Information Security Director
About Fashion Institute of Technology:
The Fashion Institute of Technology (FIT), an internationally renowned college of art and design, business and technology, of the State University of New York, invites nominations and applications for a Information Security Director.
Under the direct supervision of the AVP/CISO, the Information Security Director will support FIT's information security program. The position is a hands-on role with the primary focus being on maintaining the confidentiality and integrity of the institution's information and systems through effective security policies, procedures, and practices designed to address the Information Security threats facing FIT. The focus will be working with the FIT IT team on the security aspects of application development and infrastructure projects, but there will be some involvement with the larger FIT community in the areas of policy development and security awareness.
Core Functions / Responsibilities
The Information Security Manager will collaborate with various stakeholders to perform the following responsibilities:
- Participate in building a security program whose elements are targeted at information threats facing FIT.
- Manage the implementation of information security technologies and access controls to protect the integrity and confidentiality of FIT information, systems, and infrastructure.
- Oversee the design and implementation of information security infrastructure to monitor the organization's network and information systems for detection and prevention of unauthorized use and access.
- Support implementation and operation of a Security Operations Center, which will probably be purchased as a service.
- Manage the implementation of security platforms and systems, including installation, configuration and maintenance of security software.
- Assess and address security threats from emerging technologies and/or services.
- Manage a program of application assessment, defect tracking, and remediation.
- Support and participate in the information security incident response program
- Be a subject matter expert to the FIT community on information security and the areas of risk at FIT.
- Evaluate, identify and report on information security risks for new and existing applications and services and suggest risk mitigation strategies.
- Conduct security related assessments, execute periodic security audits (internal and external) to ensure organization compliance to security standard such as ISO 27001 and provide leadership to build security compliance throughout the Organization.
- Manage security systems such as antivirus, patches, intrusion prevention and proactive threat monitoring.
- Oversee monitoring and remediation of exploits identified by vendors and general information sites.
- Works effectively with all clients and stakeholders to strike the proper balance between information security and the mission of FIT;
- Promotes continuous learning;
- Openly and frequently communicates with all stakeholders;
- Takes initiative and drives high levels of performance management;
- Plans work, anticipates risks, and sets goals within area of responsibility;
- Displays mastery of subject matter;
- Contributes to a collegial team environment;
- Displays awareness of relevant technological solutions;
- Works with internal and external stakeholders to meet resource needs of FIT.
- Demonstrated knowledge and use of: 1. network security services such as firewalls, WAF, IDS, IPS, end-point protection, 2. email security options and services, 3. infrastructure and application vulnerability and scanning tools and services;
- Demonstrated knowledge on methods to detect and respond to an Advanced Persistent Threat;
- Anticipates and prepares response to changing IT needs of the relevant organizational unit;
- Delivers optimal IT solutions within defined resource parameters;
- Correctly applies knowledge of specialized IT disciplines.
- Bachelor's degree in Computer Science, Information Systems, Telecommunications, Networking, Engineering or a related field from an accredited academic institution or six years of relevant professional experience.
- Industry certification in at least one of the following areas is preferred: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Information Systems Security Management Professional.
- Minimum of five years of experience working in an information security and IT risk management role preferably within a higher education institution;
- Familiarity with the following technologies: Microsoft Active Directory, Microsoft Exchange, Gmail, Cisco VPN, Next Gen Firewalls (such as Palo Alto), encryption of PII data, PCI, VOIP, and security review of COTS and internally developed software applications;
- Demonstrated Exceptional Problem Solving.
This is is a non-bargaining job
Please provide salary requirements in your cover letter
FIT offers a generous benefits package including 6 weeks vacation. To learn more about our benefits please click here: Benefits
In order to be considered for the position, you must submit the following documents online:
* Cover letter including salary requirements
* A list of three references with telephone numbers and email addresses
Please note that due to the high volume of applications we receive, we are unable to contact each applicant individually regarding his or her application status.
For more information about FIT, please visit FIT's website at: http://www.fitnyc.edu
FIT is firmly committed to creating an environment that will attract and retain people of diverse racial and cultural backgrounds. By providing a learning and working environment that encourages, utilizes, respects, and appreciates the full expression of every individual's ability, the FIT community fosters its mission and grows because of its rich, pluralistic experience. FIT is committed to prohibiting discrimination, whether based on race, color, national origin, sex, gender, gender identity, religion, ethnic background, age, disability, marital status, sexual orientation, military service status, genetic information, pregnancy, familial status, citizenship status (except as required to comply with law), or any other criterion prohibited by applicable federal, state, or local laws. FIT is committed to providing equal opportunity in employment, including the opportunity for upward mobility for all qualified individuals. Applications from minorities, women, veterans, and persons with disabilities are encouraged. Inquiries regarding FIT's non-discrimination policies may be directed to the Affirmative Action Officer/Title IX Coordinator, 212 217.3360, [email protected]