Description

  • Communicates institution-specific and industry best practices around IT security standards to internal technical leads, and external technology solution developers, partners, and providers.
  • Analyzes data generated during application security and vulnerability assessments, vulnerability scans, and penetration testing and creates reports to summarize risks, vulnerabilities, and remediation strategies based on common standards and frameworks.
  • Provides mitigation and remediation suggestions, as appropriate.
  • Supports digital transformation including appropriate automation, cloud migration, stakeholder empowerment, and distributed, but effective security practices.
  • Supports senior and lead security engineers in completing application security and, vulnerability assessments, penetration testing, and risk analyses using industry standard tools, both commercial and open source.
  • Effectively delivers these reports to technical and non-technical staff, engineers, developers, and managers. Supports senior and lead security engineers in delivering reports at the director, associate vice-presidential, and vice-presidential levels.
  • Supports senior and lead security engineers by contributing recommendations on operational aspects of security vulnerability and risk assessments for current technical solutions, transition or emerging solutions and in evaluating changes to systems and services (change management) for both on-premise and cloud solutions.
  • Supports senior and lead security engineers in maintaining IT security tool and capability portfolio through engaged lifecycle management of hardware and software solutions, vendor management and budget planning activities (researching and drafting business cases in a zero-based budget environment) as requested.
  • Contributes to the identification, creation, and documentation of security processes, network security standards and procedures for both internal runbooks as well as university wide communications and awareness.
  • Acts as an escalation point for and collaborates with peers throughout the institution on technical security matters.
  • Participates in IT projects across the university.
  • Performs other related duties as assigned. The omission of specific duties does not preclude the supervisor from assigning duties that are logically related to the position

Key Skills
Education

Any Gradute

Back To Jobs