the network infrastructure
SPECIFICATIONS FOR EDUCATION/CERTIFICATIONS/LICENSES
- Bachelor's degree in computer science, information technology, or related course.
- Supervisory or managerial experience in any role.
- 5 Years of experience in a cyber or information security role.
- Certification in CISSP, COMPTIA SEC+, CCSP, or other relevant ones.
REQUIRED SKILLS AND EXPERIENCE
- Analytical
- Compliance-related Knowledge
- Collaboration and Communication
- Digital Forensics
- Integrity
- Strategic
- Excellent Management
- Security Framework
At URI we are committed to cultivating an inclusive work environment. We actively seek a diverse candidate pool and encourage candidates of all backgrounds and abilities to apply. At URI we offer equal opportunities to all employees and applicants for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, genetic disposition, neurodiversity, disability, veteran status, or any other protected category under federal, state and local law.