The Office of the Queens County District Attorney (QDA) is seeking an IT DevOps Engineer to be part of its IT team that is responsible for the implementation, administration, and management of a variety of IT infrastructure, application development, Q/A and security projects and initiatives, as well as to research and implement strategic solutions, at the direction of and under the supervision of the Chief Information Technology Officer.  The IT DevOps Engineer will be part of QDA’s IT Department which consists of a staff of 27 and serves an office of over 850 staff.

The IT DevOps Engineer will, at the direction of the CIO, be responsible for the deployment, management and on-going administration and support of a variety of projects and tasks in support of QDA’s overall IT operations, including, but not limited to:

• Analyze current technology utilized within QDA and develop steps and processes to improve and expand upon them
• Establish milestones for necessary contributions from departments and develop processes to facilitate their collaboration
• Assist other department engineers in creating practical demonstrations of proposed solutions and demonstrating them to other members of the team
• Provide detailed specifications for proposed solutions including materials, labor and time necessary
• Provide clear goals for all areas of a project and develop steps to oversee their timely execution
• Work closely with engineering professionals to maintain hardware and software needed for projects to be completed efficiently
• Mentor and train other engineers and seek to continually improve processes
• Work alongside project management teams to successfully monitor progress and implementation of initiatives
• Manage and coordinate operational components of incident management, including detection, response and reporting
• Maintain a knowledge base comprising a technical reference library, security advisories and alerts, information on industry trends and practices, laws and regulations.
• Manage the day-to-day activities of infrastructure and application support, identify risk tolerances, recommend remediation plans, and communicate information about residual risk.
• Lead and participate in operations, outages, and safety meetings
• Support internal applications and systems
• Support various operations status, engineering review and problem boards
• Lead projects and/or supervise personnel, as needed
• Prepare presentations for submission to internal management
• Assist in designing, maintaining, hosting, processing, transforming, and analyzing operational processes

Operational Liaison Responsibilities:

• Liaise and coordinate among the various functional IT teams and management to drive operational goals as required and set forth by the CIO.
• Liaise with external agencies, such as law enforcement and other agencies as necessary, to ensure that internal organizational IT SOPs are supported and maintained across all collaborative efforts.
• Assist resource owners and IT staff in understanding and responding to project and operational incidents, with the ultimate goal of accurate, efficient, effective and timely resolution and service restoration.
• At the direction of the CIO, work as a liaison with vendors and other internal business teams to establish mutually acceptable contracts and service-level agreements (SLA) to standardize and drive service delivery.
• Manage application issues and incidents, and participate in problem and change management forums.
• Ensure timely reporting and adequate participation in investigation for ICT security incidents, with internal business units, partners, vendors, and /or law enforcement agencies, as applicable.
• At the direction of the CIO, work with various stakeholders, in concert with the IT Security Team, to identify information asset owners to classify data and systems as part of a control framework implementation.
• At the direction of the CIO, work with IT and business stakeholders to define metrics and reporting strategies that effectively communicate successes and operational progress.

Architectural, Operational and Engineering Support Responsibilities:

• Consult with IT and security staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications, and software.
• Recommend and coordinate the implementation of technical controls to support and enforce defined IT policies and procedures.
• Research, evaluate, design, test, recommend or plan the implementation of new or updated hardware or software, and analyze its impact on the existing environment and provide technical and managerial expertise for the administration of IT tools.
• Work with the enterprise architecture team to ensure that there is a convergence of business and technical requirements; liaise with IT management to align existing technical installed base and skills with future architectural requirements.
• Develop a strong working relationship with the security engineering team to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements.
• In concert with the IT Security Team, coordinate, measure and report on the technical aspects of security management.
• Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and comply with policies and audit requirements.
• Coordinate with the IT Security Team to design, coordinate and oversee security-testing procedures to verify the security of systems, networks, and applications; and manage the remediation of identified risks.
• Build and execute unit tests and unit test plans in coordination with functional teams.

Experience and Qualification Requirements:

• A minimum of seven years of IT experience, with five years in an information security role and at least two years in a supervisory capacity.
• A bachelor's degree in information systems or equivalent work experience; an M.B.A. or M.S. in information security is preferred.
• Industry Certifications are a plus
• Strong leadership skills and the ability to work effectively with business managers, IT engineering and IT development and operations staff.
• The ability to interact with QDA personnel, build strong relationships at all levels and across all business units and organizations, and understand business imperatives.
• Knowledge and understanding of relevant legal and regulatory requirements, such as National Information Assurance Policy, Cloud Security Policy, US legislation etc.
• Exhibit excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.
• Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals.
• A strong understanding of the business impact of security tools, technologies and policies.
• Strong leadership abilities, with the capability to develop and guide information security team members and IT operations personnel, and work with minimal supervision.
• Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, project and application development teams, management and business personnel; in-depth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls; excellent understanding of information security concepts, protocols, industry best practices and strategies.
• Experience working with legal, audit and compliance staff is desired but not required.
• Experience developing and maintaining policies, procedures, standards and guidelines.
• Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) and NIST frameworks.
• Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies.
• Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans.
• Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
• An understanding of operating system internals and network protocols.
• Familiarity with the principles of cryptography and cryptanalysis.
• Experience in system technology security testing (vulnerability scanning and penetration testing).
• Familiarity in application technology security testing (white box, black box and code review).

Application Information:

Qualified candidates must have a permanent New York City computer-related civil service title in order to be considered for this position.

Comprehensive benefits package including health insurance, 401K and more.

Salary Range: $90,000 –$125,000

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.

To apply, please submit a resume and cover letter via the link below: