Working knowledge of computer network defense and vulnerability assessment tools and their capabilities.
• Working knowledge of network protocols (e.g., TCP/IP (Transmission Control Protocol/Internet Protocol), DHCP (Dynamic Host Configuration Protocol), DNS (Domain Name System).
• Working knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
• Knowledge of new and emerging information technology (IT) and information security
technologies.
• Knowledge of data backup, types of backups (e.g., full, incremental), and recovery concepts and tools.
• Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
• Ability to accurately and completely source all data used in intelligence, assessment, and/or planning products.
• Skill in using incident handling methodologies.
• Skill in collecting data from a variety of cyber defense resources.
• Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
• Skill in assessing security controls based on cybersecurity principles and tenets.
• Skill in implementing security controls and tools.
• Strong interpersonal and communication skills.
• Ability to achieve goals through influence, collaboration, and cooperation.
• Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
• Ability to produce technical documentation.

• Ability to handle and maintain confidential information.
• Ability to exercise judgment when policies are not well-defined.
• Ability to think critically, analyze issues and solve sensitive and complex problems under pressure.
• Ability to work effectively with an array of constituencies in a community that is both demographically and technologically diverse

Perform assessments of systems and networks within the College environment and identify where those systems/networks deviate from approved configurations, or College policy.
o Measure effectiveness of defense-in-depth architecture against known vulnerabilities.
o Conduct vulnerability scanning activities across the enterprise.
o Analyze scan results to identify security weaknesses, misconfigurations, and areas of elevated risk.
o Correlate vulnerability data with current threat intelligence to assess exploitability and potential impact.
o Produce detailed reports on identified vulnerabilities, severity levels, business impact, and remediation status.
o Coordinate and support remediation efforts across business owners and support teams.
o Supports security awareness and education efforts for the College community, i.e. Employees, Students, Contractors, Volunteers, etc.
• Analyze data from cyber defense tools (e.g. Vulnerability Management tools, EDR, SEG, IDS alerts, firewalls, network traffic logs) for the purposes of mitigating threats.
o Review SIEM and/or audit logs to identify anomalous activity and potential threats to network resources.
o Perform continuous monitoring and analysis of system and user activity to identify malicious activity.
o Maintain detailed tracking of vulnerabilities, including deadlines, remediation progress, ownership, and closure.
o Manage, and update Plans of Action and Milestones (POA&Ms).
o Correlate events across a wide variety of source data (indications and warnings).
o Notify management of incidents that may require additional attention.
o Stay current with existing and evolving technologies to provide enhanced security service offerings to stakeholder groups.
o Act as a security consultant to help identify business needs and design appropriate security controls.
o Ensure cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
• Manage security incidents. Act as a trusted point of contact and provide expertise for incidents and executes incident response activities including escalation to upper management.
o Serve on the Cybersecurity Incident Response Team.
o Respond to alerts received from monitoring systems.
o Perform event correlation to gain situational awareness and determine the impact of an observed attack.
o Provide timely analysis of events to distinguish malicious incidents and events from benign activities.
o Analyze malicious activity to determine weaknesses exploited, exploitation methods, and effects on systems and information.
o Provide recommendations for improvements as needed.

• Bachelor's degree from an accredited college or university with course work in cybersecurity and information technology or a related field, and/or any combination of education, training, and experience that provides the required knowledge, and expertise to perform the essential functions of the position.
• Three years of working experience in various aspects of information technology as an analyst/engineer or similar professional level, including systems administration, networking and/or application development.
• Three years of working experience in cybersecurity as an analyst or security engineer.
• Experience in incident handling/response and disaster recovery planning.
• Experience in OS, network, and application hardening using baselines such as CIS or STIG.

Tasks:

Responsibilities

• Develop and execute business development strategies to drive sales and market share in the banking sector within Pakistan, Middle East, and African markets.
• Identify and target key banking customers for IAM solutions, nurturing relationships to promote SPS products and services.
• Collaborate with internal teams to tailor IAM solutions to meet the specific needs and challenges of banking customers.
• Strategically position IBM Security Verify products within the banking industry to create a competitive advantage.
• Stay up-to-date with industry trends, competitor activities, and market dynamics to capitalize on opportunities and mitigate risks.

Tasks:

• Conduct market research to understand the needs and preferences of potential clients.
• Attend industry events and networking functions to expand professional connections.
• Prepare proposals and pricing strategies for potential clients.
• Negotiate contracts and agreements with clients.
• Provide ongoing support and communication to clients post-sale.
• Conduct market research to identify potential banking customers, their IAM needs, and buying behaviors.
• Plan and execute marketing campaigns, product demonstrations, and client presentations to showcase the value of SPS IAM solutions.
• Negotiate contracts, pricing, and terms with banking customers to secure deals and achieve sales targets.
• Provide training, support, and guidance to banking clients on the implementation and utilization of IAM products and services.
• Collaborate with the sales team to ensure a seamless customer journey, from prospecting to post-sales support.

Success Metrics

• Percentage of revenue growth in the banking sector within Pakistan, Middle East, and African markets.
• Number of new banking customers acquired and retained through IAM solutions.
• Customer satisfaction scores and feedback on the value, performance, and support of SPS IAM products and services.
• Market share increase and competitive positioning of IBM Security Verify products in the banking industry.
• Achievement of sales targets, contract signings, and business development goals within the specified regions.

Broad knowledge of computer security issues, requirements, solutions, and trends, especially in the higher education environment.

• Knowledge of applicable business processes and operations of customer organizations.

• Knowledge of new and emerging information technology (IT) and information security technologies.

• Knowledge of risk management processes, including steps and methods for assessing risk.

• Knowledge of system lifecycle management principles, including software security and usability.

• Knowledge of critical information technology (IT) procurement requirements.

• Strong interpersonal and communication skills, plus the ability to achieve goals through influence, collaboration, and cooperation.

• Demonstrated ability to work effectively with an array of constituencies in a community that is both demographically and technologically diverse.

• Ability to think critically and analyze information and situations, present findings and make recommendations; ability to turn data into information and present it in a meaningful manner.

• Ability to analyze issues and solve sensitive and complex problems under pressure. Skilled in interpersonal communication and conflict resolution.

• Excellent written and verbal skills. • Excellent presentation skills and experience in public speaking or training.

Bachelor's degree from an accredited college or university with course work in computer science, information systems, cybersecurity, or a related field, and/or any combination of education, training, and experience that provides the required knowledge, and expertise to perform the essential functions of the position.

• Four years of progressively responsible experience in the management of identity and access management, or similar experience managing complex applications, projects or systems. • Proven experience in designing and implementing IAM solutions in a complex organization.

• Experience dealing with complex risk-related issues with managing vendor relationships, information security or regulatory compliance programs, and audits.

Competencies:

• Decision Making

o Decisions may affect a work unit or area within a department. May contribute to business and operational decisions that affect the department.

• Problem Solving

o Problems are varied, requiring analysis or interpretation of the situation. Problems are solved using knowledge and skills, and general precedents and practices. • Independence of Action

o Results are defined and existing practices are used as guidelines to determine specific work methods and carries out work activities independently; supervisor/manager is available to resolve problems.

• Communication and Collaboration

o Contacts and information are primarily within the job’s working group, department and/or campus.

o Contacts and information sharing are external to the job’s department, but internal to the campus/campuses (i.e. other departments/campuses, central administration/services such as Human Resources, Payroll, Finance, Facilities, Mail Services, Student Services, etc.)

o Contacts and information sharing are internal/external to the College, for the primary reason of scheduling, coordinating services, collaborating, etc. Required Industry

Certifications

• At least one relevant certification, e.g. Certified Identity and Access Manager (CIAM), Certified Identity Management Professional (CIMP), Certified Identity Governance Expert (CIGE), Certified Information Systems Security Professional (CISSP)