"Alerted.org

IT Security Specialist Level 1 Provisional

GENERAL DUTIES

This position encompasses professional and responsible technical consultative and/or administrative work. Under administrative direction of a university IT manager, with broad latitude of independent action or decision, serves as subject matter expert on IT security, identity, and access infrastructure; provides IT security architectural guidance; designs security solutions; conducts IT risk assessments and recommended mitigating solutions.

There are three (3) Assignment Levels within this classification. All personnel perform related work. Assignment Levels 2 and 3 may supervise staff. This specification describes typical assignments; related duties may be assigned as needed.

Assignment Level I

Monitors industry developments through multiple sources; consults with vendors.

Ensures compliance with university security policies and standards.

Oversees security testing plan including routine penetration testing, security controls assessments, and third-party cybersecurity engagements.

Recommends updates and improvements to university security policies and standards.

Identifies probable system exposure, compromise, problems, or design flaws and escalates issues to upper management to limit serious performance impact.

Defines, manages, and monitors data security, confidentiality, integrity, and availability.

Sets up, overs, and maintains security devices, as well as creates guidelines for identifying, reporting, and addressing computer security incidents (e.g., Security Device Management and Incident Response).

Monitors developments regarding various IT architectural platforms, including hardware, software and network communication components, operating systems, LDAP, server networking, basic load-balancing, DNS, certificate management, and HTTPS.

Reviews and analyzes design documentation to ensure appropriate security controls are in place.

Collaborates with application development, network, server, database, and storage teams regarding IT security aspects of new technologies, services, and system requirements.

Plans, defines and maintains policies, standards, configurations, and operating procedures and guidelines regarding IT security, identity, and access management in a moderate environment.

IT Security Specialist (05603) 2 of 6 Analyzes, designs, implements, tests, troubleshoots, integrates, documents, and configures moderate IT security infrastructure in coordination with others, to maximize performance and capacity. Plans, initiates and applies new moderate security infrastructure architecture or design changes.

Provides security design assistance on moderately complex new products and internally developed projects.

Assists in the development and review of moderately complex technical specifications for the procurement of various IT security systems and services, including the evaluation of vendor submissions solicited via bids, requests for information and proposals.

Participates as a team member in planning, designing, implementing, and maintaining highly secure application architecture solutions that includes network devices, servers, storage, cloud, and virtualization technologies. Participates as a team member in planning, designing, implementing, and maintaining identity and access management services that include directory services, identity integrators/connectors, authentication services, web single sign-on and federation services, role and group management and delegated administration services.

Serves as subject matter resource regarding security design of applications, networks, servers, storage and virtualization, directory services, identity connectors, authentication, web single sign-on and federation, and application servers providing delegated administration, role management, and web services.

Performs, manages and documents structured security assessment plans of moderately complex applications and infrastructure.

Assignment Level II –

In addition to Assignment Level I tasks, performs the following tasks:

Plans, defines and maintains policies, standards, configuration and operating procedures and guidelines regarding IT security, identity, and access in a complex environment.

Analyzes, designs, implements, tests, troubleshoots, integrates, documents, and configures complex IT security infrastructure in coordination with others, to maximize performance and capacity.

Plans, initiates and applies new complex security infrastructure architecture or design change.

Provides security design assistance on new products and internally developed projects.

Assists in the development and review of complex technical specifications for the procurement of various IT security systems and services, including the evaluation of vendor submissions solicited via bids, requests for information and proposals.

Leads or participates in a team in planning, designing, implementing, and maintaining highly secure application architecture solutions that includes network devices, servers, storage, and virtualization technologies.

Leads or participates in a team in planning, designing, implementing, and maintaining identity and access management services that include directory services, identity IT Security Specialist (05603) 3 of 6 integrators/connectors, authentication services, web single sign-on and federation services, role and group management and delegated administration services.

Reviews and analyzes design and/or accreditation documentation to ensure appropriate security controls are in place.

Performs security assessments of complex applications and infrastructure.

Consults with university executives to provide IT Security policy guidance. Provides training, conducts new hire orientations, and produces ongoing monthly security awareness newsletters. Serves as subject matter expert regarding security design of complex applications, networks, servers, storage and virtualization, directory services, identity connectors, authentication, web single sign-on and federation, and application servers providing delegated administration, role management, and web services.

Assignment Level III – In addition to Assignment Level I and Assignment Level II tasks, performs the following tasks:

Plans, defines and maintains policies, standards, configuration and operating procedures and guidelines regarding IT security, identity, and access in a complex enterprise scale environment.

Analyzes, designs, implements, tests, troubleshoots, integrates, documents, and configures complex, enterprise scale IT security infrastructure in coordination with others, to maximize performance and capacity.

Plans, initiates and applies new complex, enterprise scale security infrastructure architecture or design changes.

Provides security design assistance on complex, enterprise scale new products and internally developed projects.

Leads or participates in a team in planning, designing, implementing, and maintaining highly secure, enterprise scale application architecture solutions that includes network devices, servers, storage, and virtualization technologies.

Leads or participates in a team in planning, designing, implementing, and maintaining complex, enterprise identity and access management services that include directory services, identity integrators/connectors, authentication services, web single sign-on and federation services, role and group management and delegated administration services.

Serves as subject matter expert regarding security design of enterprise scale applications, networks, servers, storage and virtualization, directory services, identity connectors, authentication, web single sign-on and federation, and application servers providing delegated administration, role management, and web services. Reviews and analyzes design and/or accreditation documentation to ensure appropriate security controls are in place.

Performs security assessments of complex, enterprise scale applications and infrastructure. Consults with senior university executives to provide IT Security policy guidance.

CONTRACT TITLE

IT Security Specialist

FLSA

Non-exempt

CAMPUS SPECIFIC INFORMATION

Key responsibilities include, but are not limited to, the following:

• Assist in explaining relevant security procedures to staff and students.

• Participate in the annual Cybersecurity Awareness Month.

• Monitor relevant security programs and implement solutions to reduce or mitigate alerts before they become incidents.

• Investigate security threats as they occur.

• Install and maintain security software to protect data systems.

• Respond to data breaches and malicious malware attacks.

• Research the latest in information technology security trends to keep up to date with the subject and use the latest technology to protect information.

• Make recommendations about potential security advancements.

• Assist in developing, implementing and maintaining a security plan.

MINIMUM QUALIFICATIONS

1.** A baccalaureate degree in computer science, engineering or a related field from an accredited college or university **and** five (5) years of satisfactory full-time experience providing IT security architectural guidance, designing security solutions, and/or conducting IT risk assessments and recommended mitigating solutions; **or

2.** A baccalaureate degree from an accredited college or university **and** six (6) years of satisfactory full-time experience as described in “1” above; **or

3.** A high school diploma or its educational equivalent **and** ten (10) years of satisfactory full-time experience as described in “1” above; **or

**4.** Education and/or experience which is equivalent to "1," "2" or "3" above. The following may substitute for some of the required experience required in "1," "2" or "3" above, as follows:

College education (undergraduate credits) may substitute for up to four (4) years of the required experience in "3" above on the following basis:

**D.** 120 or more semester credits substitute for 4 years of experience.

Graduate credits in information technology, computer science or a related field may substitute for up to two (2) years of experience in "1" or "2" above on the following basis:

**B.** 30 or more graduate credits substitute for 2 years of required experience.

Each of the following certifications may substitute for one (1) year of the required experience in "1," "2" or "3" above:

**G.** Certified Cloud Security Professional (CCSP) issued by ISC2.

However, all candidates must have a high school diploma or its educational equivalent and at least three (3) years of experience as described in “1” above.

Assignment Level II or III** **:

**Level II:** After meeting the Qualification Requirements above, an additional two (2) years of satisfactory full-time experience providing IT security architectural guidance, designing security solutions, and/or conducting IT risk assessments and recommended mitigating solutions is required for Level II.

**Level III:** After meeting the Qualification Requirements above and the Level II requirements, an additional two (2) years of satisfactory full-time experience providing IT security architectural guidance, designing security solutions, and/or conducting IT risk assessments and recommended mitigating solutions is required for Level III (for a total of 4 years of experience above the Qualification Requirements).

**English Language Proficiency** **:** Demonstrated English language proficiency, including ability to speak, read, write, and understand English well enough to meet minimally acceptable performance standards set for job duties.

**Motor Vehicle Driver License** **:** A Motor Vehicle Driver license, valid in New York State, may be required for some, but not all positions.

**Note:** CUNY considers full-time work to be at least 35 hours per week. Part-time experience of at least 20 hours per week may be prorated by half and credited instead of,but not in addition to, full-time experience during the same period (e.g., two months of related work experience at 20-34 hours per week equates to one month of full-time related work experience.) Part-time experience of fewer than 20 hours per week **cannot** be credited at all.

COMPENSATION

For appointments expected to start on or before8/31/2025:

Salary commensurate with education and experience: $104,304

CUNY offers a comprehensive benefits package to employees and eligible dependents based on job title and classification. Employees are also offered pension and Tax-Deferred Savings Plans. Part-time employees must meet a weekly or semester work hour criteria to be eligible for health benefits. Health benefits are also extended to retirees who meet the eligibility criteria.

HOW TO APPLY

If you are viewing this job posting on any website other than CUNYfirst, please follow the instructions below:

Go to cuny.jobs

In the box under "job title/ keyword", enter "30424"

Click on "IT Security Specialist Level 1 Provisional "

Click on the "Apply Now" button and follow the instructions.

Please note that the candidates must upload a cover letter describing related qualifications and experience, resume/Curriculum Vitae, and the name and contact information of three (3) professional references as ONE DOCUMENT in any of the following formats: .doc, .docx, or .pdf format.

**Please use a simple name for the document that you uploaded, for example: JDoeResume. Documents with long names cannot be parsed by the application system.

CLOSING DATE

8/18/2025

JOB SEARCH CATEGORY

CUNY Job Posting: Information Technology/Technical

EQUAL EMPLOYMENT OPPORTUNITY

CUNY encourages people with disabilities, minorities, veterans and women to apply. At CUNY, Italian Americans are also included among our protected groups. Applicants and employees will not be discriminated against on the basis of any legally protected category, including sexual orientation or gender identity. EEO/AA/Vet/Disability Employer.

Job ID

30424

Location

Queens College