Position Information
About Buffalo State
Buffalo State is one of the largest comprehensive schools in the State University of New York system. As a civically minded, urban-engaged campus community located in the city’s cultural corridor, Buffalo State prides itself as having smaller learning environments coupled with larger university opportunities. Boasting a diverse and inclusive campus, Buffalo State is committed to the intellectual, personal, and professional growth of its students, faculty, staff, and alumni. The school’s mission is to deliver a broad array of high-quality and distinctive academic programs infused with diversity, creativity, and hands-on learning opportunities for hardworking students who seek a personalized and affordable education that engages their minds and advances their careers. Buffalo State is dedicated to excellence in teaching, research, service, scholarship, creative activity, and cultural enrichment. With degree programs in education, the arts, science, arts and humanities, and professional studies, each year over 6,000 students choose Buffalo State. Buffalo State welcomes applicants who are committed to helping us fulfill our mission.
Faculty/Professional
Professional
Department
Information Technology Exchange Center
Local Title
External Security Services Information Security Officer
Budget Title
Supervising Programmer/Analyst
Rank
SL-5
Line Number
TBD
Salary Range
$77,346 -$143,611 Competitive based on experience.
FTE
Full-Time
Negotiating Unit
UUP
FLSA
Exempt
Department Website
https://www.itec.suny.edu
Brief Job Description
ITEC’s External Security Services Information Security Officer (ESISO) is part of a team responsible for providing strategic cybersecurity leadership and advisory services to higher education institutions. This role involves assessing, and implementing ITEC security program strategies, policies, and frameworks that align with the unique security needs of universities and colleges. The ESISO will act as a trusted security partner, helping institutions manage cyber risks, ensure regulatory compliance, and safeguard critical academic, research, and administrative data.
The ESISO is a professional advocate for security and advisor to campus management, especially in helping management establish Program priorities and security-serving projects.
The ESISO participates directly in conversations with ITEC and campus senior management and, as needed, carries the insights and concerns of the Team to management. The ESISO is the primary lens for campuses to which they are assigned to help manage new and ongoing risks and security-affecting situations and must be a clear and articulate advocate for what the ESISO sees as needed, communicating in terms and methods that resonate with the business so that executive management can make well informed decisions.
The ESISO must have a good grasp of the current range of matters that the profession, regulations, and standards describe as comprising organizational information security programs in complex organizations in the US. ITEC itself functions within the College of Buffalo, which functions with SUNY, which further functions within New York State government.
With Team leadership and security program management as the primary focus, the role also has a strong project management emphasis. The ESISO must be able to coordinate deliverables to campuses with the Service Delivery Manager for Security Services.
Responsibilities include helping define and oversee approved campus security projects, and working on tasks in such project.
The ESISO assists campuses with security-related incidents. They will help investigate and evaluate security-focused software which promises to be useful to campus security posture and support senior management at the campuses in determining system requirements and capabilities, as well as appropriate hardware and software configurations.
Please see https://www.itec.suny.edu/itec-vacancies for more information.
The location for this position is in Buffalo, NY. An office location at a New York State or SUNY Institution may be possible.
Multiple selections may be made from this posting.
The ESISO is a professional advocate for security and advisor to campus management, especially in helping management establish Program priorities and security-serving projects.
The ESISO participates directly in conversations with ITEC and campus senior management and, as needed, carries the insights and concerns of the Team to management. The ESISO is the primary lens for campuses to which they are assigned to help manage new and ongoing risks and security-affecting situations and must be a clear and articulate advocate for what the ESISO sees as needed, communicating in terms and methods that resonate with the business so that executive management can make well informed decisions.
The ESISO must have a good grasp of the current range of matters that the profession, regulations, and standards describe as comprising organizational information security programs in complex organizations in the US. ITEC itself functions within the College of Buffalo, which functions with SUNY, which further functions within New York State government.
With Team leadership and security program management as the primary focus, the role also has a strong project management emphasis. The ESISO must be able to coordinate deliverables to campuses with the Service Delivery Manager for Security Services.
Responsibilities include helping define and oversee approved campus security projects, and working on tasks in such project.
The ESISO assists campuses with security-related incidents. They will help investigate and evaluate security-focused software which promises to be useful to campus security posture and support senior management at the campuses in determining system requirements and capabilities, as well as appropriate hardware and software configurations.
Please see https://www.itec.suny.edu/itec-vacancies for more information.
The location for this position is in Buffalo, NY. An office location at a New York State or SUNY Institution may be possible.
Multiple selections may be made from this posting.
Required Qualifications
- Bachelor’s degree in a security, computing, programming, networking or related field, or equivalent years of professional work experience.
- Demonstrated current and/or previous leadership positions.
- Demonstrated experience supervising a team.
- Good presentation skills, interpersonal skills, written and communication skills.
- This position is designated as a critical or security-sensitive position; therefore, the candidate must successfully complete a criminal history check and be determined to be security position qualified. Candidates are required to self-report convictions.
- Demonstrated familiarity with security standards including NIST 800-53, 800-171, NIST Cybersecurity Framework (CSF) or equivalents.
- Experience monitoring and evaluating vulnerability publications from reputable security organizations
Preferred Qualifications
- Master’s degree in information security or assurance, such as MSIA
- Certifications related to Security Operations/Architecture/Engineering: ISC2: CISM, CISSP or SSCP.(CISSP-ISSAP or ISSEPa plus); relevant SANS GIAC series; or others, like PNPT, OSCP, CEH, CISM, CISA, or CySA+
- Familiarity with Security Tools such as Zeek, Snort, Suricata, Nmap, Metasploit, Wireshark, OpenVAS, Autopsy.
- Demonstrated familiarity with privacy regulations such as FERPA, PCI, HIPAA and GLBA
- Working or managerial experience in a large organization, especially higher education.
- Recent operational or administrative experience with EDR, SIEM, IDS/IPS Systems
- Experience responding to or advising the response to a security breach, such as notification, chain of custody, guiding forensics, or compliance reporting
- Familiarity or experience with network hardware e.g. switches, VLANs, routers, and access control lists; Familiarity or experience with network software protocols e.g. TCP/IP, BGP, NFS, iSCSI, QoS, SDN, HTTPS, TLS, etc.
- Experience in System Administration for Windows servers, vCenter/ESXi, Linux, Hypervisors a plus.
- Experience with Single-Sign on protocols e.g. SAML2, OpenID, CAS and Multifactor authentication.
- Cloud provider experience and/or certifications with any of Azure, AWS, Google Cloud.
- Membership in REN-ISAC, MS-ISAC, or other industry ISAC
- Familiarity with Banner Student Information Systems or a similar product.
- Experience with Zero Trust Networks.
- Experience using enterprise security products (e.g. EDR, IDS/IPS, SIEM systems, firewalls, etc)
Anticipated Date of Hire
10/01/2025
Priority Review Date
Application Deadline Date
09/17/2025
Open Until Filled
No
Special Instructions to Applicant
Contact Person
Tracey Gernatt
Contact Email
tracey.gernatt@itec.suny.edu
Contact Fax
Quick Link for Direct Access to Posting
https://jobs.buffalostate.edu/postings/7977
Equal Employment Opportunity/Affirmative Action Employer
Buffalo State is an affirmative action/equal opportunity institution that subscribes to all federal, state, and SUNY legal requirements and does not discriminate against applicants, students, or employees on the basis of race, sex, ethnicity, national origin, sexual orientation, religion, age, disability, or marital or veteran status (Nondiscrimination Notice). Any violation of this policy should be reported to the Equity and Diversity Office, Cleveland Hall 415, (716) 878-6210. Buffalo State is a VEVRAA Federal Contractor. If you have any questions, please contact Jamie Warnes at warnesje@buffalostate.edu or call (716) 878-4822.
Background Investigation Statement
All applicants are subject to a pre-employment background investigation. Our Pre-Employment Background Screening Policy is available at http://hr.buffalostate.edu/pre-employment-background-screening.
Clery Statement
Applicants interested in positions may access the Annual Security Report (ASR) for SUNY Buffalo State at http://police.buffalostate.edu. The ASR contains information on campus security policies and certain campus crime statistics. Crime statistics are reported in accordance with the Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act. Applicants may request a hard copy of the ASR by contacting the SUNY Buffalo State University Police Department at (716) 878-6333.
New York State Executive Order 161
Pursuant to Executive Order 161, no State entity, as defined by the Executive Order, is permitted to ask, or mandate, in any form, that an applicant for employment provide his or her current compensation, or any prior compensation history, until such time as the applicant is extended a conditional offer of employment with compensation. If such information has been requested from you before such time, please contact the Office of Employee Relations at (518) 474-6988 or via email at info@oer.ny.gov. Further restrictions on using salary information in the hiring process appear in Labor Law §194-a.