SUMMARY
Under the direction of the Information Security Officer and IRT management, this position will provide a well-rounded security skill set for the Rowan University community. This individual will take part in all aspects of operational and project duties of the Information Security Office including handling end user tickets from faculty, staff, students, and internal department personnel. This position will act as the lead on efforts related to security and take part in projects related to cloud security, risk assessment, penetration testing and audit, compliance efforts, etc. This individual will also be a member of the Rowan Incident Response Team. This position is community-facing and requires excellent communication, organization, and customer service skills.

As a member of the Information Security Office, this individual will assist in assessing, implementing, and supporting security solutions across all areas of information security. This includes the design and implementation of policies and processes, working with vendors,
managing technical security solutions, and focusing on various topics related to industry security standards and regulations (NIST, FERPA, HIPAA, PCI, etc.). The work supports organizational security, compliance, and quality goals and objectives for the University.

ESSENTIAL DUTIES AND RESPONSIBILITIES

Management of and validating compliance with Information Security Office technical security practices, including processes for system hardening, governing endpoint detection, data loss prevention, etc. Work with internal IRT departments and business units to ensure compliance with Rowan policies and processes as well as industry best practices Work with other team members on various security-related projects to support new solutions in the Rowan computing environment Work with internal and external customers to identify risks and provide solutions fo security vulnerabilities Handle customer requests requiring ISO approval (e.g., non-standard workstation requests and VPN access requests, affiliate requests, etc.) Take part in the Rowan IRT risk management process to review scans of the Rowan infrastructure and assess risk profiles Take an active role in the Rowan Incident Response Team Engage with other team members to write, provide input on, and implement policies, standards, procedures, and guidelines in accordance with industry best practices Conduct information security assessments of Third-Party Vendors to determine their ability to protect confidential data. Assist with reviewing vendor solutions and service security evaluations for alignment with security best practices & regulatory compliance Monitor open vendor security issues and remediation actions associated with security control gaps to ensure timely closure Willingness to obtain industry standard cybersecurity certifications Willingness to sign and adhere to a non-disclosure agreement Other duties as assigned

QUALIFICATIONS

A career-level interest in cybersecurity is required Excellent customer service and communication skills are an absolute requirement for this position Strong understanding of security administration and configuration including enterprise-
wide management Understanding of system hardening practices, antivirus/antimalware controls and other
endpoint and server protection solutions Understanding of network communications and protocols Understanding of secure network architecture and related topics strongly preferred Knowledge of general information security topics Incident response and management experience preferred. Project management, time management and organization skills Ability to adapt quickly and work equally well independently and in a team environment Ability to meet assigned deadlines, juggle multiple priorities, design project plans, and provide project updates Superior communication skills with the ability to ask questions, escalate roadblocks early, and interact effectively at multiple levels in the organization.

EDUCATION AND EXPERIENCE

Bachelor’s Degree in Computer Science or equivalent preferred Minimum 3 years information technology experience including increasing levels of responsibility required Minimum 3 years information technology experience in large scale environment preferred Minimum 2 years experience to include work in areas of cyber security preferred Additional professional experience may be substituted for the degree on a year-for-year basis