VACANCY ANNOUNCEMENT 

External Security Services Information Security Officer (local title)

SL-5 Supervising Programmer / Analyst (budget title)

SUNY Information Technology Exchange Center (ITEC)
Buffalo State University

The Information Technology Exchange Center (ITEC) is one of several special purpose organizations established by participating institutions to support multi-campus, computer-related, group activities targeted at improving the quality, quantity, and cost-effectiveness of campus-based and University-wide computer services.  In all, ITEC services over 50 campuses.

ITEC is soliciting applications for a External Security Services Information Security Officer.  The following announcement describes the responsibilities and qualifications associated with this position.

Essential Responsibilities:

ITEC’s External Security Services Information Security Officer (ESISO) is part of a team responsible for providing strategic cybersecurity leadership and advisory services to higher education institutions. This role involves assessing, and implementing ITEC security program strategies, policies, and frameworks that align with the unique security needs of universities and colleges. The ESISO will act as a trusted security partner, helping institutions manage cyber risks, ensure regulatory compliance, and safeguard critical academic, research, and administrative data.

The ESISO is a professional advocate for security and advisor to campus management, especially in helping management establish Program priorities and security-serving projects.

The ESISO participates directly in conversations with ITEC and campus senior management and, as needed, carries the insights and concerns of the Team to management. The ESISO is the primary lens for campuses to which they are assigned to help manage new and ongoing risks and security-affecting situations and must be a clear and articulate advocate for what the ESISO sees as needed, communicating in terms and methods that resonate with the business so that executive management can make well informed decisions.

The ESISO must have a good grasp of the current range of matters that the profession, regulations, and standards describe as comprising organizational information security programs in complex organizations in the US. ITEC itself functions within the College of Buffalo, which functions with SUNY, which further functions within New York State government.

With Team leadership and security program management as the primary focus, the role also has a strong project management emphasis. The ESISO must be able to coordinate deliverables to campuses with the Service Delivery Manager for Security Services.

Responsibilities include helping define and oversee approved campus security projects, and working on tasks in such project.

The ESISO assists campuses with security-related incidents. They will help investigate and evaluate security-focused software which promises to be useful to campus security posture and support senior management at the campuses in determining system requirements and capabilities, as well as appropriate hardware and software configurations.

Required Qualifications:

1. Bachelor’s degree in a security, computing, programming, networking or related field, or equivalent years of professional work experience.
2. Demonstrated current and/or previous leadership positions.
3. Demonstrated experience supervising a team.
4. Good presentation skills, interpersonal skills, written and communication skills.
5. This position is designated as a critical or security-sensitive position; therefore, the candidate must successfully complete a criminal history check and be determined to be security position qualified. Candidates are required to self-report convictions.
6. Demonstrated familiarity with security standards including NIST 800-53, 800-171, NIST Cybersecurity Framework (CSF) or equivalents.
7. Experience monitoring and evaluating vulnerability publications from reputable security organizations

Preferred Qualifications:

1. Master’s degree in information security or assurance, such as MSIA
2. Certifications related to Security Operations/Architecture/Engineering: ISC2: CISM, CISSP or SSCP.(CISSP–ISSAP or ISSEPa plus); relevant SANS GIAC series; or others, like PNPT, OSCP, CEH, CISM, CISA, or CySA+
3. Familiarity with Security Tools such as Zeek, Snort, Suricata, Nmap, Metasploit, Wireshark, OpenVAS, Autopsy.
4. Demonstrated familiarity with privacy regulations such as FERPA, PCI, HIPAA and GLBA
5. Working or managerial experience in a large organization, especially higher education.
6. Recent operational or administrative experience with EDR, SIEM, IDS/IPS Systems
7. Experience responding to or advising the response to a security breach, such as notification, chain of custody, guiding forensics, or compliance reporting
8. Familiarity or experience with network hardware e.g. switches, VLANs, routers, and access control lists; Familiarity or experience with network software protocols e.g. TCP/IP, BGP, NFS, iSCSI, QoS, SDN, HTTPS, TLS, etc.
9. Experience in System Administration for Windows servers, vCenter/ESXi, Linux, Hypervisors a plus.
10. Experience with Single-Sign on protocols e.g. SAML2, OpenID, CAS and Multifactor authentication.
11. Cloud provider experience and/or certifications with any of Azure, AWS, Google Cloud.
12. Membership in REN–ISAC, MS-ISAC, or other industry ISAC
13. Familiarity with Banner Student Information Systems or a similar product.
14. Experience with Zero Trust Networks.
15. Experience using enterprise security products (e.g. EDR, IDS/IPS, SIEM systems, firewalls, etc)

Application Procedures:

Buffalo State University and the SUNY Information Technology Exchange Center (ITEC) offer an excellent and challenging working environment with good fringe benefits.

Buffalo State University is an affirmative action/equal opportunity employer and committed to respect for diversity and individual differences.

Salary range is $77,346 -$143,611. Salary will be commensurate with experience and skills.

More than one selection may be made from this vacancy announcement.

The location for this position is in Buffalo, NY. An office location at a New York State or SUNY Institution may be possible.

Application Deadline: 09/17/2025

Apply on-line at: https://jobs.buffalostate.edu/postings/7977