Information Security Analyst jobs at New York University - 29 jobs

NAESOC Analyst Xcelerate Solutions is seeking a National Access Elsewhere Security Oversight Center (NAESOC) Analyst to support the Defense Counterintelligence and Security Agency's NAESOC in applying risk-based industrial security operations to protect the defense industrial base. In this role, you will be responsible for identifying risk to cleared facilities and supporting personnel in mitigating security threats, through coordination with industrial security representatives, continuous monitoring, and execution of research and analysis on cleared companies and key management personnel. Come join our award-winning organization and work with some of the most talented and brightest minds in the GovCon industry. Location: Hanover, MD/Hybrid Security Clearance: Secret or Top Secret (Preferred) Responsibilities: Apply knowledge of the NISPOM and DCSA data systems to support data analytics and threat identification and monitoring Provide knowledge and expertise in identification of risk to cleared facilities and personnel Support development of tailored risk mitigation strategies Execute continuous monitoring to assess effectiveness of security programs at cleared facilities Perform facility baselining and monitoring as part of a broader risk-based oversight model; to include research/analysis of business operations and key management personnel Perform security violation processing as a result of reported and unreported security violations Conduct outreach to targeted cleared facilities to support identification of risk and aid in enhancement of risk mitigation strategies Minimum Requirements: 3+ years' experience with security-related data systems such as NISS (prior ISFD and eFCL) and DISS 1+ years' experience supporting or executing Facility Security Officer (FSO) duties 1+ years' experience with risk mitigation methodology 1+ years' experience developing risk mitigation strategies 3+ years' experience identifying risk to industrial security and responding to risk in executing the NISPOM 3+ years' experience planning, organizing, monitoring, and coordinating courses of action 3+ years' experience gathering metrics and analyzing data for trends and resource allocation 3+ years' experience reviewing and providing educational instruction on industrial security topics About Xcelerate Solutions:Founded in 2009 and headquartered in McLean, VA, Xcelerate Solutions (*************************** is one of America's fastest-growing companies. Xcelerate's culture is defined by our diversified workforce of dynamic and versatile professionals, supported with growth and development opportunities that contribute to individual and company growth. This strong commitment to our employees has been recognized by our inclusion on the Washington Business Journal's “50 Best Places to Work” list as well as being a “Great Place to Work” certified company with a 4.6 star, and a 99% CEO approval Glassdoor rating. Come find out why Xcelerate Solutions is one of the DC Metro top employers! Xcelerate Solutions is an Equal Employment Opportunity/Affirmative Action Employer. We evaluate qualified applicants without regard to race, color, national origin, religion, age, equal pay, disability, veteran status, sex, sexual orientation, gender identity, genetic information, or expression of another protected characteristic. As part of this commitment to the full inclusion of all qualified individuals, Xcelerate provides reasonable accommodations if needed because of an applicant's or an employee's disability. Pay Transparency Notice: Xcelerate Solutions will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant.

**UW MEDICINE IT SERVICES** has an outstanding job opportunity for an **IAM Epic Security Analyst 1** . **WORK SCHEDULE** + 100% FTE - 40 hours per week + Day Shift - UW MEDICINE ITS SERVICES CORE HOURS ARE 08:00 - 17:00 (PST), Monday-Friday **DEPARTMENT DESCRIPTION** **UW Medicine IT Services (ITS)** is a shared services organization that supports all of UW Medicine. UW Medicine is comprised of Harborview Medical Center (HMC), UW Medical Center-Montlake Campus (UWMC-Montlake), UW Medical Center-Northwest Campus (UWMC-NW), UW Medicine Primary Care (UWMPC), UW Physicians (UWP), UW School of Medicine (SOM), and Airlift Northwest (ALNW). ITS is responsible for the ongoing support and maintenance of the infrastructure and applications which support all these institutions, along with the implementation of new services and applications that are used to support and further the UW Medicine mission. **POSITION HIGHLIGHTS** + 100% remote opportunity + 15 days of vacation your first year - Also, 12 days of sick time, 1 personal holiday, and 11 paid holidays each year + 100% matching, 100% immediately vesting 403(b) **PRIMARY JOB RESPONSIBILITIES** + Using business and data analysis to independently troubleshoot and resolve complex Epic security related issues + Performing user provisioning, integrations, audits, and other daily operations of the Epic Security team + Ensuring compliance with HIPAA, other regulatory requirements, policies, and procedures are met + Identifying risks and collaborating with Epic Security team on resolution and with ITS Leadership on recommendations for risk mitigation enhancements + Managing on-going security roles and controls for Epic and interconnected applications, including: + Development, implementation, and maintenance + Collaborating with Epic application teams to create, monitor, and maintain operational configurations of Epic security for efficient and appropriate operations + Managing access and authorization activities across the identity lifecycle + Performing independent application testing, including: + Independent activities for Epic security build, testing, and record creation processes + Making appropriate access decisions in conjunction with application coordinators/analyst and operations + Identifying and analyzing customer system requirements for continuous improvements + Maintaining knowledge of vendor application architecture as it relates to the UW Medicine's systems environment as well as any new or modified vendor solutions that could benefit our organization **REQUIREMENTS** + Bachelor's degree in Computer Science, Information Technology, Business Administration, or related field or equivalent education and/or experience. + **2+ years of experience to include:** + 2+ years of IT experience with demonstrated experience in systems analysis, administration, or support; preferably on mission-critical clinical information systems + Demonstrated experience working with Epic or comparable EHR system + Demonstrated experience independently gathering requirements for the creation of new or changes to existing roles in a healthcare application + Demonstrated experience with database management, programming, or access + Demonstrated experience independently creating and managing end user workflows **ABOUT UW MEDICINE - WHERE YOUR IMPACT GOES FURTHER** UW Medicine is Washington's only health system that includes a top-rated medical school and an internationally recognized research center. UW Medicine's mission is to improve the health of the public by advancing medical knowledge, providing outstanding primary and specialty care to the people of the region, and preparing tomorrow's physicians, scientists and other health professionals. All across UW Medicine, our employees collaborate to perform the highest quality work with integrity and compassion and to create a respectful, welcoming environment where every patient, family, student and colleague is valued and honored. Nearly 29,000 healthcare professionals, researchers, and educators work in the UW Medicine family of organizations that includes: Harborview Medical Center, UW Medical Center - Montlake, UW Medical Center - Northwest, UW Medicine Primary Care, UW Physicians, UW School of Medicine, and Airlift Northwest. Become part of our team (******************************** . Join our mission to make life healthier for everyone in our community. **Compensation, Benefits and Position Details** **Pay Range Minimum:** $75,000.00 annual **Pay Range Maximum:** $100,008.00 annual **Other Compensation:** - **Benefits:** For information about benefits for this position, visit ****************************************************** **Shift:** First Shift (United States of America) **Temporary or Regular?** This is a regular position **FTE (Full-Time Equivalent):** 100.00% **Union/Bargaining Unit:** Not Applicable **About the UW** Working at the University of Washington provides a unique opportunity to change lives - on our campuses, in our state and around the world. UW employees bring their boundless energy, creative problem-solving skills and dedication to building stronger minds and a healthier world. In return, they enjoy outstanding benefits, opportunities for professional growth and the chance to work in an environment known for its diversity, intellectual excitement, artistic pursuits and natural beauty. **Our Commitment** The University of Washington is committed to fostering an inclusive, respectful and welcoming community for all. As an equal opportunity employer, the University considers applicants for employment without regard to race, color, creed, religion, national origin, citizenship, sex, pregnancy, age, marital status, sexual orientation, gender identity or expression, genetic information, disability, or veteran status consistent with UW Executive Order No. 81 (*********************************************************************************************************************** . To request disability accommodation in the application process, contact the Disability Services Office at ************ or ********** . Applicants considered for this position will be required to disclose if they are the subject of any substantiated findings or current investigations related to sexual misconduct at their current employment and past employment. Disclosure is required under Washington state law (********************************************************* . University of Washington is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to, among other things, race, religion, color, national origin, sexual orientation, gender identity, sex, age, protected veteran or disabled status, or genetic information.

Who We Are: The Association of American Medical Colleges is a not-for-profit association dedicated to transforming health care by supporting the entire spectrum of medical education, medical research, and patient care conducted by our member institutions. We are dedicated to the communities we serve and steadfast in our goal to improve the health of all. At the AAMC, we are committed to supporting our employees with a comprehensive benefits package designed to promote well-being, professional growth, and work-life balance. Highlights include: Remote Work - Fully remote work available for most positions Retirement Savings - Generous 403(b) employer contributions and financial wellness resources, including professional financial advising. Health & Wellness Perks - Fitness and bicycle subsidies, on-site and virtual wellness programs (live yoga, meditation, mental health webinars, flu shot clinics, and more) Support & Family Care - Employer paid Employee Assistance Program (EAP) and back-up care options for children, adults, elders, and even pets Additional information can be found on our website. Why us, why now? The Security Architect leads the design and oversight of enterprise security architecture to protect organizational data, infrastructure, and member information. This role ensures security principles, best practices, controls, and frameworks are embedded into business systems, cloud services, and infrastructure in alignment with regulatory, compliance, and organizational requirements. It provides strategic leadership over data security architecture, including data classification, data protection controls, secure data flows, encryption, tokenization, masking, and access governance across the enterprise. This is a hands-on role that performs direct engineering activities across cloud and security platforms, including the implementation of cloud-native security controls, secure configuration of AWS and SaaS services, hardening of identity and access models (including role-based access controls (RBAC) and least privilege), and deployment of automated guardrails and security tooling. The position also conducts hands-on testing, validation, and tuning of cloud security services such as Cloud Security Posture Management, Cloud Infrastructure Entitlement Management, Cloud Workload Protection Platform, logging pipelines, and security detections. The role also converts best practices into formal security policies and standards. The Security Architect acts as a strategic partner and trusted advisor to IT leadership, providing guidance that balances security, compliance, and operational priorities by understanding problems or opportunities and delivering value-add solutions. This includes advising on the secure design of data repositories, analytics platforms, and integrations to ensure confidentiality, integrity, availability, lifecycle protection, and appropriate handling of sensitive information across both on-premises and cloud environments. How will you make an impact? Design and oversee enterprise security architecture : Lead the development and enforcement of security principles, best practices, and frameworks across business systems, cloud services, and infrastructure. Ensure alignment with regulatory, compliance, and organizational requirements. Data security leadership and implementation : Lead initiatives for data classification, encryption, tokenization, and access governance. Advise on secure design and handling of sensitive information across enterprise, including analytics platforms and integrations. Ability to map security requirements to the data lifecycle Hands-on cloud security engineering: Implement cloud-native security controls and harden configurations in AWS, Azure, and third-party SaaS platforms. Deploy automated guardrails, security tooling, infrastructure as code, and logging/monitoring pipelines. Conduct hands-on testing, validation, and tuning of cloud security services (CSPM, CIEM, CWPP, etc.). Threat modeling, risk assessment, and control validation : Conduct threat modeling to identify potential risks across systems and cloud environments. Assess risks, vulnerabilities, and controls; recommend remediation strategies for enterprise and cloud environments. Policy, standard, and framework development : Convert best practices into formal security policies, standards, and guidance documents. Ensure policies support both operational needs and compliance requirements. Cross-functional collaboration with Data Governance & Privacy In support of data and records retention policies, knowledge of retention schedules and defensible deletion practices. Understanding of secure archival and approved destruction methods. Risk Register : Maintain and oversee the security risk register, ensuring risks are continuously reviewed for priority, accurately documented, assessed, and updated. Strategic advisory and collaboration: Act as a trusted advisor to IT leadership, providing guidance that balances security, compliance, and operational priorities Understand business problems or opportunities and recommend value-add security solutions. Understanding of data-sharing agreements and secure data exchange protocols. What will you bring to the role? Required Qualifications: Required: Bachelor's degree in Computer Science, Information Security, or related field; or equivalent work experience. Preferred: Master's degree in Computer Science, Information Security, or related field; or equivalent work experience. 8-10 years of related work experience Experience in security architecture, engineering, or related security disciplines. Ability to help drive security strategy alignment Ability to innovate and instigate change to manage organizational security architecture through threat assessment, management and standards implementation Ability to be the senior specialist responsible for a strategic security architecture that focuses on organizational risk management, technical security architecture and data governance. Ability to report on security risks and assume the role of champion for security architecture strategy Ability to effectively collaborate across teams and develop a sphere of influence. Preferred Qualifications: Strong knowledge of security frameworks (e.g., NIST CSF, AWS FSBP, TOGAF) Certifications: Professional certifications such as CISSP, CISM, CCSP, or equivalent. Remote Work Eligibility This position is eligible for remote work in the contiguous US Compensation Grade Range $127,500.00-$150,000.00 Multiple factors are taken into consideration to arrive at the final hourly rate/annual salary to be offered to the selected candidate. Factors may include, but are not limited to, the scope and responsibilities of the role, the selected candidate's work experience, education and training, as well as internal equity, market, and business considerations. If a bachelor's degree is required, related work experience may be substituted in some positions. One year of college course work at an accredited institution is equivalent to one year of related work experience. The Association of American Medical Colleges (AAMC) is an Equal Opportunity/Affirmative Action Employer. The AAMC is committed to the policy of an equal employment opportunity in recruitment, hiring, career advancement, and all other personnel practices. The AAMC will not discriminate on the basis of race, color, sex, national origin, religion, age, marital status, personal appearance, sexual orientation, gender identity or expression, family responsibilities, matriculation, political affiliation, genetic information, disability, past or current military service, or any other legally protected characteristic. Please attach a resume as part of the application process. It is important that files DO NOT include periods ( . ) within the file name. BROWSER REQUIREMENTS: Applications must be submitted using Chrome, Mozilla Firefox, Safari, or Microsoft Edge.

Who We Are: The Association of American Medical Colleges is a not-for-profit association dedicated to transforming health care by supporting the entire spectrum of medical education, medical research, and patient care conducted by our member institutions. We are dedicated to the communities we serve and steadfast in our goal to improve the health of all. At the AAMC, we are committed to supporting our employees with a comprehensive benefits package designed to promote well-being, professional growth, and work-life balance. Highlights include: * Remote Work - Fully remote work available for most positions * Retirement Savings - Generous 403(b) employer contributions and financial wellness resources, including professional financial advising. * Health & Wellness Perks - Fitness and bicycle subsidies, on-site and virtual wellness programs (live yoga, meditation, mental health webinars, flu shot clinics, and more) * Support & Family Care - Employer paid Employee Assistance Program (EAP) and back-up care options for children, adults, elders, and even pets Additional information can be found on our website. Why us, why now? The Security Architect leads the design and oversight of enterprise security architecture to protect organizational data, infrastructure, and member information. This role ensures security principles, best practices, controls, and frameworks are embedded into business systems, cloud services, and infrastructure in alignment with regulatory, compliance, and organizational requirements. It provides strategic leadership over data security architecture, including data classification, data protection controls, secure data flows, encryption, tokenization, masking, and access governance across the enterprise. This is a hands-on role that performs direct engineering activities across cloud and security platforms, including the implementation of cloud-native security controls, secure configuration of AWS and SaaS services, hardening of identity and access models (including role-based access controls (RBAC) and least privilege), and deployment of automated guardrails and security tooling. The position also conducts hands-on testing, validation, and tuning of cloud security services such as Cloud Security Posture Management, Cloud Infrastructure Entitlement Management, Cloud Workload Protection Platform, logging pipelines, and security detections. The role also converts best practices into formal security policies and standards. The Security Architect acts as a strategic partner and trusted advisor to IT leadership, providing guidance that balances security, compliance, and operational priorities by understanding problems or opportunities and delivering value-add solutions. This includes advising on the secure design of data repositories, analytics platforms, and integrations to ensure confidentiality, integrity, availability, lifecycle protection, and appropriate handling of sensitive information across both on-premises and cloud environments. How will you make an impact? Design and oversee enterprise security architecture: * Lead the development and enforcement of security principles, best practices, and frameworks across business systems, cloud services, and infrastructure. * Ensure alignment with regulatory, compliance, and organizational requirements. Data security leadership and implementation: * Lead initiatives for data classification, encryption, tokenization, and access governance. * Advise on secure design and handling of sensitive information across enterprise, including analytics platforms and integrations. * Ability to map security requirements to the data lifecycle Hands-on cloud security engineering: * Implement cloud-native security controls and harden configurations in AWS, Azure, and third-party SaaS platforms. * Deploy automated guardrails, security tooling, infrastructure as code, and logging/monitoring pipelines. * Conduct hands-on testing, validation, and tuning of cloud security services (CSPM, CIEM, CWPP, etc.). Threat modeling, risk assessment, and control validation: * Conduct threat modeling to identify potential risks across systems and cloud environments. * Assess risks, vulnerabilities, and controls; recommend remediation strategies for enterprise and cloud environments. Policy, standard, and framework development: * Convert best practices into formal security policies, standards, and guidance documents. * Ensure policies support both operational needs and compliance requirements. * Cross-functional collaboration with Data Governance & Privacy * In support of data and records retention policies, knowledge of retention schedules and defensible deletion practices. * Understanding of secure archival and approved destruction methods. Risk Register: * Maintain and oversee the security risk register, ensuring risks are continuously reviewed for priority, accurately documented, assessed, and updated. Strategic advisory and collaboration: * Act as a trusted advisor to IT leadership, providing guidance that balances security, compliance, and operational priorities * Understand business problems or opportunities and recommend value-add security solutions. * Understanding of data-sharing agreements and secure data exchange protocols. What will you bring to the role? Required Qualifications: * Required: Bachelor's degree in Computer Science, Information Security, or related field; or equivalent work experience. * Preferred: Master's degree in Computer Science, Information Security, or related field; or equivalent work experience. * 8-10 years of related work experience * Experience in security architecture, engineering, or related security disciplines. * Ability to help drive security strategy alignment * Ability to innovate and instigate change to manage organizational security architecture through threat assessment, management and standards implementation * Ability to be the senior specialist responsible for a strategic security architecture that focuses on organizational risk management, technical security architecture and data governance. * Ability to report on security risks and assume the role of champion for security architecture strategy * Ability to effectively collaborate across teams and develop a sphere of influence. Preferred Qualifications: * Strong knowledge of security frameworks (e.g., NIST CSF, AWS FSBP, TOGAF) * Certifications: Professional certifications such as CISSP, CISM, CCSP, or equivalent. Remote Work Eligibility This position is eligible for remote work in the contiguous US Compensation Grade Range $127,500.00-$150,000.00 Multiple factors are taken into consideration to arrive at the final hourly rate/annual salary to be offered to the selected candidate. Factors may include, but are not limited to, the scope and responsibilities of the role, the selected candidate's work experience, education and training, as well as internal equity, market, and business considerations. If a bachelor's degree is required, related work experience may be substituted in some positions. One year of college course work at an accredited institution is equivalent to one year of related work experience. The Association of American Medical Colleges (AAMC) is an Equal Opportunity/Affirmative Action Employer. The AAMC is committed to the policy of an equal employment opportunity in recruitment, hiring, career advancement, and all other personnel practices. The AAMC will not discriminate on the basis of race, color, sex, national origin, religion, age, marital status, personal appearance, sexual orientation, gender identity or expression, family responsibilities, matriculation, political affiliation, genetic information, disability, past or current military service, or any other legally protected characteristic. Please attach a resume as part of the application process. It is important that files DO NOT include periods ( . ) within the file name. BROWSER REQUIREMENTS: Applications must be submitted using Chrome, Mozilla Firefox, Safari, or Microsoft Edge.

Join a world-class academic healthcare system, UChicago Medicine, as a Senior Information Security Engineer in our Information Security department. This is a remote, work from home opportunity, and you may be based outside of the greater Chicagoland area. This role will be that of a Senior Information Security Engineer. This person will lead our effort in enhancing and maturing our defensible architecture across our network and Cloud solutions. Besides the network related tasks, this role will also assist Incident Response as needed and will require solid written skills to document improvement to processes and procedures. This role will also be primarily responsible for the creation of Standard Operating Procedures for our SOC operations related to all Network Security solutions implemented by you. Under general direction of Information Security leadership, implement and operate security controls to minimize risk to physical and logical assets of the University of Chicago Medical Center and to ensure the confidentiality and integrity of UCMC sensitive information. The Information Security Engineer will assist with the core security activities of UCMC and lead many enhancement projects. This includes but is not limited to design and implementation of enterprise network security systems, security operations, threat analysis, log and event management, and network monitoring. Essential Job Functions Design, deploy, and manage security solutions within Cloud environments(Azure experience preferred). Assist other security engineering and consulting needs as they arise. Implement cloud security controls and monitor compliance frameworks (Azure Security Center, Azure Policy, etc.). Collaborate with development, operations, and compliance teams to achieve security goals. Document security processes and procedures for all Cloud related monitoring and response personnel. Develop project plans and manage project teams for security related projects. Provide communications, including status reporting, risk management, escalation of issues, and in general, making sure the project is delivered on budget, on schedule, and within scope. Other duties as assigned. Required Qualifications BS or BA degree in Computer Science or other IT related field, or combination of education and work experience 8 years of Information Security experience , preferably at least 3 years in a Senior or Lead Engineering role Minimum 5 years' experience in cloud security engineering, focusing on Microsoft Azure. 5 years' experience maintaining and designing Defense-in-Depth strategies for complex network architectures Solid understanding of threat modeling, risk assessment, and Cloud Security best practices In-depth knowledge of network routing and defensible architectures in Cloud environments, such as Azure, AWS or Google Cloud In-depth knowledge of computing systems, data network communications, and network architecture Effective written and verbal communication skills Good working knowledge of the Plan, Build, Run model within an IT environment Some scripting or programming skills (PERL, Python, PowerShell, etc.) preferred as needed Expert understanding of TCP/IP (OSI Layers 1- 4) and Internet and Intranet technologies (OSI Layers 5-7) Good knowledge of Windows and Linux Operating Systems Good knowledge of vulnerability management, risk analysis, and forensics preferred Experience with HIPAA, NIST, FERPA, and SOX preferred Position Details Job Type/FTE: Full-time Shift: Days Location: Remote Department: Information Security CBA Code: Non-Union Why Join Us We've been at the forefront of medicine since 1899. We provide superior healthcare with compassion, always mindful that each patient is a person, an individual. To accomplish this, we need employees with passion, talent and commitment… with patients and with each other. We're in this together: working to advance medical innovation, serve the health needs of the community, and move our collective knowledge forward. If you'd like to add enriching human life to your profile, UChicago Medicine is for you. Here at the forefront, we're doing work that really matters. Join us. Bring your passion. UChicago Medicine is growing; discover how you can be a part of this pursuit of excellence at: UChicago Medicine Career Opportunities UChicago Medicine is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, ethnicity, ancestry, sex, sexual orientation, gender identity, marital status, civil union status, parental status, religion, national origin, age, disability, veteran status and other legally protected characteristics. As a condition of employment, all employees are required to complete a pre-employment physical, background check, drug screening, and comply with the flu vaccination requirements prior to hire. Medical and religious exemptions will be considered for flu vaccination consistent with applicable law. Compensation & Benefits Overview UChicago Medicine is committed to transparency in compensation and benefits. The pay range provided reflects the anticipated wage or salary reasonably expected to be offered for the position. The pay range is based on a full-time equivalent (1.0 FTE) and is reflective of current market data, reviewed on an annual basis. Compensation offered at the time of hire will vary based on candidate qualifications and experience and organizational considerations, such as internal equity. Pay ranges for employees subject to Collective Bargaining Agreements are negotiated by the medical center and their respective union. Review the full complement of benefit options for eligible roles at Benefits - UChicago Medicine .

Job Posting: ) (Open) Department: Technology Security, JM Non-Regular Fixed Term (Fixed Term) Responsible for providing security and risk analysis of engineering solutions, to include technical solution development, testing, implementation, and integration. Responsibilities: Performs technical security assessments of computing environments to identify points of vulnerability, non-compliance with established IA standards and regulations and recommends mitigation strategies. Assists in the development, implementation, updating of security policies and monitoring of IT security procedures; validates and verifies system security requirement definitions and analysis. Coordinates Enterprise Application Security with Functional Data Stewards to ensure access verification and authorization requirements are monitored and approved. Maintains Enterprise Application Security Business processes and works with Senior IA staff in workflow management of security and access requests and approval. Integrates IA, security systems and system components including those for networking, computing, and enclave environments. Ensures IA best practices are integrated into systems and operational environments; assists in the identification and implementation of appropriate information security functionality. Interfaces with IT and non-IT personnel to resolve security related issues; assesses and mitigates system security threats/risks throughout the program life cycle. Performs security, analyses and risk, vulnerability assessments; supports the handling, reporting, recording, and resolution of campus-wide security incidents. Ensures security is embedded via processes and systems throughout the university by working with various university departments; other duties as assigned. Minimum Qualifications: Minimum two (2) years of experience in information security or other related field. Preferred Qualifications: Bachelor's Degree in Information Technology, Information systems, or related field preferred. Conditions of Employment: Potential on-call hours. Potential remote work opportunities. Non-Union Position. Additional Job Information: Bowie State University shall not discriminate against any individual on the basis of race, color, religion, age, ancestry or national origin, sex, sexual orientation, disability, marital status or veteran status. All policies, programs, and activities of Bowie State University are and shall be in conformity with all pertinent Federal and state laws of nondiscrimination including, but not limited to: Title VII of the Civil Rights Act of 1964, as amended, Title IX of the Education Amendments of 1972, the Equal Pay Act of 1963, the Age Discrimination Act, Sections 503 and 504 of the Rehabilitation Act of 1973, the Americans with Disabilities Act of 1990, Federal Executive Order No. 11375, and Article 49B of the Annotated Code of Maryland. This commitment applies in all areas and embraces faculty, staff, and students. Equal opportunity of access to academic and related programs shall be extended to all persons. Bowie State University shall have as its firm objective equal opportunity in recruitment and hiring, rate of pay, all other promotions, training, retention and dismissals, for all employees and applicants for employment. The University will stress equal access for employees and applicants for employment to all programs and services provided by the University both on and off campus. The University will also provide equal opportunity and an atmosphere of nondiscrimination with respect to women and members of minority groups in all its operations. In addition, the University shall promote equal opportunity and equal treatment through a positive and continuing Affirmative Action Program. The University makes, and will continue to make, reasonable accommodations to promote the employment of qualified individuals with disabilities and disabled veterans, unless such accommodations would impose an undue hardship on the University's business. In addition, employees and applicants will not be subjected to harassment, intimidation, threats, coercion, or discrimination because they have engaged in, or may have engaged in, activities such as filing a complaint, assisting or participating in an investigation, compliance review or hearing, or opposing any act or practice made unlawful, or exercising any other right protected by Section 503 of the Rehabilitation Act of 1973, as amended or the Vietnam Era Veterans Readjustment Assistance Act of 1974, as amended.

Lifeway is seeking a Senior Security Engineer | Detection & Response who plans and carries out security measures to monitor and protect sensitive data, networks and systems from infiltration and cyber-attacks. This role is responsible for the design, implementation, and support of a variety of complex projects supporting the SOC and security engineering functions. This role is a critical escalation point for Security Detection and has technical responsibility for the managed SOC and security engineering including the documentation of processes, procedures, and technical solutions. Why Lifeway? Lifeway is a place where you can bring your faith and work experience to join in the most important mission in the world: making disciples of Jesus Christ. Whether you're a creator or storyteller, data guru or problem-solver, or anywhere in between, if you're passionate about serving the church, we have a place for you. Lifeway has a strong Work from Anywhere (WFA) culture that is deeply focused on our mission and values. While headquartered in Nashville, TN, many of our positions are remote-eligible and have autonomy and flexibility with work hours. We provide equipment and resources to ensure team members have access to a productive and ergonomic workspace. We believe building relationships and community is essential to how we work together, so Lifeway hosts all-team meetings several times per year and provides travel for key team gatherings for remote-based team members. Full-time employees are eligible for enrollment in our comprehensive benefits plans including healthcare, vacation and sick time, holiday pay, care days, 401(k) plan, maternity and paternity leave, adoption assistance, mission trip time, and more. If this sounds like a place where you would be excited to serve the kingdom of God, we would love for you to join our team. Learn more about our culture at team.lifeway.com/culture-code This is a remote position in the U.S. with occasional travel to Nashville for in-person team gatherings. #LI-Remote Responsibilities Lives out Lifeway's mission and values, showing deep commitment to Kingdom work Plan, Design, build, implement, and administers security systems and processes within a modern cloud computing environment Designs cloud security solutions to ensure adequate protection, detection and response of the environment Cultivate and manage relationships with 3rd parties (Managed detection & response providers, partners, vendors), and other associated entities to ensure coverage of risks and agreements to performance Partners cross functionally for security monitoring and incident response Ensures information security practices are compliant with PCI and other standards and regulations Leverage frameworks and threat modeling to help identify needs and drive maturity Build and leverage metrics & processes to ensure operational excellence and resolve technical problems Qualifications Education Bachelor's degree in computer science, cybersecurity, information technology, or related degree, required Master's degree, not required Advanced graduate degree (PhD, etc), not required Skills, Knowledge, & Experiences, required Expert knowledge of cloud security solutions, anti-malware solutions, intrusion prevention, and web content filtering Experience with cloud architecture and coding (AWS, GCP, Azure) Expert knowledge of risk assessment tools, technologies, and methods Strong knowledge of coding, technologies and methods Strong ability to develop and execute incident response plans, identify root cause, and drive mitigations to prevent future occurrences Strong ability to enumerate and address security control gaps, abnormal behavior patterns and attack techniques in cloud environments Knowledge of applicable regulations and frameworks including PCI, NIST-CSF and MITRE ATT&C Actively involved in an evangelical Christian church Skills, Knowledge, & Experiences, preferred CISSP, GIAC, CCSK, CCSP certifications Familiarity with AWS Organizations Service Control Policies (SCP), Resource Control Policies (RCP), and Declarative Policies. Familiarity with infrastructure-as-code (Terraform, CloudFormation), Containers and Serverless functions. (2+ years)

Fiscal Year 2025-2026 Position Title Information Security Operations Analyst Classification Title Senior Programmer-Analyst Department Security Posting Number P250273 Posting Link ********************************************* Employer State Position Type Professional Appointment Term Term Salary Grade SL4 Posting Detail Information Position Summary The Information Security Office is looking for an Information Security Operations Analyst. The focus of this position is to ensure that the Incident Response/Analysis, Playbook Creation and Automation, and Project Management aspects of in the Information Security Office are running in consistent, professional, and progressive manners. This requires much documentation, detection and analysis, logistical coordination for mitigation, discussions with IT/other stakeholders and SMEs, and diligent and consistent follow-up. This is a campus-based position with the possibility of hybrid work. In this position you will: * Monitor security alerts and coordinate responses to cybersecurity incidents. * Analyze malicious activities and assess impact on university systems. * Identify vulnerabilities and recommend remediation strategies. * Develop and maintain security playbooks for incident handling, including scripting and automation response development. * Conduct threat intelligence research to enhance security defenses. * Work closely with IT teams and external partners during incident resolution. * Prepare detailed reports and documentation of security events. * Conduct post-incident reviews and recommend improvements. * Provide training and guidance on cybersecurity best practices. * Assist in the development of security policies and procedures. * Stay updated on the latest cybersecurity trends and technologies. Additional Information: It is a great time to join UB Information Technology (UBIT)! Our staff are highly skilled and motivated to succeed and have cutting-edge training and technical resources at their disposal. For more information about UBIT visit our website. All the duties and responsibilities listed above continue to occur in a 24×7 environment, therefore, working extended hours, holidays, or varied hours may be required. Learn More: * Our benefits, where we prioritize your well-being and success to enhance every aspect of your life * Being part of the University at Buffalo community University at Buffalo is an affirmative action/equal opportunity employer and, in keeping with our commitment, welcomes all to apply including veterans and individuals with disabilities. Minimum Qualifications * Bachelor's degree cybersecurity, computer science, information technology, or a related field with 3 years of experience in information security response with 1 year of experience specifically in information security principles. Equivalent combination of education and experience will be considered. * Strong understanding of security tools, SIEMs, incident response techniques, and project management experience. * Proven experience in incident response, digital or physical forensics, and cybersecurity operations. * Knowledge of regulatory compliance and security frameworks (NIST, ISO, CIS, etc.). * Applicants must be authorized to work in the United States on a full-time basis without visa sponsorship. Preferred Qualifications * Security certifications, such as: Security+, CC, CEH, etc. * Experience with cloud security and network security monitoring. Experience with firewalls, intrusion detection systems (IDS/IPS), SIEM, encryption tools, and vulnerability management tools. * Familiarity with programming or scripting for automation (Python, PowerShell, KQL, etc.) Physical Demands Salary Range $75,000-$100,000 Additional Salary Information The salary range reflects our good faith and reasonable estimate of the possible compensation at the time of posting, the role and associated responsibilities, and the experience, education, and training of the selected candidate. Job Type Full-Time Campus All Campuses Posting Alerts Special Instructions Summary Additional Information Is a background check required for this posting? No Background Check Notification Contact Information Contact's Name Kristin Benoodt Contact's Pronouns Contact's Title Assistant Director, Cyber Security Contact's Email ******************** Contact's Phone ************ Posting Dates Posted 12/17/2025 Deadline for Internal Applicants 12/31/2025 Deadline for External Applicants 01/15/2026 Date to be filled 03/12/2026 References Number of References Required 3 Reference Cutoff Date Instructions to Applicant By providing the names and e-mail addresses of my references, I hereby authorize either Human Resources or the applicable hiring department to contact my references via e-mail to request a reference letter on my behalf.

* Job Type: Officer of Administration * Bargaining Unit: * Regular/Temporary: Regular * End Date if Temporary: * Hours Per Week: 35 * Standard Work Schedule: * Building: * Salary Range: $140,0000 - $149,672 The salary of the finalist selected for this role will be set based on a variety of factors, including but not limited to departmental budgets, qualifications, experience, education, licenses, specialty, and training. The above hiring range represents the University's good faith and reasonable estimate of the range of possible compensation at the time of posting. Position Summary The Cloud Security Engineer will report to the Chief Information Security Officer. This security engineer will conduct reviews of complex information systems, platforms, and processes in accordance with established regulations and organizational standards. This candidate will be the lead Information Security principal responsible for ensuring that cloud infrastructure and applications are deployed with the highest level of security safeguarding CUIMC's vital cloud and mixed infrastructure environment. They will also assist with IT security operational tasks, incident response, deployment of managed systems, and drive process improvements through the effective use of deployed systems, especially between Security Operations and Information Security Risk Assessment, Networking, IT Help Desk, IT Stakeholders, and other business process owners. Responsibilities * ESSENTIAL FUNCTIONS * Coordinating and leading Cloud security analysis, investigations, and application deployments. 60% * Process improvement through the effective use of deployed systems MCAS, AWS Config, SEIM's, DLP. 20% * Support and engage Information Security Operations engineers on projects and security initiatives. 10% * Additional duties as assigned. 10% * Document and define baseline configurations necessary to ensure that cloud applications are instantiated with appropriate security standards in place. * Propose adequate authentication protocols, processes and components to support secure cloud application access. * Support security design and architecture by identifying and communicating complex cloud application design principles to relevant stakeholders. * Perform in-depth reviews to identify security gaps and validate overall security posture of third-party cloud applications. * Evaluate and propose add-on components essential to address cloud security requirements for institutional and regulatory compliance. * Identify security requirements for adequate logging and SecOps monitoring of cloud tools to support event alerting and metrics delivery for security improvements. * Create/develop in-house security tools to support automated compliance checking of cloud app security environments. * Lead and support as necessary investigations of cloud related security incidents. * Deploy and manage secure Cloud working environments for ISO operations. * Perform other related duties and responsibilities as assigned/requested. Minimum Qualifications * Bachelors Degree or equivalent in education and experience, plus four years of experience. Preferred Qualifications * Strong foundational knowledge of GCP, AWS, and Azure security principles and components, including SaaS, PaaS, IaaS infrastructures. * Strong knowledge and operational understanding of cloud security components such as CASB, cloud configuration templates, cloud resource monitoring, cloud access and authorization (SAML, OATH etc.). * Considerable exposure to cloud security frameworks, including cloud container security and application containerization. * Proficiency in programming and/or scripting, with particular emphasis on cloud-based languages (Python, .NET, Node.JS, Golang, Ruby, etc.). * Demonstrated experience with the capabilities and APIs of multiple major cloud providers (AWS, Google, Azure) * Ability to evaluate cloud security risks and recommend appropriate security controls. * Demonstrated experience in securing enterprise systems with a mix of cloud and on-prem environments. * Strong Knowledge of both network and system-level vectors of cloud-based attacks. * Proficiency in determining the root cause of security issues and a solid understanding of exploits and vulnerabilities. * Familiarity with web application security vulnerabilities, such as XSS, SQLi, CSRFs. * Good understanding of Microsoft enterprise environments and integration to secure applications and cloud systems. * Extensive experience in applying appropriate security principles in a dynamic environment that prevents unauthorized access to the network or parts of the network. * Knowledge of cryptography as it relates to application and network security. * Ability to prepare both executive and detailed reports on risk findings and status. Ability to develop remediation plans and guide departments with remediation strategy. Strong service commitment, and verbal, writing, and reporting skills. * High level of integrity, and sound judgment concerning security and privacy. * Good written and verbal communication skills. * Ability to understand and work with healthcare professionals, educators, researchers, students, and administrative staff. * Ability to work independently with minimal supervision as well as be creative and innovative at conducting a high volume of risk analyses while reporting accurate and relevant risks to the appropriate constituents. * Strong background information security practices with significant experience in a complex, multiplatform, higher education or healthcare IT environment. Other Requirements * Professional Cloud Security and Design training (CCSP, CCSK, PCSE). * Experience working in a HIPAA/HITECH/OMNIBUS-regulated environment. Functional knowledge of the HITRUST CSF based on practical working experiences and a functional knowledge of security standards such as HIPAA/HITECH, PCI-DSS, ISO 27001/2, NIST * Experience working in an academic medical center or hospital environment a plus. * Project planning or team lead experience. * GIAC Cloud certification (GCLD, GWEB, GPCS, GCSA, GCPN), any cloud platform certification (AWS, GCP, Google). Equal Opportunity Employer / Disability / Veteran Columbia University is committed to the hiring of qualified local residents.

Required Qualifications A Bachelor's degree and three (3) years professional experience OR a combination of education and experience totaling seven (7) years from which comparable knowledge and abilities are acquired. Preferred Qualifications Experience developing operational information security procedures and technical training materials. Demonstrated experience with working within formal project management frameworks. Experience with the Splunk application, to include developing searches, reports, and other automated routines. Experience with security reviews of firewall, file system, and other forms of access control lists. Experience with digital forensics software and processes. Demonstrated ability to appropriately prioritize multiple tasks, projects, or assignments. Expert knowledge of Windows, Linux, and Apple operating systems.

We are seeking an experienced Network Intrusion Detection Engineer to join our cybersecurity team. The ideal candidate must possess strong Linux engineering expertise with experience managing YAML configuration files, and how these configurations integrate and influence the Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS). Highly qualified candidates will have hands-on engineering and O&M experience with Suricata and/or other network-based IDS capabilities such as Snort, VectraAI, Corelight, etc. You will play a critical role in deploying, tuning, and maintaining the IDS within a complex enterprise IT environment, primarily running on Red Hat Enterprise Linux. What You'll Work On: · Designing, deploying, and maintaining IDS/IPS systems across a large enterprise with multiple networks. · Developing, reviewing, and optimizing YAML configuration files to ensure optimal detection capabilities and minimal false positives. · Understanding and managing the interaction between YAML configuration and its runtime engine, including rule loading, protocol decoding, and logging. · Tuning IDS/IPS for optimal performance with NICs, including configuring Direct Memory Access (DMA), RSS queues, interrupt coalescing, and leveraging any NIC-specific acceleration features. · Collaborating with security teams to integrate IDS/IPS with SIEM and other security monitoring platforms. · Troubleshooting installation and operational issues specific to IDS/IPS on Red Hat Enterprise Linux, addressing compatibility, kernel module requirements, SE-Linux policies, and performance tuning. · Identifying and mitigating common pitfalls encountered when deploying IDS/IPS in large-scale enterprise environments, including package dependencies, system resource constraints, and NIC driver/configuration issues. · Provide detailed documentation and runbooks for Suricata configuration, tuning NICs, and deployment processes. · Staying current with Platform IDS/IPS Software releases, NIC driver updates, and community best practices for network interface tuning and IDS/IPS performance enhancement. Basic Qualifications: · Proven experience working with Snort, Suricata, Corelight or other network IDS/IPS systems, including hands-on management of its YAML configuration files. · Strong knowledge of configuration structure, syntax, and how it controls detection rules, logging, and output modules. · Extensive experience administering Red Hat Enterprise Linux (RHEL) systems, including package management (yum/dnf), kernel module management, SE-Linux configuration, and system optimization via Unix CLI and other remote shell access vectors (pu TTY, SSH, etc.) · Hands-on experience tuning Suricata for high-performance packet capture with Napatech NICs or similar advanced network interface cards. · Familiarity with NIC-specific features such as DMA, Receive Side Scaling (RSS), interrupt moderation, and offload capabilities, and how to configure them for Suricata. · Experience troubleshooting Suricata's interaction with NIC drivers and kernel modules in an enterprise environment. · TS/SCI clearance with the ability to obtain a counter-intelligence polygraph. · Associate's degree and 5+ years of experience supporting IT projects and activities or Bachelor's degree and 3+ years of experience supporting IT projects and activities or Master's degree and 1+ years of experience supporting IT projects and activities. Years of experience may be accepted in lieu of degree. · DoD 8570 IAT Level II Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND Certification. · Ability to obtain a DoD 8570 Cyber Security Service Provider - Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification, within 60 days of start date. Additional Qualifications: · Experience with scripting languages (Bash, Python, YAML/Ansible, etc.) to automate Suricata configuration and deployment tasks. · Proficient understanding of network protocols, intrusion detection methodologies, and security event correlation. · Experience integrating Suricata with Splunk, or other SIEM solutions. · Knowledge of containerized deployments of Suricata (Docker/Kubernetes) in enterprise environments. · Detection and Response (NDR) solutions, including Trellix/FireEye, Corelight, Endace, Vectra AI, Dark Trace, Cisco Security Network Analytics, Open XDR, Fortinet FortiNDR, Trend Vision, etc. · Ability to be a self-starter, work without considerable direction, and work with a team. · Possession of excellent verbal and written communication skills, including client briefings and coordinating efforts

Work with an expert team focused on implementing and operating next generation security solutions for government and commercial clients. Perform hands-on evaluation, implementation, and operation of leading security Cyber defense tools and technologies. Apply in-depth defense strategies to large and complex networks to rapidly identify vulnerabilities and threats, prioritize response actions, and develop effective countermeasures. Apply thought leadership in a highly collaborative and innovative work environment to solve complex security challenges. You will join a team and engineer solutions to complex challenges for customers using your knowledge of network engineering, system administration and Active Directory. In this role, you'll closely impact mission success, protecting data and networks from malicious payloads and actors. With mentoring, challenging hands-on problem-solving, and opportunities to learn new tools and skills, we focus on growing as a team to make the best solutions for our customers. Basic Qualifications: · Experience architecting and designing IP networks, including developing and documenting network topologies · Experience with network engineering, including physical or logical, such as installation and activation of ports, configuration of switches, and LANS, VLANS, and network FW or appliances or network administration services, such as Active Directory, Guests LANS, and domain management · Knowledge of multi-domain architectures, including data center, WAN, and LAN in virtualized architectures · 1+ years of experience with performing systems administration Windows or Linux Administration, including performing basic troubleshooting and installation or configuration, monitoring system performance or availability, and performing security upgrades · TS/SCI clearance with the ability to obtain a counter-intelligence polygraph. · Associate's degree and 5+ years of experience supporting IT projects and activities, Bachelor's degree and 3+ years of experience supporting IT projects and activities, or Master's degree and 1+ year of experience supporting IT projects and activities. Years of experience may be accepted in lieu of degree. · DoD 8570 IAT Level II Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND Certification. · Ability to obtain a DoD 8570 Cybersecurity Service Provider - Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification, within 30 days of start date. Additional Qualifications: · Experience with deployment or daily maintenance of Forescout CounterACT appliances · Knowledge of federal information security policies, standards, procedures, directives, frameworks, federal security authorizations, assessment, and risk management processes for enterprise systems · Ability to install and deploy Forescout in a customer environment · Ability to integrate Cybersecurity data using enterprise or custom tools data aggregation and analysis tools, including Splunk · Ability to provide support in a Tier II IT operations and maintenance role, including ticket work information updates, issue responses, and remediation · Ability to be a self-starter, work without considerable direction, and work with a team · Possession of excellent verbal and written communication skills, including for coordinating efforts and establishing customer relations

We are seeking an experienced Network Intrusion Detection Engineer to join our cybersecurity team. The ideal candidate must possess strong Linux engineering expertise with experience managing YAML configuration files, and how these configurations integrate and influence the Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS). Highly qualified candidates will have hands-on engineering and O&M experience with Suricata and/or other network-based IDS capabilities such as Snort, VectraAI, Corelight, etc. You will play a critical role in deploying, tuning, and maintaining the IDS within a complex enterprise IT environment, primarily running on Red Hat Enterprise Linux. What You'll Work On: · Designing, deploying, and maintaining IDS/IPS systems across a large enterprise with multiple networks. · Developing, reviewing, and optimizing YAML configuration files to ensure optimal detection capabilities and minimal false positives. · Understanding and managing the interaction between YAML configuration and its runtime engine, including rule loading, protocol decoding, and logging. · Tuning IDS/IPS for optimal performance with NICs, including configuring Direct Memory Access (DMA), RSS queues, interrupt coalescing, and leveraging any NIC-specific acceleration features. · Collaborating with security teams to integrate IDS/IPS with SIEM and other security monitoring platforms. · Troubleshooting installation and operational issues specific to IDS/IPS on Red Hat Enterprise Linux, addressing compatibility, kernel module requirements, SE-Linux policies, and performance tuning. · Identifying and mitigating common pitfalls encountered when deploying IDS/IPS in large-scale enterprise environments, including package dependencies, system resource constraints, and NIC driver/configuration issues. · Provide detailed documentation and runbooks for Suricata configuration, tuning NICs, and deployment processes. · Staying current with Platform IDS/IPS Software releases, NIC driver updates, and community best practices for network interface tuning and IDS/IPS performance enhancement. Basic Qualifications: · Proven experience working with Snort, Suricata, Corelight or other network IDS/IPS systems, including hands-on management of its YAML configuration files. · Strong knowledge of configuration structure, syntax, and how it controls detection rules, logging, and output modules. · Extensive experience administering Red Hat Enterprise Linux (RHEL) systems, including package management (yum/dnf), kernel module management, SE-Linux configuration, and system optimization via Unix CLI and other remote shell access vectors (pu TTY, SSH, etc.) · Hands-on experience tuning Suricata for high-performance packet capture with Napatech NICs or similar advanced network interface cards. · Familiarity with NIC-specific features such as DMA, Receive Side Scaling (RSS), interrupt moderation, and offload capabilities, and how to configure them for Suricata. · Experience troubleshooting Suricata's interaction with NIC drivers and kernel modules in an enterprise environment. · TS/SCI clearance with the ability to obtain a counter-intelligence polygraph. · Associate's degree and 5+ years of experience supporting IT projects and activities or Bachelor's degree and 3+ years of experience supporting IT projects and activities or Master's degree and 1+ years of experience supporting IT projects and activities. Years of experience may be accepted in lieu of degree. · DoD 8570 IAT Level II Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND Certification. · Ability to obtain a DoD 8570 Cyber Security Service Provider - Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification, within 60 days of start date. Additional Qualifications: · Experience with scripting languages (Bash, Python, YAML/Ansible, etc.) to automate Suricata configuration and deployment tasks. · Proficient understanding of network protocols, intrusion detection methodologies, and security event correlation. · Experience integrating Suricata with Splunk, or other SIEM solutions. · Knowledge of containerized deployments of Suricata (Docker/Kubernetes) in enterprise environments. · Detection and Response (NDR) solutions, including Trellix/FireEye, Corelight, Endace, Vectra AI, Dark Trace, Cisco Security Network Analytics, Open XDR, Fortinet FortiNDR, Trend Vision, etc. · Ability to be a self-starter, work without considerable direction, and work with a team. · Possession of excellent verbal and written communication skills, including client briefings and coordinating efforts

REQUIRES AN ACTIVE, EXISTING TS/SCI WITH CI POLYGRAPH - NO REMOTE WORK, MUST WORK ON SITE We are seeking a highly skilled Arkime (formerly Moloch) Implementation & Sustainment Engineer to design, deploy, operate, and enhance our enterprise packet-capture and deep network visibility capability. The ideal candidate combines hands-on Arkime expertise with strong Zero Trust engineering principles to support threat detection, forensics, segmentation, and continuous monitoring across a complex, distributed environment. You will directly improve the organization's ability to detect threats early, respond faster, and understand network behavior at scale-ensuring that identity-driven, least-privilege policies are backed by deep telemetry and forensic depth This role will drive full lifecycle engineering-from architecture and deployment to tuning, integrations, sustainment, and long-term optimization-while partnering with cross-functional security, network, and platform teams. Key Responsibilities: · Architect, deploy, and configure Arkime clusters, capture nodes, viewer nodes, and storage subsystems. · Design packet capture strategies aligned to network topology, mission requirements, and Zero Trust monitoring needs. · Develop and automate deployment workflows using scripts, orchestration tools, and configuration management. · Integrate Arkime with SIEM, SOAR, EDR, and threat intel platforms to enrich detection and investigation workflows. · Conduct regular tuning of parsers, views, tags, and sessions to support detection engineering and threat hunting. · Perform version upgrades, patching, configuration changes, data lifecycle management, and log retention optimization. · Align Arkime data capture with Zero Trust Architecture (ZTA) telemetry requirements. · Support development of visibility baselines, identity-aware policies, and segmentation enforcement strategies. · Work with network engineering, cloud engineering, and security operations to ensure end-to-end telemetry coverage. · Develop dashboards, queries, workflows, and documentation for SOC, detection engineers, and incident responders. · Provide training, playbooks, and technical expertise to internal engineering and operations teams. Basic Qualifications: · 5+ years of experience in cybersecurity, network security engineering, or security operations. · Strong background in packet analysis, PCAP management, DPI technologies, and network protocols (TCP/IP, DNS, TLS, HTTP, etc.). · Familiarity with Suricata, Zeek, or other packet/flow analysis platforms.

Work with an expert team focused on implementing and operating next generation security solutions for government and commercial clients. Perform hands-on evaluation, implementation, and operation of leading security Cyber defense tools and technologies. Apply in-depth defense strategies to large and complex networks to rapidly identify vulnerabilities and threats, prioritize response actions, and develop effective countermeasures. Apply thought leadership in a highly collaborative and innovative work environment to solve complex security challenges. You will join a team and engineer solutions to complex challenges for customers using your knowledge of network engineering, system administration and Active Directory. In this role, you'll closely impact mission success, protecting data and networks from malicious payloads and actors. With mentoring, challenging hands-on problem-solving, and opportunities to learn new tools and skills, we focus on growing as a team to make the best solutions for our customers. Basic Qualifications: · Experience architecting and designing IP networks, including developing and documenting network topologies · Experience with network engineering, including physical or logical, such as installation and activation of ports, configuration of switches, and LANS, VLANS, and network FW or appliances or network administration services, such as Active Directory, Guests LANS, and domain management · Knowledge of multi-domain architectures, including data center, WAN, and LAN in virtualized architectures · 1+ years of experience with performing systems administration Windows or Linux Administration, including performing basic troubleshooting and installation or configuration, monitoring system performance or availability, and performing security upgrades · TS/SCI clearance with the ability to obtain a counter-intelligence polygraph. · Associate's degree and 5+ years of experience supporting IT projects and activities, Bachelor's degree and 3+ years of experience supporting IT projects and activities, or Master's degree and 1+ year of experience supporting IT projects and activities. Years of experience may be accepted in lieu of degree. · DoD 8570 IAT Level II Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND Certification. · Ability to obtain a DoD 8570 Cybersecurity Service Provider - Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification, within 30 days of start date. Additional Qualifications: · Experience with deployment or daily maintenance of Forescout CounterACT appliances · Knowledge of federal information security policies, standards, procedures, directives, frameworks, federal security authorizations, assessment, and risk management processes for enterprise systems · Ability to install and deploy Forescout in a customer environment · Ability to integrate Cybersecurity data using enterprise or custom tools data aggregation and analysis tools, including Splunk · Ability to provide support in a Tier II IT operations and maintenance role, including ticket work information updates, issue responses, and remediation · Ability to be a self-starter, work without considerable direction, and work with a team · Possession of excellent verbal and written communication skills, including for coordinating efforts and establishing customer relations

Level I Under general supervision of the College Security Director or designee, incumbents will be assigned to perform various campus duties of a specialized nature in one or more of the areas listed below. All incumbents perform related duties, including post-audit reviews to ascertain program effectiveness. Incumbents in this title, when assigned to specialization of campus physical security such as intrusion detection, photo identification, access control and the like, will provide oversight to the system design and specification activity as well as to the contract design, bidding and letting, and project management functions. Incumbents in this title, when assigned to security staff training and development, will conduct and provide oversight to campus in-service training programs, will coordinate campus participation in University-sponsored training programs, and will insure that all training related to licenses and certifications is current. * Serves as equipment specialist for CCTV, lighting, access control , fire alert, or other safety, alarm, or end of line surveillance systems; assisting in the formulation of college system designs; consulting with vendors; serving as liaison in the purchase, installation, maintenance, repair, and/or operation of such systems. * Serves as fire safety specialist and/or standpipe liaison: identifying college needs with regard to safety preparedness; assisting in the formulation of college personal safety programs such as emergency evacuation plans and fire safety plans; conducting staff safety training in internal operating procedures, use of fire extinguishers and other safety devices, etc. * Serves as locking specialist: assists in determining college needs for various types of physical plant security; researches and investigates new locking products, mechanisms, devices, and technologies; ascertains the capabilities of various locking systems in view of college needs for secure classrooms, storage vaults, laboratories, offices, learning centers, etc.; provides direction to the college lock shop, or equivalent. * Serves as physical security specialist in other designated area of college security and safety. * Serves as training and development specialist for security staff on campus: reviewing new areas or procedures, operations, and protocols; determining staff needs; identifying appropriate subject matter and training techniques; planning, scheduling and/or conducting programs; evaluating training effectiveness. Also serves as liaison to University-sponsored training and development programs. Also monitors staff licenses and certifications to determine status and assure correctness and validity. Also conducts roll-call training. Level II * Reporting to the College Security Director or designee, as part of the College public safety team, serves as the Fire Safety Director for the College responsible for developing, implementing and keeping current a Fire Safety Plan for all facilities; overseeing and staffing Fire command stations; providing liaison to the Fire Department during operations; and notifying building occupants and directing evacuation during fire or emergency. Additional duties will include: recruiting, training and supervising all Fire Safety personnel including Deputy Directors, Fire Brigade, Floor Wardens, Building Evacuation Supervisors, etc.; coordinating fire safety matters with OSHA Coordinator, Campus Facilities and Building and Grounds; conducting, supervising and evaluating fire drills; performing all inspections as required by law; and maintaining all pertinent records. Performs related work. * Reporting to the Deputy University Security Director or designee is responsible for coordinating and developing University wide security training for sworn and non-sworn personnel. Monitors and maintains required training and re-certification programs to ensure compliance with University and New York State Division of Criminal Justice Services (DCJS) guidelines. Provides liaison and support to the training and development coordinators and guidance on training assessment and evaluation process. Oversees the development, implementation and maintenance of a university wide training database and the maintenance of all records as required by law. Serves as principle coordinator for licensing requirements under NYPD Special Patrolman and NYS Security Guard Act. May supervise subordinate personnel. Performs related work. CONTRACT TITLE Campus Security Specialist FLSA Exempt CAMPUS SPECIFIC INFORMATION The Borough of Manhattan Community College (BMCC) is a vibrant, pluralistic learning community committed to students' intellectual and personal growth. The College bridges the economic and educational opportunity gap for students, more than half of whom are the first in their families to attend college. Working to strengthen a culture of care inside and outside the classroom, we share a passion for learning with students from around the world. Strategically located in downtown Manhattan, the College is in close proximity to the artistic communities of Tribeca and SoHo, the dynamic downtown financial district, and the center of New York City government at City Hall. BMCC prides itself on the diversity of our students. We are an inclusive community that promotes an atmosphere of mutual respect for each member's ethnicity, gender, age, disability, religion, political preference, sexual orientation, gender identity, and national origin, among other personal characteristics. BMCC's motto speaks to this shared sense of purpose and possibility: Start Here, Go Anywhere. We strive to increase degree completion, successful transfer, career achievement, and service and leadership within our community, New York City, and beyond. BMCC Office of Public Safety is seeking a Fire Life Safety Director to develop and maintain a comprehensive Fire Safety Plan for campus facilities. Reporting to the Director of Public Safety or their designee, this position oversees multiple campus locations and includes responsibilities such as leading fire command operations, collaborating with the Fire Department during emergency responses, and ensuring effective evacuation procedures. For a complete list of general duties, please refer to Campus Security Specialist Level II position description. MINIMUM QUALIFICATIONS Level I 1. Possession of a high school diploma, or equivalent and (a) Two (2) years as a CUNY Campus Public Safety Sergeant or, (b) Seven (7) years full-time experience in security, law enforcement, public safety, or a related field, or the equivalent experience in a technical field utilizing similar skills, competencies and/or equipment. 2. Possession of those special licenses, permits, or certificates as may be required by certification authorities in the field of specialization, to be specified in the job posting. Substitutions: 1. Possession of an associate degree, or the equivalent, from an accredited institution o higher education may substitute for two (2) years of required generic work experience. 2. Possession of a baccalaureate degree from and accredited institution of higher education may substitute for four (4) years of the required generic work experience. Note: All applicants must have no less than three (3) years progressively responsible duties directly related to the functional specialization of either physical security or security training and development. Level II In addition to the minimum qualification stated above, candidates for Level II must have one of the following: 1. Those serving as Fire Life and Safety Director must have two additional years of work experience in a position with fire safety management related duties and obtain all required certifications to serve as Fire Life and Safety Director (F-89 Certificate); 2. Those serving as a University Training and Development Coordinator must have two additional years of work experience in a position with oversight and/or coordination of security training and development related duties. At the discretion of the University Public Safety Director may be required to obtain/maintain Peace Officer Status and certification from DCJS as a Peace Officer instructor. Note: Persons serving in this title are subject to a satisfactory background investigation, which may include but is not limited to criminal history review, drug tests, driving record review, work history verification, reference checks, etc. Persons serving in this title are also subject to re-fingerprinting and re-investigation every five years. At the discretion of the college appointing officer, those CUNY employees appointed to this title from a CUNY Peace Officer position may be permitted to retain CUNY Peace Officer Status. Only those employees holding the position of College Security Specialist Level 2 are eligible for promotion to Assistant College Security Director. COMPENSATION New Hire: $73,732* Incumbent: $83,317 * This amount reflects a 13% salary suppression in effect for the first 24 months of employment only BENEFITS CUNY offers a comprehensive benefits package to employees and eligible dependents based on job title and classification. Employees are also offered pension and Tax-Deferred Savings Plans. Part-time employees must meet a weekly or semester work hour criteria to be eligible for health benefits. Health benefits are also extended to retirees who meet the eligibility criteria. HOW TO APPLY For full consideration, submit a cover letter and resume online via CUNY's web-based job system, addressing how your experience and credentials fulfill the responsibilities and qualifications outlined. The direct link to the job opening from external sources is: *********************************************************************************************************************************************************************************************** Current CUNY employees must apply through CUNYfirst Employee Self Service using your login credentials. After you login to CUNYfirst, navigate to job openings by following the path from the Main Menu: Employee Self Service ->Careers CLOSING DATE January 27, 2026 JOB SEARCH CATEGORY CUNY Job Posting: Support Staff EQUAL EMPLOYMENT OPPORTUNITY CUNY encourages people with disabilities, minorities, veterans and women to apply. At CUNY, Italian Americans are also included among our protected groups. Applicants and employees will not be discriminated against on the basis of any legally protected category, including sexual orientation or gender identity. EEO/AA/Vet/Disability Employer. Job ID 31553 Location Borough of Manhattan CC

Level I Under general supervision of the College Security Director or designee, incumbents will be assigned to perform various campus duties of a specialized nature in one or more of the areas listed below. All incumbents perform related duties, including post-audit reviews to ascertain program effectiveness. Incumbents in this title, when assigned to specialization of campus physical security such as intrusion detection, photo identification, access control and the like, will provide oversight to the system design and specification activity as well as to the contract design, bidding and letting, and project management functions. Incumbents in this title, when assigned to security staff training and development, will conduct and provide oversight to campus in-service training programs, will coordinate campus participation in University-sponsored training programs, and will insure that all training related to licenses and certifications is current. - Serves as equipment specialist for CCTV, lighting, access control , fire alert, or other safety, alarm, or end of line surveillance systems; assisting in the formulation of college system designs; consulting with vendors; serving as liaison in the purchase, installation, maintenance, repair, and/or operation of such systems. - Serves as fire safety specialist and/or standpipe liaison: identifying college needs with regard to safety preparedness; assisting in the formulation of college personal safety programs such as emergency evacuation plans and fire safety plans; conducting staff safety training in internal operating procedures, use of fire extinguishers and other safety devices, etc. - Serves as locking specialist: assists in determining college needs for various types of physical plant security; researches and investigates new locking products, mechanisms, devices, and technologies; ascertains the capabilities of various locking systems in view of college needs for secure classrooms, storage vaults, laboratories, offices, learning centers, etc.; provides direction to the college lock shop, or equivalent. - Serves as physical security specialist in other designated area of college security and safety. - Serves as training and development specialist for security staff on campus: reviewing new areas or procedures, operations, and protocols; determining staff needs; identifying appropriate subject matter and training techniques; planning, scheduling and/or conducting programs; evaluating training effectiveness. Also serves as liaison to University-sponsored training and development programs. Also monitors staff licenses and certifications to determine status and assure correctness and validity. Also conducts roll-call training. Level II - Reporting to the College Security Director or designee, as part of the College public safety team, serves as the Fire Safety Director for the College responsible for developing, implementing and keeping current a Fire Safety Plan for all facilities; overseeing and staffing Fire command stations; providing liaison to the Fire Department during operations; and notifying building occupants and directing evacuation during fire or emergency. Additional duties will include: recruiting, training and supervising all Fire Safety personnel including Deputy Directors, Fire Brigade, Floor Wardens, Building Evacuation Supervisors, etc.; coordinating fire safety matters with OSHA Coordinator, Campus Facilities and Building and Grounds; conducting, supervising and evaluating fire drills; performing all inspections as required by law; and maintaining all pertinent records. Performs related work. - Reporting to the Deputy University Security Director or designee is responsible for coordinating and developing University wide security training for sworn and non-sworn personnel. Monitors and maintains required training and re-certification programs to ensure compliance with University and New York State Division of Criminal Justice Services (DCJS) guidelines. Provides liaison and support to the training and development coordinators and guidance on training assessment and evaluation process. Oversees the development, implementation and maintenance of a university wide training database and the maintenance of all records as required by law. Serves as principle coordinator for licensing requirements under NYPD Special Patrolman and NYS Security Guard Act. May supervise subordinate personnel. Performs related work. **CONTRACT TITLE** Campus Security Specialist **FLSA** Exempt **CAMPUS SPECIFIC INFORMATION** The Borough of Manhattan Community College (BMCC) is a vibrant, pluralistic learning community committed to students' intellectual and personal growth. The College bridges the economic and educational opportunity gap for students, more than half of whom are the first in their families to attend college. Working to strengthen a culture of care inside and outside the classroom, we share a passion for learning with students from around the world. Strategically located in downtown Manhattan, the College is in close proximity to the artistic communities of Tribeca and SoHo, the dynamic downtown financial district, and the center of New York City government at City Hall. BMCC prides itself on the diversity of our students. We are an inclusive community that promotes an atmosphere of mutual respect for each member's ethnicity, gender, age, disability, religion, political preference, sexual orientation, gender identity, and national origin, among other personal characteristics. BMCC's motto speaks to this shared sense of purpose and possibility: Start Here, Go Anywhere. We strive to increase degree completion, successful transfer, career achievement, and service and leadership within our community, New York City, and beyond. BMCC Office of Public Safety is seeking a Fire Life Safety Director to develop and maintain a comprehensive Fire Safety Plan for campus facilities. Reporting to the Director of Public Safety or their designee, this position oversees multiple campus locations and includes responsibilities such as leading fire command operations, collaborating with the Fire Department during emergency responses, and ensuring effective evacuation procedures. For a complete list of general duties, please refer to **Campus Security Specialist Level II** position description. **MINIMUM QUALIFICATIONS** Level I 1. Possession of a high school diploma, or equivalent and (a) Two (2) years as a CUNY Campus Public Safety Sergeant or, (b) Seven (7) years full-time experience in security, law enforcement, public safety, or a related field, or the equivalent experience in a technical field utilizing similar skills, competencies and/or equipment. 2. Possession of those special licenses, permits, or certificates as may be required by certification authorities in the field of specialization, to be specified in the job posting. Substitutions: 1. Possession of an associate degree, or the equivalent, from an accredited institution o higher education may substitute for two (2) years of required generic work experience. 2. Possession of a baccalaureate degree from and accredited institution of higher education may substitute for four (4) years of the required generic work experience. Note: All applicants must have no less than three (3) years progressively responsible duties directly related to the functional specialization of either physical security or security training and development. Level II In addition to the minimum qualification stated above, candidates for Level II must have one of the following: 1. Those serving as Fire Life and Safety Director must have two additional years of work experience in a position with fire safety management related duties and obtain all required certifications to serve as Fire Life and Safety Director (F-89 Certificate); 2. Those serving as a University Training and Development Coordinator must have two additional years of work experience in a position with oversight and/or coordination of security training and development related duties. At the discretion of the University Public Safety Director may be required to obtain/maintain Peace Officer Status and certification from DCJS as a Peace Officer instructor. Note: Persons serving in this title are subject to a satisfactory background investigation, which may include but is not limited to criminal history review, drug tests, driving record review, work history verification, reference checks, etc. Persons serving in this title are also subject to re-fingerprinting and re-investigation every five years. At the discretion of the college appointing officer, those CUNY employees appointed to this title from a CUNY Peace Officer position may be permitted to retain CUNY Peace Officer Status. Only those employees holding the position of College Security Specialist Level 2 are eligible for promotion to Assistant College Security Director. **COMPENSATION** New Hire: $73,732* Incumbent: $83,317 *This amount reflects a 13% salary suppression in effect for the first 24 months of employment only **BENEFITS** CUNY offers a comprehensive benefits package to employees and eligible dependents based on job title and classification. Employees are also offered pension and Tax-Deferred Savings Plans. Part-time employees must meet a weekly or semester work hour criteria to be eligible for health benefits. Health benefits are also extended to retirees who meet the eligibility criteria. **HOW TO APPLY** For full consideration, submit a cover letter and resume online via CUNY's web-based job system, addressing how your experience and credentials fulfill the responsibilities and qualifications outlined. The direct link to the job opening from external sources is: *********************************************************************************************************************************************************************************************** Current CUNY employees must apply through CUNYfirst Employee Self Service using your login credentials. After you login to CUNYfirst, navigate to job openings by following the path from the Main Menu: Employee Self Service ->Careers **CLOSING DATE** January 27, 2026 **JOB SEARCH CATEGORY** CUNY Job Posting: Support Staff **EQUAL EMPLOYMENT OPPORTUNITY** CUNY encourages people with disabilities, minorities, veterans and women to apply. At CUNY, Italian Americans are also included among our protected groups. Applicants and employees will not be discriminated against on the basis of any legally protected category, including sexual orientation or gender identity. EEO/AA/Vet/Disability Employer. Job ID 31553 Location Borough of Manhattan CC

This position encompasses professional and responsible highly technical consultative and/or administrative work unique to the design and engineering of complex datacenters, networks and cloud deployments. Under administrative direction of a university IT manager, with broad latitude for independent action or decision, is responsible for the development of comprehensive infrastructure solutions. Engineer and operate mission critical infrastructure and be responsible for the access and protection of sensitive data, systems, and networks. May lead a team or participate in a team in planning, designing, implementing, and maintaining datacenter and cloud operations that includes the management of IT facilities, network, security, telecommunications, servers, storage, and virtualization components. There are three Levels of this title. Assignment Levels 2 and 3 may oversee multiple projects and supervise employees. This specification describes typical assignments for this title; related duties may be assigned as needed. To view the complete , go to**************************************************************************************** view the Job Description for IT Infrastructure Engineer. CONTRACT TITLE IT Infrastructure Engineer FLSA Non-exempt CAMPUS SPECIFIC INFORMATION New York City College of Technology (City Tech) of the City University of New York (CUNY) is a comprehensive college in downtown Brooklyn, offering associate and baccalaureate degree in technology and health related degree programs, other career-oriented degrees and liberal arts transfer degrees in its Schools of Arts and Sciences, Technology and Design, and Professional Studies. The Office of Computing Information Services at City Tech welcomes applications for an IT Infrastructure and Security Response Engineer. This position is in provisional status. Continued employment is contingent upon taking and passing a civil service examination when it is offered by CUNY. MINIMUM QUALIFICATIONS 1. A baccalaureate degree in computer science, engineering or a related field from an accredited college or university and five (5) years of satisfactory full-time experience in thedesign and engineering of complex datacenters, networks and/or cloud deployments; or 2. A baccalaureate degree from an accredited college or university and six (6) years of satisfactory full-time experience as described in "1" above; or 3. A high school diploma or its educational equivalent and ten (10) years of satisfactory full-time experience as described in "1" above; or 4. Education and/or experience which is equivalent to "1," "2" or "3" above. The following may substitute for some of the required experience required in "1," "2" or "3" above, as follows: College education (undergraduate credits) may substitute for up to four (4) years of the required experience in "3" above on the following basis: A. 30 to 59.9 semester credits substitute for 1 year of experience; or B. 60 to 89.9 semester credits substitute for 2 years of experience; or C. 90 to 119.9 semester credits substitute for 3 years of experience; or D. 120 or more semester credits substitute for 4 years of experience. Graduate credits in information technology, computer science or a related field may substitute for up to two (2) years of experience in "1" or "2" above on the following basis: A. 15 to 29.9 graduate credits substitute for 1 year of required experience; or B. 30 or more graduate credits substitute for 2 years of required experience. Each of the following validcurrent certification(s) may substitute for one (1) year of the required experience in "1," "2" or "3" above: A. Certified Information Systems Security Professional (CISSP) issued by ISC2; and/or B. Certified Scrum Product Owner (CSPO) issued by Scrum Alliance; and/or C. Cisco Certified Network Associate (CCNA) issued by Cisco; and/or D. Cisco Certified Network Professional (CCNP) issued by Cisco; and/or E. CompTIA Linux+ issued by CompTIA; and/or F. CompTIA Network+ issued by CompTIA; and/or G. Security+ issued by CompTIA; and/or H. IBM Certified Solution Architect - Cloud Pak for Data issued by IBM; and/or I. ITIL Foundation Certification issued by Axelos; and/or J. Juniper Networks Certified Internet Associate (JNCIA) issued by Juniper Networks; and/or K. Microsoft Certified: Azure Administrator Associate issued by Microsoft; and/or L. NetApp Certified Data Administrator (NCDA) issued by any authorized organization approved by NetApp; and/or M. NetApp Certified Storage Installation Engineer (NCSIE) issued by any authorized organization approved by NetApp; and/or N. NetApp Certified Storage Installation Engineer (NCSIE) issued by any authorized organization approved by NetApp; and/or O. Oracle Cloud Infrastructure Architect Professional Certification issued by Oracle; and/or P. Red Hat Certified Engineer (RHCE) issued by Red Hat; and/or Q. VMware Certified Professional (VCP) issued by VMware. However, all candidates must have a high school diploma or its educational equivalent and at least three (3) years of experience as described in "1" above. Assignment Level II or III Level II: After meeting the Qualification Requirements above, an additional two (2) years of satisfactory full-time experience in thedesign and engineering of complex datacenters, networks and/or cloud deployments is required for Level II. Level III: After meeting the Qualification Requirements aboveandthe Level II requirements, an additional two (2) years of satisfactory full-time experience in thedesign and engineering of complex datacenters, networks and/or cloud deployments is required for Level III (for a total of 4 years of experience above the Qualification Requirements). English Language Proficiency : Demonstrated English language proficiency, including ability to speak, read, write, and understand English well enough to meet minimally acceptable performance standards set for job duties. Motor Vehicle Driver License : A Motor Vehicle Driver license, valid in New York State, may be required for some, but not all positions. Note: CUNY considers full-time work to be at least 35 hours per week. Part-time experience of at least 20 hours per week may be prorated by half and credited instead of,but not in addition to, full-time experience during the same period (e.g., two months of related work experience at 20-34 hours per week equates to one month of full-time related work experience.) Part-time experience of fewer than 20 hours per week cannot be credited at all. COMPENSATION $105,827 BENEFITS CUNY offers a comprehensive benefits package to employees and eligible dependents based on job title and classification. Employees are also offered pension and Tax-Deferred Savings Plans. Part-time employees must meet a weekly or semester work hour criteria to be eligible for health benefits. Health benefits are also extended to retirees who meet the eligibility criteria. HOW TO APPLY From our job posting system, select "Apply Now", create or log in to a user account, and provide the requested information. If you are viewing this posting from outside our system, access the employment page on our web site and search for this vacancy using the Job ID or Title. Select "Apply Now" and provide the requested information. Candidates should provide a resume and cover letter. CLOSING DATE Open until filled with review of resumes to begin on or after February 6, 2025. JOB SEARCH CATEGORY CUNY Job Posting: Information Technology/Technical EQUAL EMPLOYMENT OPPORTUNITY CUNY encourages people with disabilities, minorities, veterans and women to apply. At CUNY, Italian Americans are also included among our protected groups. Applicants and employees will not be discriminated against on the basis of any legally protected category, including sexual orientation or gender identity. EEO/AA/Vet/Disability Employer. Job ID 29704 Location NYC College of Technology

Qualifications Bachelor's degree required. Minimum five years of full-time professional experience in information technology, including evidence of successful and progressively responsible roles in information security or related area (including growth in levels of responsibility, complexity of work, numbers, and sophistication of employees) related to the essential responsibilities listed. Demonstrated fluency in written and spoken English with the sophistication necessary to effectively communicate technical details to both technical and non-technical individuals. Demonstrated willingness and ability to carry out the essential responsibilities listed with humility, grace, and optimism. Demonstrated understanding of, sensitivity to, and respect for the academic, cultural, and social diversity in the Hofstra University community. Preferred Qualifications Advanced degree in computer science, computer engineering, information security, or related field strongly preferred. One or more relevant professional certifications (e.g., CISSP , CISM /A, etc.) strongly preferred. Experience with state and federal information security regulatory requirements ( GLBA , FERPA , HIPAA , etc.) and other compliance requirements ( PCI , etc.). Knowledge of and experience applying industry-standard IT security frameworks ( NIST , IHECF , etc.). Significant experience in computing and information security, network security issues, and security incident response and recovery in a higher education environment. Significant experience in communicating information security principles and concepts to non-technical stakeholders, and success in improving cybersecurity awareness in a higher education environment. Working knowledge of the information security policy and regulatory environment of information security, particularly in higher education. Demonstrated experience and success in advising and collaborating with key stakeholders relevant to the essential responsibilities listed, including senior leadership, Internal Audit, outside auditors, and consultants. Professional experience in a leadership role in a higher education institution.