Assistant Director of Application and System Security
FORDHAM University, New York, New York, us, 10261
Assistant Director of Application and System Security
Founded in 1841, Fordham is the Jesuit University of New York, offering an exceptional education distinguished by the Jesuit tradition to more than 16,000 students in its nine colleges and schools. It has residential campuses in the Bronx and Manhattan, a campus in West Harrison, N.Y., the Louis Calder Center Biological Field Station in Armonk, N.Y., and the London Centre in the United Kingdom. The University offers a comprehensive benefits package that includes medical, dental, and vision insurance; flexible spending accounts; retirement plans; life insurance; short and long-term disability; employee assistance program (EAP); tuition remission; and generous time off. Successful candidates should have a knowledge of and commitment to the goals of Jesuit Education.
Responsibilities and Position Summary Title of Position: Assistant Director of Application and System Security. Reporting to the Senior Director of DevOps Planning, the Assistant Director of Application and System Security is responsible for the daily management, execution and supervision of security operations for applications and systems, both on-premises and in the Cloud. This position is responsible for installing, configuring and turning over for operational support, technologies intended to keep university resources safe and secure. This role ensures that security principles are practically applied during the configuration of systems and throughout the development and deployment of web applications. The Assistant Director works directly with application and engineering teams to implement solutions that address current and potential security threats. Key responsibilities include coordinating system configuration management, supporting and enforcing the secure Software Development Life Cycle (SDLC) program, and scheduling regular audits, assessments, penetration tests, and vulnerability scans.
Essential Functions
Executes application and system security strategies defined by leadership to enhance the adoption of new technologies and assists in analyzing their impact on the university community.
Monitors system configurations to ensure security and compliance, ensuring security protocols are followed during the development and deployment of servers and web applications.
Supervises the daily security operations of systems and applications in both Cloud and On-Prem environments.
Collaborates directly with application and engineering teams to implement safeguards against existing and emerging security threats.
Coordinates and performs vulnerability scanning of applications to detect issues and assists in leading penetration testing initiatives to identify vulnerabilities.
Supports the maintenance and execution of a secure Software Development Life Cycle (SDLC) program.
Conducts periodic audits and assessments for system and application security under the guidance of management directives.
Collaborates with development teams to integrate security controls into enterprise applications, student systems, learning management systems, and research platforms.
Essential Functions Note This list is not intended to be an exhaustive list. The University may assign additional related duties as necessary.
Management Responsibilities Guides work of other employees who perform essentially the same work and/or student workers. Organizes, sets priorities, schedules and reviews work, but is generally not responsible for final decisions in hiring, performance management or compensation.
Additional Functions
Delivers training plans and materials to staff to ensure success of initiatives and to manage security risks and issues.
Maintains working relationships with university departments, external partners and vendors.
Implements practical solutions to resolve security challenges.
Adapts daily workflows in response to the evolving cybersecurity landscape.
Supports the negotiation process with vendors and partners to achieve security outcomes.
Maintains awareness of the latest cybersecurity trends, threats, and technologies.
Upholds high ethical standards and integrity in all cybersecurity practices.
Required Qualifications: Education and Experience Bachelor’s degree in computer science or a related field, or equivalent combination of education and 4 years of directly related work experience.
Required Qualifications: Knowledge and Skills
Working knowledge of authoritative standards, guidelines, and best practices in information security.
Experience participating in or coordinating Attack and Penetration assessments and reviews.
Familiarity with cloud computing, virtualization, Cybersecurity framework (CSF), CIS Benchmarks, and the ITIL framework.
Experience working within a highly automated SSDLC program.
Ability to apply Threat Modeling practices within the product lifecycle.
Experience in implementing and operating application vulnerability scanning products and Security Information and Event Management (SIEM) tools in both a Windows and Linux environment.
Strong verbal and written communication skills with the ability to collaborate effectively across teams.
Strong analytical and problem-solving abilities.
Good organizational and time management skills.
Ability to balance security with academic and operational needs.
Preferred Qualifications
1-2 years of experience in an information security position.
Experience in security or technology administration within a Higher Education setting.
Previous hands-on experience in roles such as network, server, database, or application administration.
Familiarity with Project Management tools, such as Microsoft Project.
Possession of or ability to obtain relevant information security certifications (e.g., SSCP, GSEC, CISSP, or CISM).
Salary and Benefits Minimum Starting Salary: 104,000
Maximum Starting Salary: 130,000
Note: Salary is commensurate with qualifications, experience, and skills.
Additional Details Is this a Union position? No
Posting Number: A1012P
Number of Vacancies: 1
Start Date: ASAP
Posting Date: 01/25/2026
Equal Employment Opportunity (EEO) Fordham University is committed to excellence and welcomes candidates of all backgrounds. Fordham University is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, orientation, gender identity or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law.
Physical Activity and Work Environment Physical Activity and Work Environment details are listed on the original posting and have been omitted here to maintain a clean, readable format.
Documents Needed to Apply Required Documents
Resume
Cover Letter
Optional Documents
Supplemental questions Required fields are indicated with an asterisk (*).
Do you have a Bachelor's Degree in computer science or a related field, or equivalent combination of education and 4 years of directly related work experience?
Yes
No
Do you have experience participating in or coordinating Attack and Penetration assessments and reviews?
Yes
No
Are you familiar with cloud computing, virtualization, Cybersecurity framework (CSF), CIS Benchmarks, and the ITIL framework?
Yes
No
Do you have experience working within a highly automated SSDLC program?
Yes
No
Do you have the ability to apply Threat Modeling practices within the product lifecycle?
Yes
No
Do you have experience implementing and operating application vulnerability scanning products and Security Information and Event Management (SIEM) tools in both a Windows and Linux environment?
Yes
No
#J-18808-Ljbffr
Founded in 1841, Fordham is the Jesuit University of New York, offering an exceptional education distinguished by the Jesuit tradition to more than 16,000 students in its nine colleges and schools. It has residential campuses in the Bronx and Manhattan, a campus in West Harrison, N.Y., the Louis Calder Center Biological Field Station in Armonk, N.Y., and the London Centre in the United Kingdom. The University offers a comprehensive benefits package that includes medical, dental, and vision insurance; flexible spending accounts; retirement plans; life insurance; short and long-term disability; employee assistance program (EAP); tuition remission; and generous time off. Successful candidates should have a knowledge of and commitment to the goals of Jesuit Education.
Responsibilities and Position Summary Title of Position: Assistant Director of Application and System Security. Reporting to the Senior Director of DevOps Planning, the Assistant Director of Application and System Security is responsible for the daily management, execution and supervision of security operations for applications and systems, both on-premises and in the Cloud. This position is responsible for installing, configuring and turning over for operational support, technologies intended to keep university resources safe and secure. This role ensures that security principles are practically applied during the configuration of systems and throughout the development and deployment of web applications. The Assistant Director works directly with application and engineering teams to implement solutions that address current and potential security threats. Key responsibilities include coordinating system configuration management, supporting and enforcing the secure Software Development Life Cycle (SDLC) program, and scheduling regular audits, assessments, penetration tests, and vulnerability scans.
Essential Functions
Executes application and system security strategies defined by leadership to enhance the adoption of new technologies and assists in analyzing their impact on the university community.
Monitors system configurations to ensure security and compliance, ensuring security protocols are followed during the development and deployment of servers and web applications.
Supervises the daily security operations of systems and applications in both Cloud and On-Prem environments.
Collaborates directly with application and engineering teams to implement safeguards against existing and emerging security threats.
Coordinates and performs vulnerability scanning of applications to detect issues and assists in leading penetration testing initiatives to identify vulnerabilities.
Supports the maintenance and execution of a secure Software Development Life Cycle (SDLC) program.
Conducts periodic audits and assessments for system and application security under the guidance of management directives.
Collaborates with development teams to integrate security controls into enterprise applications, student systems, learning management systems, and research platforms.
Essential Functions Note This list is not intended to be an exhaustive list. The University may assign additional related duties as necessary.
Management Responsibilities Guides work of other employees who perform essentially the same work and/or student workers. Organizes, sets priorities, schedules and reviews work, but is generally not responsible for final decisions in hiring, performance management or compensation.
Additional Functions
Delivers training plans and materials to staff to ensure success of initiatives and to manage security risks and issues.
Maintains working relationships with university departments, external partners and vendors.
Implements practical solutions to resolve security challenges.
Adapts daily workflows in response to the evolving cybersecurity landscape.
Supports the negotiation process with vendors and partners to achieve security outcomes.
Maintains awareness of the latest cybersecurity trends, threats, and technologies.
Upholds high ethical standards and integrity in all cybersecurity practices.
Required Qualifications: Education and Experience Bachelor’s degree in computer science or a related field, or equivalent combination of education and 4 years of directly related work experience.
Required Qualifications: Knowledge and Skills
Working knowledge of authoritative standards, guidelines, and best practices in information security.
Experience participating in or coordinating Attack and Penetration assessments and reviews.
Familiarity with cloud computing, virtualization, Cybersecurity framework (CSF), CIS Benchmarks, and the ITIL framework.
Experience working within a highly automated SSDLC program.
Ability to apply Threat Modeling practices within the product lifecycle.
Experience in implementing and operating application vulnerability scanning products and Security Information and Event Management (SIEM) tools in both a Windows and Linux environment.
Strong verbal and written communication skills with the ability to collaborate effectively across teams.
Strong analytical and problem-solving abilities.
Good organizational and time management skills.
Ability to balance security with academic and operational needs.
Preferred Qualifications
1-2 years of experience in an information security position.
Experience in security or technology administration within a Higher Education setting.
Previous hands-on experience in roles such as network, server, database, or application administration.
Familiarity with Project Management tools, such as Microsoft Project.
Possession of or ability to obtain relevant information security certifications (e.g., SSCP, GSEC, CISSP, or CISM).
Salary and Benefits Minimum Starting Salary: 104,000
Maximum Starting Salary: 130,000
Note: Salary is commensurate with qualifications, experience, and skills.
Additional Details Is this a Union position? No
Posting Number: A1012P
Number of Vacancies: 1
Start Date: ASAP
Posting Date: 01/25/2026
Equal Employment Opportunity (EEO) Fordham University is committed to excellence and welcomes candidates of all backgrounds. Fordham University is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, orientation, gender identity or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law.
Physical Activity and Work Environment Physical Activity and Work Environment details are listed on the original posting and have been omitted here to maintain a clean, readable format.
Documents Needed to Apply Required Documents
Resume
Cover Letter
Optional Documents
Supplemental questions Required fields are indicated with an asterisk (*).
Do you have a Bachelor's Degree in computer science or a related field, or equivalent combination of education and 4 years of directly related work experience?
Yes
No
Do you have experience participating in or coordinating Attack and Penetration assessments and reviews?
Yes
No
Are you familiar with cloud computing, virtualization, Cybersecurity framework (CSF), CIS Benchmarks, and the ITIL framework?
Yes
No
Do you have experience working within a highly automated SSDLC program?
Yes
No
Do you have the ability to apply Threat Modeling practices within the product lifecycle?
Yes
No
Do you have experience implementing and operating application vulnerability scanning products and Security Information and Event Management (SIEM) tools in both a Windows and Linux environment?
Yes
No
#J-18808-Ljbffr