IT Senior Associate, Level 1 (Temporary to Permanent) **GENERAL DUTIES** I.T. Senior Associates perform highly complex professional work in technology-related disciplines. While areas of specialization vary, typically I.T. Senior Associates perform a range of work in development/programming, communications, technical support, or similar functions depending on the needs of the Information Technology area to which they report. Work tasks include diagnosing, evaluating, overseeing and resolving highly complex projects. They have wide latitude for independent initiative and judgment and may serve in lead roles on complex programs or projects, and/or serve as a direct supervisor of a unit or group. I.T. Senior Associates should demonstrate mastery of one or more technology-related disciplines, decision-making ability in situations related to those disciplines, and be able to serve as a resource in these areas. They may contribute to decisions on I.T. policies and technical standards. This job is in CUNY's Classified Civil Service. The full specification is available on our web site at http://www.cuny.edu/about/administration/offices/ohrm/hros/classification/ccsjobs.html **CONTRACT TITLE** IT Senior Associate **FLSA** Exempt **CAMPUS SPECIFIC INFORMATION** The City College of New York (CCNY) is the founding institution of the City University of New York (CUNY) and comprises outstanding programs in architecture, engineering, medicine, and the liberal arts and sciences. Annually, CCNY serves over 16,000 undergraduate and graduate students. Leading CUNY in funded research, CCNY hosts several research centers, including two new advanced research centers. CCNY’s Office of Information Technology (OIT) is a vital component of the college's operation and is responsible for software applications, hardware support, telecommunications, media services, network infrastructure, instructional technologies, and information security. The OIT is committed to collaborating with the college community to provide excellent information technology products and services. Under the general supervision of the Deputy CIO & CISO, exercising independent initiative and judgment, the Information Security Manager will manage the City College of New York (CCNY) Office of Information Technology (OIT) Security Team and may manage other infrastructure groups. He or she will design, coordinate, and implement technical and procedural security initiatives. He or she will develop, analyze, and refine the College’s information security protocols and technologies; maintain the College’s information security infrastructure; ensure effective responses to information security threats and incidents; develop long-range goals for strategic IT security plans; maintain up-to-date knowledge of regulations governing security initiatives in academia and health care; conduct security monitoring, assessments, and audits; and promote awareness of information security best practices to the college community. The Information Security Manager is expected to take a hands-on approach, leading proactive vulnerability assessments and the implementation of effective procedures and technical safeguards to mitigate information security risks. She or he will also supervise IT Associates and other junior members of the IT Security team.In fulfilling their duties, they will collaborate with other OIT units, including Networking, Telecommunications, IT Operations, User and Instructional Support Services, Application Development, and Business Services. She or he will also confer with college executives, faculty, staff, students, and contractors on information security related matters and special projects. **The successful candidate will be expected to:** + Lead and manage the campus information security efforts by establishing proactive and preventative cybersecurity measures, including securing network and computer environments and coordinating vulnerability assessments and remediation. + Lead and manage the campus program for security incident response, reviewing and ensuring that alerts from security platforms are addressed in a timely fashion + Monitor campus security operations platforms such as IPS/IDS, firewalls, VPN, perimeter switching/routing, endpoint protection, system monitoring logs, and other security appliances and platforms to strengthen defenses and optimize campus security + Lead, develop, and train the Information Security Office staff and coordinate desktop support analysts and systems administrators in adopting and enforcing logistical information security measures + Lead, develop and implement a continuous regiment of vulnerability scans and penetration tests and adopt measures to address security deficiencies effectively andto optimize threat detection + Participate and provide input on the configuration of network and systems security architecture, procedures and technologies (e.g. IPS/IDS, firewalls, server/host protection, network access control, and encryption) and provide ongoing recommendations for achieving optimal security and performance + Collaborate to develop strategies foraccess controls necessary to protect network perimeter, host systems,software applications, sensitive datain accordance with security requirements (e.g. FERPA, HIPAA, PCI-DSS privacy requirements and university data retention and destruction policies) + Participate and provide input on secure college-wide identity management and access controls technologies, including password management, directory services, single sign-on, two-factor authentication, PIN management, digital signatures, smart cards, biometrics, PeopleSoft security access provisioning, etc. + Develop and promote effective information security awareness training and educational resources for the college community + Orchestrate IT Security-related projects from inception through implementation to ensure timely and effective completion in compliance with established security protocols and best practices + Design, implement, manage, and document a comprehensive strategic information security and IT risk management program that ensures to mitigation system vulnerabilities and reduces attack surface vectors identified through risk assessment and threat modeling + In collaboration with college executives and IT managerial staff, generate semester security compliance attestation report documenting security risks and recommendations + Review, recommend, and draft policies, procedures, and standards in accordance with overall university policy and evolving industry best practices + Participate in university information security meetings and lead internal Information Security Task Force, which is comprised of IT managers and the Information Security Office + Perform other duties as assigned **Please be sure to file for the CUNY IT Senior Associate open competitive exam by May 15, 2025 if you're not currently working at the CUNY City College in an IT title.** To obtain permanency in the position, you must be reachable on the CUNY IT Senior Associate list. **MINIMUM QUALIFICATIONS** 1. High School Diploma, G.E.D., or equivalent 2. An equivalent of ten years of experience post-high school that can be met by one of the following: ten years of full-time work experience in a computer or technology related position; an Associate's degree plus eight years of full-time work experience in a computer or technology-related position; or a Bachelor's degree from an accredited institution plus six years of full-time work experience in a computer or technology-related position 3. Demonstrated English Language proficiency 4. A Motor Vehicle Driver's license, valid in New York State, may be required for some, but not all positions. This title has three levels. In addition to the minimum qualifications above, To qualify for Levels 2 and 3, additional qualifications, such as education, experience, or certification relevant to the area of specialization are required. **OTHER QUALIFICATIONS** Only candidates who apply for and pass the exam for IT Senior Associate, Exam Numbers 2085 and / or 2086, may be considered for the position. + At least six (6) years of experience in information security + Familiarity with Palo Alto next-generation firewalls, Cisco VPN and switches, and Cortex endpoint protection in an enterprise environment + Experience with enterprise systems administration, including Microsoft, Apple, and Linux/Unix operation systems, and Public/Private cloud platforms (i.e. AWS, Azure, Google Cloud Platform) + Experience using coding, scripting, database queries, and developer and security tools (e.g., Git, BitBucket, Hive, Swarm, etc.) + Familiarity designing, configuring, and integrating network and systems security, including VPN, log analyzers, intrusion detection, intrusion prevention, firewalls, web application firewalls, network access control, and enterprise endpoint security solutions + Familiarity with network protocols (TCP/UDP, DNS, HTTP/HTTP$, SSH, FTP, etc.) + Knowledge and understanding of relevant legal and regulatory requirements, including the Family Educational Rights and Privacy Act (FERPA), the Health Insurance Portability and Accountability Act (HIPAA), and the Payment Card Industry/Data Security Standard + Strong interpersonal communication and writing skills + Excellent organizational skills and attention to detail + Experience supervising technical staff Information security and/or information technology certifications (CISSP, Security+, CCSP, CISA, CISM) is a plus IMPORTANT NOTE: Only applicants who applied for and passed the written test for IT Senior Associate (OC), Exam #2086, will be considered. All candidates must provide proof of passing the examination for IT Senior Associate (OC), Exam #2086 IMPORTANT NOTE: Only applicants who applied for and passed the written test for IT Senior Associate (Promotional), Exam #2085, will be considered. All candidates must provide proof of passing the examination for IT Senior Associate Promotional, Exam #2085 The selected candidate will be appointed as a temporary employee. Within 2 months of the establishment of the IT Senior Associate (OC), Exam #2086 and IT Senior Associate Promotional, Exam #2085, eligible list, the candidate must be reachable on the eligible list to be appointed as a probable permanent IT Senior Associate. If the selected candidate is not reachable within 2 months of list establishment, the candidate’s appointment will be terminated. Candidates who have not passed the written test for IT Senior Associate (OC), Exam #2086 and IT Senior Associate (Promotional) Exam #2085, will not be considered. **COMPENSATION** $104,304. CUNY's benefits contribute significantly to total compensation, supporting health and wellness, financial well-being, and professional development. We offer a range of health plans, competitive retirement/pension benefits and savings plans, tuition waivers for CUNY graduate study and generous paid time off. Our staff also benefits from the extensive academic, arts, and athletic programs on our campuses and the opportunity to participate in a lively, diverse academic community in one of the greatest cities in the world. **BENEFITS** CUNY offers a comprehensive benefits package to employees and eligible dependents based on job title and classification. Employees are also offered pension and Tax-Deferred Savings Plans. Part-time employees must meet a weekly or semester work hour criteria to be eligible for health benefits. Health benefits are also extended to retirees who meet the eligibility criteria. **HOW TO APPLY** If you are viewing this job posting in CUNYfirst, please click on "Apply Now" on the bottom of this page and follow the instructions. If you are viewing this job posting externally, please apply as follows: Go to www.cuny.edu and click on "Employment" Click "Search job listings "Click on "More options to search for CUNY jobs" Search for Job Opening ID number: 30086 Click on the "Apply Now" button and follow the instructions. PLEASE NOTE THAT YOU MUST UPLOAD A COVER LETTER AND RESUME AS ONE DOCUMENT IN ANY OF THE FOLLOWING FORMATS: doc, .docx, .pdf, .rtf, or text format. **CLOSING DATE** April 23, 2025. **JOB SEARCH CATEGORY** CUNY Job Posting: Information Technology/Technical **EQUAL EMPLOYMENT OPPORTUNITY** CUNY encourages people with disabilities, minorities, veterans and women to apply. At CUNY, Italian Americans are also included among our protected groups. Applicants and employees will not be discriminated against on the basis of any legally protected category, including sexual orientation or gender identity. EEO/AA/Vet/Disability Employer. Job ID 30086 Location City College of New York