Assistant Director of Application and System Security

Founded in 1841, Fordham is the Jesuit University of New York, offering an exceptional education distinguished by the Jesuit tradition to more than 16,000 students in its nine colleges and schools. It has residential campuses in the Bronx and Manhattan, a campus in West Harrison, N.Y., the Louis Calder Center Biological Field Station in Armonk, N.Y., and the London Centre in the United Kingdom.

The University offers a comprehensive benefits package that includes medical, dental, and vision insurance; flexible spending accounts; retirement plans; life insurance; short and long‑term disability; employee assistance program (EAP ); tuition remission; and generous time off.

Successful candidates should have a knowledge of and commitment to the goals of Jesuit Education.

Title of Position

Assistant Director of Application and System Security

Reporting to the Senior Director of DevOps Planning, the Assistant Director of Application and System Security is responsible for the daily management, execution and supervision of security operations for applications and systems, both on‑premises and in the Cloud.

This position is responsible for installing, configuring and turning over for operational support, technologies intended to keep university resources safe and secure. This role ensures that security principles are practically applied during the configuration of systems and throughout the development and deployment of web applications. The Assistant Director works directly with application and engineering teams to implement solutions that address current and potential security threats.

Key responsibilities include coordinating system configuration management, supporting and enforcing the secure Software Development Life Cycle (SDLC) program, and scheduling regular audits, assessments, penetration tests, and vulnerability scans.

Executes application and system security strategies defined by leadership to enhance the adoption of new technologies and assists in analyzing their impact on the university community.

Monitors system configurations to ensure security and compliance, ensuring security protocols are followed during the development and deployment of servers and web applications.

Supervises the daily security operations of systems and applications in both Cloud and On‑Prem environments.

Collaborates directly with application and engineering teams to implement safeguards against existing and emerging security threats.

Coordinates and performs vulnerability scanning of applications to detect issues and assists in leading penetration testing initiatives to identify vulnerabilities.

Supports the maintenance and execution of a secure Software Development Life Cycle (SDLC) program.

Conducts periodic audits and assessments for system and application security under the guidance of their management’s directives.

Collaborates with development teams to integrate security controls into enterprise applications, student systems, learning management systems, and research platforms.

This list is not intended to be an exhaustive list. The University may assign additional related duties as necessary.

Guides work of other employees who perform essentially the same work and/or student workers. Organizes, sets priorities, schedules and reviews work, but is generally not responsible for final decisions in hiring, performance management or compensation.

Delivers training plans and materials to staff to ensure success of initiatives and to manage security risks and issues.

Maintains working relationships with university departments, external partners and vendors.

Implements practical solutions to resolve security challenges.

Adapts daily workflows in response to the evolving cybersecurity landscape.

Supports the negotiation process with vendors and partners to achieve security outcomes.

Maintains awareness of the latest cybersecurity trends, threats, and technologies.

Upholds high ethical standards and integrity in all cybersecurity practices.

Bachelor’s degree in computer science or a related field, or equivalent combination of education and 4 years of directly related work experience.

• Working knowledge of authoritative standards, guidelines, and best practices in information security.
• Experience participating in or coordinating Attack and Penetration assessments and reviews.
• Familiarity with cloud computing, virtualization, Cybersecurity framework (CSF), CIS Benchmarks, and the ITIL framework.
• Experience working within a highly automated SSDLC program.
• Ability to apply Threat Modeling practices within the product lifecycle.
• Experience in implementing and operating application vulnerability scanning products and Security Information and Event Management (SIEM) tools in both a Windows and Linux environment.
• Strong verbal and written communication skills with the ability to collaborate effectively across teams.
• Strong analytical and problem‑solving abilities.
• Good organizational and time management skills.
• Ability to balance security with academic and operational needs.

• 1-2 years of experience in an information security position.
• Experience in security or technology administration within a Higher Education setting.
• Previous hands‑on experience in roles such as network, server, database, or application administration.
• Familiarity with Project Management tools, such as Microsoft Project.
• Possession of or ability to obtain relevant information security certifications (e.g., SSCP, GSEC, CISSP, or CISM).

Minimum Starting Salary $104,000

Maximum Starting Salary $130,000

Salary is commensurate with qualifications, experience, and skills.

No

A1012P

1

ASAP

01/25/2026

Fordham University is committed to excellence and welcomes candidates of all backgrounds.
Fordham University is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, orientation, gender identity or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law.

• Sitting Nearly Continuously
• Repetitive Hand Motion (such as typing) – Often
• Hearing, Listening, Talking – Often
• Standing – Seldom
• Walking – Seldom
• Running – Not Required
• Bending, Stooping, Kneeling, squatting, Crouching, Crawling – Not Required
• Climbing stairs – Seldom
• Climbing ladders – Not Required
• Reaching overhead – Not Required
• Pulling, pushing – Not Required
• Shoveling – Not Required
• Lifting – up to 20 pounds – Not Required
• Lifting – up to 50 pounds – Not Required
• Lifting – over 50 pounds – Not Required
• Work Environment: Office Environment – Employees are protected from weather conditions or contaminants, but not necessarily occasional temperature changes.

Required Documents

• Resume
• Cover Letter

Optional Documents

Required fields are indicated with an asterisk (*).

• * Do you have a Bachelor's Degree in computer science or a related field, or equivalent combination of education and 4 years of directly related work experience?
  • Yes
  • No
• * Do you have experience participating in or coordinating Attack and Penetration assessments and reviews?
  • Yes
  • No
• * Are you familiar with cloud computing, virtualization, Cybersecurity framework (CSF), CIS Benchmarks, and the ITIL framework?
  • Yes
  • No
• * Do you have experience working within a highly automated SSDLC program?
  • Yes
  • No
• * Do you have the ability to apply Threat Modeling practices within the product lifecycle?
  • Yes
  • No
• Do you have experience implementing and operating application vulnerability scanning products and Security Information and Event Management (SIEM) tools in both a Windows and Linux environment?
  • Yes
  • No