 | NEW MEXICO STATE UNIVERSITY |
HUMAN RESOURCES SERVICES | |
POSITION CLASSIFICATION DESCRIPTION | |
| Position Classification Title: | Enterprise Sys Sec Admin,Ld |
| Position Classification Code: | M4059 |
| Job Family: | Information Technology |
| Pay Level: | 09 |
| Exempt Status: | Exempt |
| This description is intended to describe the general nature of the work being performed. It is not intended to be a complete list of specific duties of any particular position. Duties, responsibilities and bargaining unit eligibility may vary based on the specific tasks assigned to the position. | |
| Purpose of Classification: | |
| Plan, develop and implement security strategy and infrastructure in coordination with CISO, Central IT and Manager. Monitors, evaluates and maintains systems and procedures to protect the data systems and databases from unauthorized users. Identifies, reports, and resolves security violations. Participates in communicating security procedures to user departments. Mentor junior information security staff and may supervise employees. | |
| Standard Duties: | |
| Perform in-depth, professional level IT investigations for the institution. Must possess extensive knowledge of various systems and software for data cloning and data examination, as well as knowledge of chain of custody and evidence handling procedures. May be required to give formal testimony. Plan, develop, implement and evaluate systems and procedures to protect NMSU data. Identify potential threats and respond to reported security violations. Determine causes of security violations and recommend corrective actions to ensure data security. Researches, recommends, and implements changes in procedures and systems to enhance data systems security. Provide security advice and guidance to system administrators, network engineers, management and external departments. Collaborate on solutions to mitigate risks and enhance system security. Lead security projects including requirements definition, task planning, research, testing, implantation, and management. Oversees the processes for managing improper use of network services to include copyright violation, SPAM email, etc., Assist in developing security awareness materials, security presentations, and information security training sessions. | |
| Knowledge, Skills and Abilities: | |
| Experienced in the management of both physical and logical information security systems. Extensive knowledge of computer systems, networks, and all associated hardware, software, techniques and associated protocols, including encryption, Virtual Private Networks and associated secure transmission technologies. Knowledge of the Internet, intranet and extranet technologies and applications. | |
| Strong analytical and critical thinking skills and the ability to analyze, summarize, and effectively present data. Strong interpersonal and communication skills and the ability to effectively work and coordinate with a wide range of individuals and constituencies in a diverse community. Strong verbal and written communication skills and the ability to present information effectively to groups. | |
| Ability to facilitate diverse disciplines and personnel with disparate technical backgrounds. Ability to participate with upper management in a decision support mode through the development of appropriate management information. Ability to weigh business risks and enforce appropriate information security measures. Ability to work independently. | |
| Minimum Qualifications: | |
| Education- Bachelor's degree in a related field. | |
| Experience- Five (5) years of experience directly related to the standard duties as outlined. | |
| Equivalency- None | |
| Certifications/License- | |
| Departmental Requirements- | |
| Special Requirements- | |