The mission of Information Technology and Telecommunication Services is to explore, implement, maintain, and support the uses of technology to effectively and efficiently achieve the University’s academic and administrative objectives as stated in University’s strategic plan.
Primary Purpose of the Position: The IT Security Professional provides technical implementations and daily monitoring of the university’s complex IT environment in accordance with best practices and standards such as NIST 800-171, NIST 800-53, PCIDSS (Payment Card Industry Data Security Standards), DMCA, FERPA, GLBA, HIPAA, etc. Responsibilities include security reviews, risk assessments, risk management, policy standards and guidelines, security awareness and training, audit coordination and project management. Specifically, the Security Professional reviews, coordinates and monitors information technology security controls that protect confidentiality, integrity and availability of the organization’s controlled secure research data in accordance with legal, regulatory and institutional requirements. The Security Professional is responsible for ensuring that users with access to secure research data receive appropriate training. The Security Professional consults with faculty, college/unit IT staff, applicable ITS staff, Office of Sponsored Research Staff, and other subject matter experts to ensure technology solutions and compliance standards are in line with contract requirements.
Duties & Responsibilities: Reporting to the Chief Information Security Officer (CISO), the main responsibilities of this position center on providing technical expertise and leadership in driving FSU’s IT Security team initiatives, processes and day-to-day functions for ensuring/improving the overall cyber security posture for the University. The position functions in a high-level technical capacity which includes developing, implementing, supporting, and providing technical consultation on security issues. The position mentors other personnel and functions as subject matter expert for complex cyber security related solutions. The IT Security Professional III advises and provides recommendations to the CISO on the planning, development, execution, monitoring, and evaluation of cyber security strategies, policies, procedures, and standards to ensure the confidentiality, integrity, and availability of university IT resources and data. his position will provide expert level support in assisting team members as well as other support teams and university users with identifying, addressing and/or resolving complex security related issues concerning endpoints, servers, applications, information systems, network infrastructure, and physical security. This position is responsible for knowledge of various security systems and technologies that are associated with incident response management; system audits; and identifying and remediating potential security issues. This includes but is not limited to analysis of the output of security alerting tools, development and execution of plans to remediate issues; coordinate and collaborate with ITS teams and external departments to ensure their systems meet the required security standards set in place for the university; research and stay current on security technologies, trends, issues, threats and solutions; and assist the CISO with the development of security practices for the university, while recommending appropriate security initiatives. Proactively assesses the implications of vulnerabilities on the network and potential risk to IT systems and data. Analyzes information obtained from intrusion detection and prevention systems and works with security protocols and standards including recommended blocks to apply. Integral to this position is maintaining broad knowledge of industry standards and best practice security frameworks including ISO 27002, NIST, and CIS 20.
Vulnerability Management This position functions in a high-level technical capacity and facilitates and manages the identification and remediation of vulnerabilities. Of particular emphasis is overseeing the university’s vulnerability management processes for servers, working with the Systems team to provide technical oversight of campus-wide vulnerability management goals, while steering system administrators toward re-mediating issues. Oversees and/or performs vulnerability scanning using vulnerability assessment tools. The position provides analysis on which vulnerabilities may potentially be exploited, especially in a higher education IT environment. Ensures that proper documentation is in place regarding configuration of the vulnerability management system, record of systems monitored, and contact information for system or application administrators. Is involved in the evaluation of vulnerabilities and threats and to determine and recommend safeguards for system or application owners. Is involved in the development of corrective plans, mitigation’s, and full remediation actions. Understands and communicates attack chains to management and other stakeholders.
SIEM Management This position is responsible for overseeing the monitoring, detection, and analysis of security events from logs and alerts generated by critical IT assets such as network devices and applications sent to tools such as a Security Information and Event Management (SIEM) solution. Provides expertise and leadership to utilize threat intelligence and reporting capabilities to analyze data from multiple feeds to better detect and respond to cyber-attacks and decrease risk to assets or data.
Digital Forensics This position is responsible for overseeing and/or performing as a technical resource for digital forensic investigations. Evaluates, manages and maintains digital investigation resources. Assists Internal Audit with the use and integration of the solution within their investigation workflow. Assists or may be requested to assist in investigations as requested by forensically preserving and analyzing digital evidence and presenting the findings in an objective manner.
Security Incident Response This position is responsible for overseeing and performing as a part of the core security incident response team. Responsible for ensuring that security incident standard operating procedures are consistently followed while maintaining procedures and process documents so that they’re revised if necessary and kept up-to-date. Oversees the progress of investigations pertaining to security incidents, ensures quality control for security incident report documentation. Conducts access control reviews for incident response document repositories containing data pertaining to security incidents or vulnerabilities. This position advises the CISO on any recommended changes to incident responses plans or processes.
Employees are required to adjust their standard work schedule to meet the requirements of their position, which includes and is not limited to evening and weekend hours to perform scheduled and unscheduled workload requirements to manage cyber security priorities.
Duties require On-Call responsibilities. Position required to work during periods of adverse weather or other emergencies.
Minimum Education And Experience Requirements: Master’s degree and 2-4 years’ experience; or a bachelor’s degree and 3-5 years’ experience; and at least 1 year of supervisory experience: or an equivalent combination of education and experience. All degrees must be received from appropriately accredited institutions.
Preferred Qualifications: Degree in Computer Science, Information and Computer Technology, Information Security, or related area from an appropriately accredited institution, and four or more years of experience with cyber security activities such as SIEM monitoring and reporting, vulnerability management, incident response, monitoring and analysis of security related activities within an IPS/IDS solution, system administration, or related duties.