Temporary (October 2020 to June 2022)
The Fund for Public Health in New York City, (FPHNYC) is a 501(c)3 non-profit organization that is dedicated to the advancement of the health and well-being of all New Yorkers. To this end, in partnership with the New York City Department of Health and Mental Hygiene (DOHMH), FPHNYC incubates innovative public health initiatives implemented by DOHMH to advance community health throughout the city. It facilitates partnerships, often new and unconventional, between government and the private sector to develop, test, and launch new initiatives. These collaborations speed the execution of demonstration projects, effect expansion of successful pilot programs, and support rapid implementation to meet the public health needs of individuals, families, and communities across New York City.
PROGRAM OVERVIEW (Epidemiology and Laboratory Capacity for Infectious Diseases Grant (ELC))
IT Security, part of the Division of Information Technology, is a team of application, database, systems, network, and cloud security architects and managers responsible for securing the information technology infrastructure in DOHMH. The team is responsible for reviewing business processes, documenting data flows and system communication architecture, identifying vulnerabilities on agency computing hardware and software assets, and other technology infrastructure used to monitor and investigate all infectious diseases reported to DOHMH. This infrastructure is used by the Bureaus in the Division of Disease Control to monitor and analyzes trends in disease data, used for the recognition, prevention and control of infectious diseases.
POSITION OVERVIEW
We are seeking to fill positions in IT Security that will provide key support for the Bureau's work of tracking and investigating COVID-19 in New York City. It is expected that each position will work 35 hours per week.
RESPONSIBILITIES
- Review, maintain, and update the security documentation for the Linux operating system server environments used for R, Python, and COVID-19 Whole Genome Sequencing analysis, based on end user needs
- Provide security review and respond to user requests to provide network connectivity and software installations security for R Studio Server, R Studio Connect, Jupyter Notebook, and gene sequence pipeline software environments used by agency staff to identify and analyze trends in infectious disease using R and Python
- Perform iterative application scans for updated versions of R Studio Server, R Studio Connect, Jupyter Notebook, and whole genome sequencing software until security issues are resolved
- Assist in the identification, documentation, and removal of false positives in application security scans, until new software versions are ready for production use
- Collaborate with security team members and DoITT to produce system security reports and ensure that system scans are configured to produce useful security posture reports, while removing false positives
- Review the set up internal software repositories, perform risk analysis, and document the approval or rejection of software packages that are not in CRAN, Anaconda, or BioConda, so that R and Python users can install packages from pypi, github, python forge, and other sources
- Respond to end user tickets and update R, Python, and whole genome sequencing documentation for connectivity to databases, shared network drives, and Microsoft’s OneDrive from Linux servers that run, R, Python, and whole genome sequencing
- Periodically review the connectivity via standard protocols, such as sftp and https, to ensure that COVID-19 data exchange with external partners such as Healthix, Health and Hospitals, and DoITT is secure
- Ensure that the R, Python, and whole genome sequencing server environments comply with all city, state, and federal security policies and requirements