MINIMUM QUALIFICATIONS

1. A baccalaureate degree in computer science, engineering or a related field from an accredited college or university and five (5) years of satisfactory full-time experience providing IT security architectural guidance, designing security solutions, and/or conducting IT risk assessments and recommended mitigating solutions; or
2. A baccalaureate degree from an accredited college or university and six (6) years of satisfactory full-time experience as described in “1” above; or
3. A high school diploma or its educational equivalent and ten (10) years of satisfactory full-time experience as described in “1” above; or
4. Education and/or experience which is equivalent to “1,” “2” or “3” above. The following may substitute for some of the required experience required in “1,” “2” or “3” above, as follows:
   College education (undergraduate credits) may substitute for up to four (4) years of the required experience in “3” above on the following basis:
   A. 30 to 59.9 semester credits substitute for 1 year of experience; or
   B. 60 to 89.9 semester credits substitute for 2 years of experience; or
   C. 90 to 119.9 semester credits substitute for 3 years of experience; or
   D. 120 or more semester credits substitute for 4 years of experience.
   Graduate credits in information technology, computer science or a related field may substitute for up to two (2) years of experience in “1” or “2” above on the following basis:
   A. 15 to 29.9 graduate credits substitute for 1 year of required experience; or
   B. 30 or more graduate credits substitute for 2 years of required experience.
   Each of the following certifications may substitute for one (1) year of the required experience in “1,” “2” or “3” above:
   A. Certified Information Systems Security Professional (CISSP) issued by ISC2; and/or
   B. Certified Ethical Hacker (CEH) issued by EC-Council; and/or
   C. CompTIA Security+ issued by CompTIA; and/or
   D. Certified Information Security Manager (CISM) issued by ISACA; and/or
   E. Certified Information Security Auditor (CISA) issued by ISACA; and/or
   F. GIAC Security Essentials (GSEC) issued by GIAC; and/or
   G. Certified Cloud Security Professional (CCSP) issued by ISC2.

HOWEVER, ALL CANDIDATES MUST HAVE A HIGH SCHOOL DIPLOMA OR ITS EDUCATIONAL EQUIVALENT AND AT LEAST THREE (3) YEARS OF EXPERIENCE AS DESCRIBED IN “1” ABOVE.

Assignment Level II or III :
Level II: After meeting the Qualification Requirements above, an additional two (2) years of satisfactory full-time experience providing IT security architectural guidance, designing security solutions, and/or conducting IT risk assessments and recommended mitigating solutions is required for Level II.
Level III: After meeting the Qualification Requirements above and the Level II requirements, an additional two (2) years of satisfactory full-time experience providing IT security architectural guidance, designing security solutions, and/or conducting IT risk assessments and recommended mitigating solutions is required for Level III (for a total of 4 years of experience above the Qualification Requirements).
English Language Proficiency : Demonstrated English language proficiency, including ability to speak, read, write, and understand English well enough to meet minimally acceptable performance standards set for job duties.
Motor Vehicle Driver License : A Motor Vehicle Driver license, valid in New York State, may be required for some, but not all positions.
Note: CUNY considers full-time work to be at least 35 hours per week. Part-time experience of at least 20 hours per week may be prorated by half and credited instead of,but not in addition to, full-time experience during the same period (e.g., two months of related work experience at 20-34 hours per week equates to one month of full-time related work experience.) Part-time experience of fewer than 20 hours per week cannot be credited at all.

OTHER QUALIFICATIONS

• One or more of the following certifications: CISA, CISM, CISSP, CEH

This position encompasses professional and responsible technical consultative and/or administrative work. Under administrative direction of a university IT manager, with broad latitude of independent action or decision, serves as subject matter expert on IT security, identity, and access infrastructure; provides IT security architectural guidance; designs security solutions; conducts IT risk assessments and recommended mitigating solutions.
There are three (3) Assignment Levels within this classification. All personnel perform related work. Assignment Levels 2 and 3 may supervise staff. This specification describes typical assignments; related duties may be assigned as needed.
To view the complete job description, go tohttp://www.cuny.edu/about/administration/offices/hr/classified-civil-service/ccsjobs/and view the Job Description for IT Security Specialist.