Assistant Director for Information Technology Security
SUNY Broome Community College is a comprehensive community college located in the scenic Southern Tier of New York. The College has over 12,000 students annually, and services over 6,500 students per semester in Liberal Arts, Business & Professional Studies, Health Sciences, and Science, Technology, Engineering, and Mathematics (STEM) programs. An additional 5,500 students are served through the College’s community education and non-credit programs.
SUNY Broome is seeking a full-time, on-site Assistant Director for Information Technology Security. This position will report to the Chief Information Officer (CIO) and Director of Information Technology Services (ITS). The incumbent is responsible for providing the digital security of the college’s systems, services, and related hardware. They will examine the college’s security plans and procedures and do a detailed check to find any lapses in the organization or vendor security systems. Additionally, they are required to expect future faults which might come up as a disaster for internal systems.
The Assistant Director for Information Technology Security is responsible for keeping the CIO and Director informed of all malicious activity and for producing reports that assess the effectiveness of the security strategies in place. The incumbent makes all required changes to ensure the ultimate security of network, systems, services, and data. The Assistant Director for Information Technology Security will also lead a public awareness campaign, simulated exercises, and a training program using KnowBe4 to teach faculty, staff, and students about identity protection and proper security procedures and will supervise area staff responsible for the support of IT Security.
Responsibilities include but are not limited to:
- Administers Sophos anti-virus and EDR software, configure antivirus policies, continuously monitor, triage and respond to alerts, reports on device compliance.
- Assists the CIO and Director with developing information security policies, procedures, standards, and guidelines based on knowledge of best practices and compliance requirements. Stays up to date on security compliance requirements.
- Provides supervision to Technical Assistants and other staff working with IT Security
- Creates, manages, and maintains user security awareness, provides education on security related matters including annual training campaigns, monthly phishing simulations and ad-hoc security awareness training materials on current threats.
- Administer campus multi-factor authentication solutions implemented on campus portal for SSO, as well as MFA solutions on the SSL VPN, email and high-risk information systems.
- Assist network administrators with the secure network design and architecture, including VLAN segmentation to enforce the principle of least privilege
- Regularly performs vulnerability scans, mitigation and remediation using vulnerability scanning tools such as Nessus, Alert Logic and Nmap. Assist external and internal pen-testers on an annual basis. Creates vulnerability reports and communicate risk to stakeholders.
- Administer and manage Fortinet NGFW. Configure campus firewall policies, perform risk assessment and change control management on firewall policy changes, work with external firewall consultants at SUNY to implement security controls and best practices.
- Investigates suspicious activity, triages security events and responds to internal security event reports. Leads the response team for information security incidents, including conducting the initial investigation to determine the type and scale of the incident.
- Administer and manage PDQ Inventory and Deploy software for asset and application management. Provide training and oversight to TAs on the use and management of this software.
Bachelor’s degree with specialization in Computer Science, Information Technology, Cyber Security, or a related field, required. Additional training, education, and/or certification in the applicable area preferred, i.e. SSCP, CCSP, CYSA+
The equivalent of five (5) years of full-time experience working in Information Technology, required. One (1) year of supervisory and/or leadership experience required. Experience working within information technology and/or computer and network security in an academic environment, preferred. Three years of experience with endpoint security application management, preferred.
The minimum salary rate for this position is $67,575.
Offers of employment will be conditional based upon the results of a satisfactory, required pre-employment Standard Background Check.
SUNY Broome Community College is an affirmative action and equal opportunity employer with a strong commitment to enhancing the diversity and inclusion of the campus community and curriculum. The institution is committed to promoting an environment of equity, inclusion, and respect for others. SUNY BCC is committed to the diversity of its community. Women, minorities, veterans, individuals with disabilities, and members of underrepresented groups are encouraged to apply.
Affirmative Action/Equal Opportunity Employer
For full consideration, application materials must be received no later than Friday, February 16, 2024. SUNY Broome will continue to review applications until this position is filled. Please submit a letter of interest, resume, and the name, address, and phone number of three (3) references to: