Information Security Engineer

New York Institute of Technology

Old Westbury, NY

Job posting number: #7152050

Posted: June 5, 2023

Application Deadline: Open Until Filled

Job Description

Overview
New York Institute of Technology's six schools and colleges offer undergraduate, graduate, and professional degree programs in in-demand disciplines including computer science, data science, and cybersecurity; biology, health professions, and medicine; architecture and design; engineering; IT and digital technologies; management; and energy and sustainability. A nonprofit, independent, private, and nonsectarian institute of higher education founded in 1955, it welcomes nearly 8,000 students worldwide.


The university has campuses in New York City and Long Island, New York; Jonesboro, Arkansas; and Vancouver, British Columbia, as well as programs around the world. More than 112,000 alumni are part of an engaged network of physicians, architects, scientists, engineers, business leaders, digital artists, and healthcare professionals. Together, the university’s community of doers, makers, healers, and innovators empowers graduates to change the world, solve 21st-century challenges, and reinvent the future.



For more information, visit nyit.edu.



The Information Security Engineer is a trusted resource who identifies information security risks as well as define, implement, and maintain mitigating technical controls. They must ensure compliance with University information security policies and enforce implementation of the University’s security architecture. This includes the auditing and safeguarding of computer systems and data/networking components, oversight of security configuration and monitoring, and application security assessments and vulnerability scans.

Responsibilities
Serve as the University’s Subject Matter Expert (SME) on information security tools, techniques, and processes; assist peers to configure and deploy applications and systems in a secure manner.
Design, implement, and maintain security applications and infrastructure to support University policies as well as federal and state security/data privacy regulations.
Analyze information across systems and networks to identify and respond to potential security incidents and data breaches; participate in incident response and recovery activities as required.
Serve as technical lead on security projects; administer security-related infrastructure and applications such as SIEM tools, vulnerability scanning/management, NGFW, email sanitation tools, MFA, and other security-related infrastructure; suggest, implement, and maintain new technologies as required to support the ever-changing security landscape.
Plan and conduct infrastructure security assessments and vulnerability scans of all layers of the information technology ecosystem including networking, servers, operating systems, databases and applications; analyze findings for system owners.
Participate in external professional organizations that are relevant to the objectives of NYIT’s information security program such as EDUCAUSE, REN-ISAC, SANS, etc; provide reports and presentations on the status of security controls and security industry trends/technologies to ITS management.
Monitor ITS’s business continuity and disaster recovery program and validate against industry best practices; routinely review, test, and improve program.
Collaborate with Information Privacy and Compliance Analyst to conduct information security threat modeling exercises, risk assessments, and workshops.
Collaborate and coordinate with university teams to establish and implement security protocols across the organization
Monitor and advise on information security issues related to applications, information systems, and data assets to ensure internal security controls for the University are appropriate and operating as intended.
Stay abreast of latest security technologies; maintain a strong knowledge base of industry and technology trends that help the support the information security requirements of the University.
Other duties as assigned.
Qualifications


BS in computer science, engineering, or other technical discipline plus a minimum of 4 years of experience working in information technology, security, or risk management. CISSP or equivalent certification is preferred. Comparable success and work experience may be considered in lieu of degree requirement. Experience in a higher education environment preferred.
Strong analytical skills and ability to translate University business needs and information security compliance requirements into supporting enterprise-wide data security standards.
Familiarity and experience with information security standards (e.g., NIST 800-53, ISO 27001/2, etc.), rules and regulations related to information security and data privacy (e.g., MA 201 CMR 17, FERPA, HIPAA, PCI, GDPR etc.); working knowledge of desktop, server, application, database, and network security principles and best practices for risk identification, management, and analysis.
In depth knowledge of vulnerability management and exploit analysis tools, networking technologies, common protocols, services and related security issues required; experience with Data Loss Prevention, Identity Management, IPS/IDS, NGFW, MFA, and SIEM solutions as well as experience documenting technical standards and operational policies required; experience with cloud and data center security also desired.
Demonstrated passion for problem solving; strong project management skills and the proven ability to build trust and work well with all levels of management and technical staff are required.
Able to communicate effectively with people at varying levels of technical fluency including the ability to explain and document complex technical issues in a way that non-technical people may understand; the ability to establish collaborative working relationships at all contact levels of the University; the ability to communicate progress/challenges to appropriate personnel effectively.
A demonstrated understanding of business operations, information technology and data security as it relates to monitoring, maintaining and implementing data security policies, standards, and guidelines.
Team player with excellent consulting skills and a fun, but professional presence required.
Excellent customer service skills; a high degree of integrity relative to data security and confidentiality of information required.
Ability to work nights and weekends on an as-needed basis is required.



Apply Now

Please mention to the employer that you saw this ad on AcademicWomen.com

Job posting number:#7152050
Application Deadline:Open Until Filled
Employer Location:Online Job Advertising
JAX,Florida
United States
More jobs from this employer