Information Security Systems AdministratorSchool/Division:Information Technology Services (ITS)Office:Information SecurityFull-Time or Part-Time:Full-TimeAbout HofstraHofstra University is a nationally ranked and recognized private university in Hempstead, N.Y. that is the only school to ever host three consecutive presidential debates (2008, 2012 and 2016). At Hofstra, students get the best of both worlds. Our campus is a leafy oasis just a quick train ride away from New York City and all its cultural, recreational and professional opportunities. We offer small classes and personal attention, with the resources, technology and facilities of a large university. Students can choose from more than 160 undergraduate program options and 165 graduate program options in the liberal arts and sciences, education, health professions and human services, the Peter S. Kalikow School of Government, Public Policy and International Affairs, the Fred DeMatteis School of Engineering and Applied Science, the Frank G. Zarb School of Business, the Lawrence Herbert School of Communication, the Maurice A. Deane School of Law, the Hofstra Northwell School of Graduate Nursing and Physician Assistant Studies, and the Donald and Barbara Zucker School of Medicine at Hofstra/Northwell. Hofstra University is a dynamic community of more than 11,000 students from around the world who are dedicated to civic engagement, academic excellence and becoming leaders in their communities and their careers.Description:Reports directly to the most senior Information Security professional (currently Manager, Information Security) and, indirectly, to the Vice President for Digital Innovation and Technology/CIO. The Information Security Systems Administrator (ISSA) is a hands-on role that requires a high level of technical expertise in the broad range of systems, networking, and information security technologies in use at Hofstra University. The person in this position is responsible for a broad range of tasks, including the day-to-day administration of cybersecurity tools and devices, as well as security information and event management (SIEM) systems. This role will at times contribute significantly to the security related administration aspects of a wide variety of IT systems and services across the university.

Additionally, as legal and regulatory compliance drivers continue to grow in impact and importance, the ISSA’s collaborates frequently with members of the University’s Internal Audit department.

This position interfaces frequently with other colleagues in Hofstra Information Technology Services, Northwell Health Information Technology, peers at other institutions, and third-party systems, software, security, SaaS, and IaaS vendors.

Responsibilities include, but are not limited to:

System Administration and Use
•Administers and uses the various systems, virtual appliances, and physical appliances including SIEM and log management systems used to detect, defend, and defeat breaches of information security. This includes management at the hardware, operating system, and application layers, as well as on network-specific security devices, in accordance with the defined university policies, standards and procedures, as well as with industry best practices and manufacturer guidelines.
•Performs user and access administration on designated systems and applications, in accordance with the defined policies, standards and procedures.
•Performs installation and configuration management of security systems and applications, including policy assessment and compliance tools, network security appliances and host-based security systems.
•Evaluates software patches for criticality and, where appropriate, collaborates with colleagues to schedule and apply patches, remove or otherwise mitigate known control weaknesses, such as unnecessary services or applications or redundant user accounts, as a means of hardening systems in accordance with security policies and standards.
•Performs normal and exceptional processing of user access and change requests for designated systems, escalating such requests when appropriate.

Threat and Vulnerability Detection, Mitigation and Analysis
•Maintains an expert working knowledge of extant vulnerabilities and threats, and monitors security vulnerability information from vendors and third parties.
•Monitors system logs, SIEM tools, service specific threat detection (such as Office 365’s security tools), and network traffic for unusual or suspicious activity. Interprets such activity, reports as appropriate, and takes additional action as necessary.
•Performs threat and vulnerability assessments and various tests including penetration tests, in some cases followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities.
•Reports unresolved security exposures, misuse of resources or noncompliance situations using defined escalation processes.
•Locates and repairs security problems and failures.
•Collates security incident and event data to produce monthly exception and management reports.
•Implements or coordinates remediation required by audits or advisory, and document exceptions as necessary

Project, People, and Process Leadership
•Researches, recommends, evaluates and implements cybersecurity solutions that identify and/or protect against potential threats, and respond to security violations.
•Trains and mentors junior team members in the use of security tools, the preparation of security reports and the resolution of security issues.
•Develops and maintains documentation for security systems and procedures.
•Investigates and resolves security violations by providing postmortem analysis to illuminate the issues and possible solutions.
•Participates in infrastructure projects to develop, plan and implement specifications for network and distributed system security technologies in support of key information systems
Collaboration and Professional Development
•Participates in cybersecurity working groups
•Maintains, through participation in professional organizations, conferences, and direct training, an expert working knowledge of information security theory and practice.


The expected start date for this position is September 1, 2021.Qualifications:•Bachelor’s degree from an accredited institution required, either (a) in information security, information systems, computer science or other related field, or (b) with sufficient additional coursework and other professional development to demonstrate mastery of the concepts required to successfully meet the requirements of the role.

Preferred Qualifications:
•Two or more years of IT or network security experience
•Additional certifications demonstrating mastery of Information Security principles, such as CISSP, CISM, GSEC, etc.
•Knowledge of cybersecurity principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management
•Technical proficiency with security-related systems and applications
•Experience in developing, documenting and maintaining security procedures
•Knowledge of network infrastructure, including routers, switches, firewalls and associated network protocols and concepts
•Working technical knowledge of LINUX and Windows servers platforms, CISCO and/or HP/Aruba networking
•Strong knowledge of TCP/IP and network administration/protocols
•Strong analytical and problem-solving skills to enable effective security incident and problem resolution
•Proven ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously
•Ability to work well under minimal supervision
•Strong team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles, including vendors and IT-business personnel
•Strong written and verbal communication skills
•Strong customer/client focus, with the ability to manage expectations appropriately, provide a superior customer/client experience, and build long-term relationships
•Experience in developing, documenting and maintaining security procedures
Application Instructions:For consideration, please send your resume and cover letter with salary requirements to: ITjobs@hofstra.edu. Please indicate "Security Systems Administrator" in the subject line.Voluntary Self-IdentificationAll applicants are invited to complete the three (3) voluntary self-identification formsDeadline:Open until filledDate Posted: 06/17/2021Posting Number: 898872-21