Position Classification Title: Enterprise Sys Sec Admin,Inter
Position Classification Code: M4066
Job Family: Information Technology
Pay Level: 09
Exempt Status: Exempt
This description is intended to describe the general nature of the work being performed. It is not intended to be a complete list of specific duties of any particular position. Duties, responsibilities and bargaining unit eligibility may vary based on the specific tasks assigned to the position.
Purpose of Classification:
Assist in the planning, development and implementation as well as monitor, evaluate and maintain systems and procedures to protect the data systems and databases from unauthorized users. Identifies, reports, and resolves security violations. Participates in communicating security procedures to user departments.
Standard Duties:
Implement, monitor and maintain systems and procedures to protect NMSU data. Identify potential threats and respond to reported security violations. Determine causes of security violations and recommend corrective actions to ensure data security. Implements changes in procedures and systems to enhance data systems security. Provide security advice and guidance to system administrators, network engineers, management and external departments. Collaborate on solutions to mitigate risks and enhance system security. Administers the processes for managing improper use of network services to include copyright violation, SPAM email, etc., Assist in developing security awareness materials, security presentations, and information security training sessions. Participate in physical security projects and develop physical security and safety skill sets. Perform security audits, risk analysis, and application-level vulnerability testing and reviews. Collaborate on solutions to mitigate risks and enhance system security. Assists in implementing cost effective security controls to meet institutional security requirements. Participates in security projects including requirements definition, task planning, research, testing, implementation, and management.
Knowledge, Skills and Abilities:
University and department policies and procedures; principles and practices of organization and administration; principles of supervision, training, and performance evaluation; Common Information security and computer network access technologies. Technical knowledge in implementing data protection and integrity, operating systems and network security, authentication, and security protocols
Short – and long-range planning; problem analysis and resolution; report preparation and presentation; public contact and relations; oral and written communication; strong interpersonal and communication skills to work effectively with a team and other business units.
Develop and maintain effective working relationships; maintain accurate and orderly records; use independent judgment and initiative; analyze and evaluate information; ability to maintain operational computer and network security, firewall administration, virus protection, intrusion detection and prevention, automated security patching, and vulnerability scanning systems; ability to administer information security programs including risk assessments and forensic research, gathering metrics and reporting status. Must be circumspect and act with integrity and discretion.
Minimum Qualifications:
   Education- Bachelor’s degree in a related field.
   Experience- One year related experience required.
   Equivalency- None
   Departmental Requirements-
   Special Requirements-