NYU Job Posting: Security Awareness Specialist

[Brian J Smith-Sweeney <bsmithsweeney () NYU EDU>]

Hello all,

NYU is currently seeking a Technology Security Awareness Specialist
with our Technology Security Services group (TSS).   The official job
description can be found at:

https://www.nyucareers.com/applicants/jsp/shared/position/JobDetails_css.jsp?postingId=197727

Below is a less formal/official summary of what we do and what we're
looking for.  If this looks interesting to you, please submit an
application, as well letting us know you've applied by sending email
to security () nyu edu with your resume attached.  Please note that I am
recruiting on behalf of Jane DelFavero, the Director of Technology
Security Services, who is the hiring manager for this position.

For the Awareness Specialist position we'd love to see a candidate
with security and/or strong IT experience, as well as experience
teaching or otherwise working with clients to present IT information
in an understandable way. We value smart, dedicated people over
experience - see "INFORMAL QUALIFICATIONS" below. So don't let a lack
of experience keep you from applying! However, if you expect this to
be a highly technical, operations-based job, then this is not the
position for you.

The starting salary is based on experience, and is highly competitive
with other higher-ed technology positions. NYU ITS has a strong record
of internal advancement, and offers excellent educational, health,
retirement, and work/life benefits.

New York University's main campus is located in the heart of Greenwich
Village in New York City, offering a wide array of social, artistic,
and professional opportunities. We are the largest private University
in the country, with over 38,000 full-time students, and one of the
largest employers in New York City, with over 16,000 employees.


INFORMAL QUALIFICATIONS
=======================
* Critical Thinking: We need geeks. We need people who are willing and
able to wade through technical security jargon and think “how can I
make this understandable to the typical person?”.   And we need people
who can help clients change learned bad behaviors.

* Social Engineering: Security Awareness is an inherently social
position. This person is the public face of Security at NYU, and as
such, you must be able to communicate effectively in any medium -
written, spoken, etc. - and be able to speak confidently in front of a
group.  You need to have a sense of which topics should be handled in
writing, which should  be handled remotely, and which benefit from
live, face-to-face interaction.

* Team Fit: This isn't something you can get a feel for until you come
meet us, but as a heads-up, we value team cohesion pretty strongly. We
share a lot of information internally and bounce lots of ideas off
each other. Everyone except the Director and Assistant Director sits
in a bullpen. Isolationists need not apply.

* Security Background: While we’d love to see some experience with
policy or security operations, it’s more important that you show an
understanding of those areas. You need to be able to draw conclusions
out of technical discussions and translate hot-button issues to
workable education plans

* Big Picture Thinking: You need to be able to look at our operations,
and see how the pieces fit together. What training is needed to
prevent common mistakes? What documentation would help clients avoid
compromise?

* General IT Background:  Some portion of the target audience for our
training are IT professionals and a good general IT background will
help greatly in communicating with that audience.  That background
will also aid in understanding some of the practical implications of
our security advice.

 * Innovation: We would love to see a candidate with new ideas and
techniques for improving the state of Security Awareness.    Anyone
can writeup a checklist; we're looking for someone that can drive home
a message.

AREAS OF RESPONSIBILITY
=======================
Primary responsibility: Securing the user is as important as securing
the system. We have an active education and awareness program designed
to keep students, staff, and faculty aware of changes in threat and
compliance landscape, their obligations as a member of the community,
and advice on how best to meet those obligations.

In addition TSS as a group covers the following areas. Depending on an
applicant’s skills, there may be work assigned in these disciplines as
well.

* Threat assessment
* Policy and Compliance
* Security Consulting
* Security Operations
* Forensic Analysis
* System Engineering
* Enterprise Initiatives

As always, please feel free to contact me with any questions.

Cheers,
Brian

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Brian Smith-Sweeney                                     Assistant Director
ITS Technology Security Services, New York University
http://www.nyu.edu/its/security
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~