Information Security Engineer

Job Location(s) US-NY-Old Westbury
Posted Date 2 months ago(8/6/2020 1:27 PM)
Job ID
# of Openings
Position Type
Regular Full-Time
Information Technology


New York Institute of Technology offers 90 undergraduate, graduate, and professional degree programs in more than 50 fields of study, including computer science, data, and cybersecurity; biology and biomedical studies; architecture and design; engineering; health professions and medicine; IT and digital technologies; management; communications and marketing; education and counseling; and energy and sustainability. A nonprofit, independent, private, and nonsectarian institute of higher education, it welcomes more than 9,000 students worldwide. The university has campuses in New York City and Long Island, New York; Jonesboro, Arkansas; and Vancouver, British Columbia, as well as programs around the world.


New York Tech embraces its mission to provide career-oriented professional education, give all qualified students access to opportunity, and support research and scholarship that benefits the larger world. More than 100,000 alumni comprise an engaged network of doers, makers, and innovators prepared change the world, solve 21st-century challenges, and reinvent the future.


For more information, visit



The Information Security Engineer is a trusted resource who identifies information security risks as well as define, implement, and maintain mitigating technical controls. They must ensure compliance with University information security policies and enforce implementation of the University’s security architecture. This includes the auditing and safeguarding of computer systems and data/networking components, oversight of security configuration and monitoring, and application security assessments and vulnerability scans.


Major Responsibilities

  • Serve as the University’s Subject Matter Expert (SME) on information security tools, techniques, and processes; assist peers to configure and deploy applications and systems in a secure manner.
  • Design, implement, and maintain security applications and infrastructure to support University policies as well as federal and state security/data privacy regulations.
  • Analyze information across systems and networks to identify and respond to potential security incidents and data breaches; participate in incident response and recovery activities as required.
  • Serve as technical lead on security projects; administer security-related infrastructure and applications such as SIEM tools, vulnerability scanning/management, NGFW, email sanitation tools, MFA, and other security-related infrastructure; suggest, implement, and maintain new technologies as required to support the ever-changing security landscape.
  • Plan and conduct infrastructure security assessments and vulnerability scans of all layers of the information technology ecosystem including networking, servers, operating systems, databases and applications; analyze findings for system owners.
  • Participate in external professional organizations that are relevant to the objectives of NYIT’s information security program such as EDUCAUSE, REN-ISAC, SANS, etc; provide reports and presentations on the status of security controls and security industry trends/technologies to ITS management.
  • Monitor ITS’s business continuity and disaster recovery program and validate against industry best practices; routinely review, test, and improve program.
  • Collaborate with Information Privacy and Compliance Analyst to conduct information security threat modeling exercises, risk assessments, and workshops.
  • Monitor and advise on information security issues related to applications, information systems, and data assets to ensure internal security controls for the University are appropriate and operating as intended.
  • Stay abreast of latest security technologies; maintain a strong knowledge base of industry and technology trends that help the support the information security requirements of the University.
  • Other duties as assigned.



  • BS in computer science, engineering, or other technical discipline plus a minimum of 4 years of experience working in information technology, security, or risk management. CISSP or equivalent certification is preferred. Comparable success and work experience may be considered in lieu of degree requirement. Experience in a higher education environment preferred.
  • Strong analytical skills and ability to translate University business needs and information security compliance requirements into supporting enterprise-wide data security standards.
  • Familiarity and experience with information security standards (e.g., NIST 800-53, ISO 27001/2, etc.), rules and regulations related to information security and data privacy (e.g., MA 201 CMR 17, FERPA, HIPAA, PCI, GDPR etc.); working knowledge of desktop, server, application, database, and network security principles and best practices for risk identification, management, and analysis.
  • In depth knowledge of vulnerability management and exploit analysis tools, networking technologies, common protocols, services and related security issues required; experience with Data Loss Prevention, Identity Management, IPS/IDS, NGFW, MFA, and SIEM solutions as well as experience documenting technical standards and operational policies required; experience with cloud and data center security also desired.
  • Demonstrated passion for problem solving; strong project management skills and the proven ability to build trust and work well with all levels of management and technical staff are required.
  • Able to communicate effectively with people at varying levels of technical fluency including the ability to explain and document complex technical issues in a way that non-technical people may understand; the ability to establish collaborative working relationships at all contact levels of the University; the ability to communicate progress/challenges to appropriate personnel effectively.
  • A demonstrated understanding of business operations, information technology and data security as it relates to monitoring, maintaining and implementing data security policies, standards, and guidelines.
  • Team player with excellent consulting skills and a fun, but professional presence required.
  • Excellent customer service skills; a high degree of integrity relative to data security and confidentiality of information required.
  • Ability to work nights and weekends on an as-needed basis is required.








 Please submit cover letter & resume for consideration




New York Institute of Technology is an Equal Opportunity Employer – M/F/Veteran/Disability/Sexual Orientation/Gender Identity



Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed