Job Information

CUNY IT Security Officer (IT Senior Associate, Level 1 - Provisional) in New York, New York

Job Title: IT Security Officer (IT Senior Associate, Level 1 - Provisional)

Job ID: 20349

Location: Graduate Center

Regular/Temporary: Regular


I.T. Senior Associates perform highly complex professional work in technology-related disciplines. While areas of specialization vary, typically I.T. Senior Associates perform a range of work in development/programming, communications, technical support, or similar functions depending on the needs of the Information Technology area to which they report. Work tasks include diagnosing, evaluating, overseeing and resolving highly complex projects. They have wide latitude for independent initiative and judgment and may serve in lead roles on complex programs or projects, and/or serve as a direct supervisor of a unit or group.

I.T. Senior Associates should demonstrate mastery of one or more technology-related disciplines, decision-making ability in situations related to those disciplines, and be able to serve as a resource in these areas. They may contribute to decisions on I.T. policies and technical standards.

This job is in CUNY's Classified Civil Service. The full specification is available on our web site at


IT Senior Associate




The Graduate Center, CUNY is the focal point for advanced teaching and research at The City University of New York (CUNY), the nation's largest urban public university. With over 35 doctoral and master’s programs of the highest caliber, the Graduate Center fosters pioneering research and scholarship in the arts and sciences and prepares students for careers in universities and the private, nonprofit, and government sectors. The Graduate Center’s commitment to research and scholarship for the public good is exemplified by its more than 30 centers, institutes, and initiatives, including its Advanced Science Research Center (ASRC), a 200,000 square-foot facility in upper Manhattan, designed to promote collaboration among scientists in five areas of global research and innovation: nanoscience, photonics, structural biology, neuroscience, and environmental sciences.

The Graduate Center (GC) benefits from highly ambitious and diverse students and alumni—who in turn teach hundreds of thousands of undergraduates every year. Through its public programs, the Graduate Center enhances New York City’s intellectual and cultural life.

Information Technology (IT) is the division of the Graduate Center responsible for media, voice, video, and data systems and services. The mission of this unit is to promote, facilitate, and support the effective use of technology in the learning process, in instruction and research, and in processing and accessing institutional information.

The IT Security Officer is responsible for implementing appropriate controls to safeguard the Graduate Center’s information, systems and networks while adhering to CUNY information security policies and procedures. This position monitors threat advisory reports from cybersecurity agencies and services and provide early warning of potential threats to networks and/or systems; develops information security incident response procedures and coordinates incident investigations with GC leaders, CUNY CIS and other appropriate agencies.

Reporting directly to the IT Director of Systems Services, the IT Security Officer provides the vision and strategies necessary to ensure the confidentiality, integrity, and availability of the Graduate Center’s electronic information by communicating risk, creating and maintaining enforceable policies and supporting processes, and ensuring compliance with regulatory requirements.

Duties include, but are not limited to:

  • Provides security technology leadership to technology project teams.

  • Keeps abreast of the latest developments in the field of information security, computing, and networking technology and makes security technology recommendations; engages in self-directed professional development including through reading, fostering professional contacts with colleagues, attending professional development courses, trainings, and conferences, taking courses as directed by the supervisor, and obtaining certifications relevant to job duties.

  • Defines, implements, and manages incident response processes.

  • Establishes and operates an ongoing vulnerability threat assessment program and works with teams to remediate vulnerabilities; identifies, monitors, and reports assets attached to the network that are at risk, overseeing action plans to ensure risks are mitigated.

  • Oversees and coordinates penetration testing as well as system and configuration hardening activities; collects and protects evidence and participates in forensic investigations.

  • Directs tactical security technology decisions (including go/no-go decisions on technology changes that affect security) and incorporates effective change and risk management controls.

  • Researches, prototypes, tests, and evaluates security technology new to the organization.

  • Ensures vulnerabilities are managed by directing periodic vulnerability scans of devices connected to the Graduate Center’s networks.

  • Directs an ongoing, proactive risk assessment program for all new and existing systems and remains familiar with both the University’s and Graduate Center’s goals and business processes so effective controls can be put in place for those areas presenting the greatest information security risk.

  • Evaluates security incidents and determines what response, if any, is needed and coordinates responses, including deploying technical incident response teams, when sensitive information is breached.

  • Reports to GC IT management on the state of information security risks and compliance.

  • Performs other duties as assigned.


  1. High School Diploma, G.E.D., or equivalent

  2. An equivalent of ten years of experience post-high school that can be met by one of the following: ten years of full-time work experience in a computer or technology related position; an Associate's degree plus eight years of full-time work experience in a computer or technology-related position; or a Bachelor's degree from an accredited institution plus six years of full-time work experience in a computer or technology-related position

  3. Demonstrated English Language proficiency

  4. A Motor Vehicle Driver's license, valid in New York State, may be required for some, but not all positions.

This title has three levels. In addition to the minimum qualifications above, To qualify for Levels 2 and 3, additional qualifications, such as education, experience, or certification relevant to the area of specialization are required.


A preferred candidate should have:

  • Three (3) to six (6) years of Information Security experience, including knowledge and experience with vulnerability assessment and forensic tools and techniques.

  • Three (3) to six (6) years of project management experience; ability to manage multiple concurrent projects and to reason analytically.

  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST.

  • Current information security certification, including Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or other relevant certifications.

  • Demonstrated knowledge of relevant legal and regulatory requirements for Payment Card Industry/Data Security Standard, PCI compliance, HIPPA, and FERPA guidelines.

  • Ability to maintain confidentiality in regard to information processed, stored, or accessed by the systems.

  • Ability to work with and train people who have different levels of technical knowledge.

  • Ability to work successfully as part of a team and to lead when needed.

  • Ability to take initiative and use sound judgment to solve problems.

  • High level of personal integrity.

  • Excellent written and oral communications skills.




CUNY offers a comprehensive benefits package to employees and eligible dependents based on job title and classification. Employees are also offered pension and Tax-Deferred Savings Plans. Part-time employees must meet a weekly or semester work hour criteria to be eligible for health benefits. Health benefits are also extended to retirees who meet the eligibility criteria.


To apply, go to, access the employment page, log in or create a new user account, and search for this vacancy using the Job ID or Title. Select "Apply Now" and provide the requested information.


Open until filled with review of applications to begin on April 8, 2019


Click on "Apply Now" below which will bring you to the registration screen. If you are a new user, you must register to apply. If you already have a user ID, please use your existing ID to apply. Make sure to upload a cover letter, resume, and contact information for three (3) professional references (name, title, organization, phone number, and email). Please upload all documents in Word or PDF format as one file.


CUNY Job Posting: Information Technology/Technical


CUNY encourages people with disabilities, minorities, veterans and women to apply. At CUNY, Italian Americans are also included among our protected groups. Applicants and employees will not be discriminated against on the basis of any legally protected category, including sexual orientation or gender identity. EEO/AA/Vet/Disability Employer.