Application Security Risk Analyst
Job Details
LIC - Central DOHMH - Long Island City, NY
Full Time

The Fund for Public Health in New York City (FPHNYC) is a 501(c)3 non-profit organization that is dedicated to the advancement of the health and well-being of all New Yorkers. To this end, in partnership with the New York City Department of Health and Mental Hygiene (DOHMH), FPHNYC incubates innovative public health initiatives implemented by DOHMH to advance community health throughout the city. It facilitates partnerships, often new and unconventional, between government and the private sector to develop, test, and launch new initiatives. These collaborations speed the execution of demonstration projects, effect expansion of successful pilot programs, and support rapid implementation to meet the public health needs of individuals, families, and communities across New York City.



The Division of Information Technology aims to align technology solutions with the DOHMH mission by prioritizing resource use and deploying innovations that facilitate the agencys day-to-day activities and enhance staff productivity and efficiency. Our goal is to provide users with a reliable, stable, and safe computing environment, through the collaboration of the Bureau of Technology Strategy & Project Management provides business analysis and IT project management services to define and deliver IT solutions that meet all program needs.



The New York City Department of Health and Mental Hygiene (DOHMH) is seeking a qualified individual to fill the Application Security Risk Analyst role. The application security analyst will join a team responsible for security assessments of applications and other software to identify vulnerabilities, threats, and risk. The analyst will lead vulnerability assessments and monitoring services across several applications. They will also develop proactive cybersecurity security strategies and guidance documentation to empower the agency to better protect its data, integrity, and reputation.



  • Collaborate with IT project managers and operational teams to conduct thorough cybersecurity risk assessments to develop appropriate information security plans, procedures, and control techniques.
  • Ensure adequate and appropriate security controls are in place to ensure the agency's digital assets are protected from unauthorized access for both on-premises and off-premises systems.
  • Intake security requests for application deployment, software/hardware use, and changes in access control including the report of exceptions/risk acceptance for further review and remediation.
  • Responsible for generating reports for business and technical managers to evaluate the efficacy of the security controls in place.
  • Continually perform research to strengthen the agencys digital security including programs designed to encrypt/protect data and to prevent future hacks and breaches.
  • Monitor compliance with information security policies and procedures.


  • Bachelors degree in Computer Science, Information technology, or cybersecurity or a related field or gain equivalent experience with relevant industry certifications.
  • 5+ years of prior relevant IT experience.
  • Ability to understand business needs, workflow requirements, and translate these requirements into technical requirement documents.
  • Familiarity with web application development technologies like .NET, JavaScript, AJAX, JSON, HTML5 and CSS.
  • Familiarity with data modeling and relational databases like Oracle, SQL, MySQL, PostgreSQL etc.
  • Knowledge of R, Python, Data Visualization Tools.
  • Experience applying Risk Management frameworks.
  • Familiarity with regulatory compliance and standards requirements.
  • Knowledge of security controls in various commercial solutions as Microsoft, Apple, Google, Cisco, and other enterprise network computing products.
  • Knowledge with Windows platforms and security configurations for Active Directory, Active Directory Federation Services, and LDAP.
  • Strong written and verbal communication skills.




FPHNYC offers a comprehensive benefits package. The salary range for this position is commensurate with experience.



There is potential for this position to transition to DOHMH and therefore candidates must meet DOHMH eligibility requirement including NYC residency.



To apply, send Resume, with Cover Letter, including how your experience relates to this position. We ask that you do not contact our staff directly and no phone inquiries please. Applicants who best match the position needs will be contacted.



The Fund for Public Health in New York City is an Equal Opportunity Employer and encourages a diverse pool of candidates to apply.