1. Excellent command of the English language—both written and verbal.
2. Strong organizational skills with high attention to detail.
3. Ability to work flexible hours, including night-time remote shifts.
4. Demonstrated cultural sensitivity and ability to collaborate with global teams.
5. Proficiency with HR systems or business management platforms (training on our system will be provided).
6. High level of professionalism, discretion, and integrity.
7. Experience in technical recruitment is a must.
8. Knowledge of labor laws and employment regulations.
9. Attention to detail and work well under pressure to meet tight deadlines.
10. Must have working understanding of MS Office applications like Outlook, Word, Powerpoint, Excel. 
11. Ability to accurately follow instructions.
12. Strength of character, ethics, and commitment, and reliability.
13. Ability ot operate with a service oriented mindset where HR services its internal customers.
14. Excellent problem solving ability.

Responsibilities

1. HR Operations & Employee Administration

   1. Maintain and update accurate employee records in the HR system, ensuring all changes (joins, exits, role updates, compensation changes) are reflected correctly and on time.

   2. Support employee lifecycle processes including onboarding, confirmations, contract updates, role changes, and offboarding.

   3. Prepare and organize HR documentation such as offer letters, employment contracts, confirmation letters, warning notices, and exit paperwork under guidance.

   4. Assist in preparing HR inputs for payroll by validating attendance, leave records, and employment status changes, and coordinate with Accounting to resolve discrepancies.

   5. Follow defined HR policies and procedures, and flag gaps, inconsistencies, or risks to the HR Manager for guidance.

2. Learning, Growth & Ownership

   1. Learn core HR processes hands-on by working closely with senior HR leadership.

   2. Take increasing ownership of assigned HR tasks and processes as competence and confidence grow.

   3. Stay updated on basic HR practices, employment regulations, and workplace standards.

   4. Demonstrate reliability, attention to detail, and follow-through in all assigned responsibilities.

   5. Prepare onboarding materials and conduct orientation sessions

   6. Coordinate training sessions and track employee participation

3. Cross-Functional & Global Coordination

   1. Work closely with the SPS Pakistan HR Manager and other SPS stakeholders as directed.

   2. Coordinate HR activities with global teams, including US-based stakeholders, with professionalism and cultural awareness.

   3. Participate in meetings aligned with US time zones when required and ensure follow-ups are tracked and closed.

4. Systems, Data & Process Discipline

   1. Maintain the HR module of the Business Management System by ensuring timely data entry and accuracy.

   2. Regularly review HR data to identify missing, outdated, or inconsistent information.

   3. Support process improvements by identifying recurring issues and suggesting practical fixes.

   4. Maintain confidentiality and data security at all times.

5. Benefits, Engagement & Training Support

   1. Assist with administration of employee benefits, including enrollments, updates, and employee queries.

   2. Coordinate logistics for employee engagement activities, training sessions, and internal HR programs.

   3. Track training participation and attendance and maintain updated records for reporting purposes.

6. Employee Support & Workplace Relations

   1.  Act as a first-level point of contact for routine employee HR queries related to policies, benefits, leave, and processes.

   2. Respond to employee inquiries in a timely, professional manner and escalate sensitive or complex issues appropriately.

   3. Assist in disciplinary processes by preparing documentation, tracking actions, and coordinating meetings under supervision.

   4. Support exit and clearance processes, including scheduling exit interviews and ensuring documentation is completed.

   5. Contribute to maintaining a respectful, inclusive, and professional work environment.

   6. Ensure completed performance reviews are documented and filed correctly in the HR system.

   7. Support follow-up actions from reviews, such as development plans, training needs, or goal tracking.

   8. Help track personal development and leadership plans for employees under guidance. 

   9. Track and follow up on performance review timelines to ensure reviews are completed as scheduled.

   10. Assist managers and employees in navigating performance review tools, formats, and timelines.

   11. Help prepare performance review documentation and follow-up

   12. Respond to employee inquiries regarding HR policies and procedures

7. Recruitment & Hiring Support

   1. Support the end-to-end recruitment process by posting jobs, screening resumes, scheduling and coordinating interviews, and maintaining hiring trackers.

   2. Screen resumes and shortlist candidates based on role requirements and guidance from hiring managers.

   3. Coordinate interview schedules, candidate communications, and interview feedback collection across teams and time zones.

   4. Assist with reference checks, background verification coordination, and offer documentation as required.

   5. Prepare onboarding materials and support orientation sessions to ensure a smooth joining experience for new hires.

Success Metrics

1. ≥ 98% accuracy in employee records within the BMS (random audit by HR Manager) – Monthly.
2. 100% of joiners, exits, and role/contract changes updated in the HR system within 2 working days – Weekly. 
3. 100% of assigned vacancies actively tracked with updated status at all times – Weekly.
4. Interview coordination turnaround ≤ 3 working days from hiring manager request – Weekly. 
5. ≥ 98% new-hire onboarding readiness (documents, system access requests, orientation scheduled) completed before Day 1 – Monthly
6. ≥ 95% of employee HR queries acknowledged within 1 business day – Weekly
7. ≥ 90% of routine HR queries resolved within 3 business days – Weekly
8. Zero unresolved escalations older than 7 working days without documented follow-up – Weekly
9. Identification and documentation of at least 2 process or system improvement opportunities per monthly (even small ones) – Monthly
10. For regular roles the time to fill should be less than 15 days – Monthly 
11. For speciality roles, the time to fill should be less than 45 days – Monthly

1. Bachelor’s degree in Human Resources, Business Administration, or a related field.
2. 2 years of minimum HR experience, preferably within a multinational or multicultural environment.

• Proficiency in HTML, CSS, and JavaScript
• Strong understanding of responsive design principles
• Experience with frontend frameworks - React, Angular, or Vue.js
• Knowledge of RESTful APIs and asynchronous request handling
• Experience with building tools and automation frameworks
• Good understanding of browser rendering behavior and performance
• Problem-solving and debugging skills
• Ability to collaborate with designers and backend developers

Must-Have Skills

• Strong expertise in HTML5, CSS3, Flexbox, Grid, and responsive design methodologies.
• Solid experience with Angular (preferably Angular 12+).
• Understanding of RESTful integrations and frontend state management.
• Strong problem-solving mindset with a commitment to clean, maintainable code.
• Strong understanding of Git workflows including branching strategies and clean version control practices.
• Hands-on experience with frontend UI libraries, particularly Material and PrimeNG.
• Knowledge of best practices for code organization, change detection optimization and reusable components.
• Competent in debugging front-end code using browser developer tools.

Nice to Have

• Experience with Figma-based handoff workflows.
• Exposure to Agile delivery environments.

• Education: Bachelor’s degree in Computer Science, Software Engineering, or a related field

• Experience: 2-5 years of experience in frontend development

   

• Ability to analyze financial data and generate accurate reports.
• Strong problem-solving skills with attention to detail.
• Familiarity with financial reporting and general ledger functions
• Ability to adapt to changing financial regulations and company policies.

• General Ledger Maintenance:
  • Maintain and reconcile general ledger accounts.
  • Post journal entries and ensure accurate financial reporting.
• Accounts Payable & Receivable:
  • Process invoices, and payments, and manage vendor relationships.
  • Monitor accounts receivable, generate invoices, and track payments.
• Financial Reporting:
  • Assist in preparing monthly, quarterly, and annual financial reports.
• Payroll Processing:
  • Assist in payroll processing and ensure compliance with tax regulations.
  • Handle employee expense reports and reimbursements.
• Audit Support:
  • Assist in internal and external audits by providing necessary documentation and explanations.
  • Ensure compliance with company policies and accounting standards.
• Budgeting and Forecasting:
  • Support budgeting and forecasting activities by analyzing financial data.
  • Provide variance analysis and report discrepancies.
• Tax Filing:
  • Assist in preparing tax returns and ensure timely filing.
  • Maintain knowledge of tax laws and regulations.
• Data Management:
  • Maintain financial data and ensure accuracy in financial records.
  • Use accounting software and tools to manage financial information.
• Compliance & Regulations:
  • Ensure adherence to financial policies, procedures, and regulatory standards.
  • Stay updated on industry standards and best practices.
• Team Collaboration:
  • Collaborate with other departments to ensure smooth financial operations.
  • Provide support to senior accountants and management as needed.

Tasks:

• Coordinating with managers for month end billing - Communicate with department managers to gather all necessary billing information, including completed work, purchase orders, service confirmations, and supporting documents. Ensure all required data is submitted on time to meet strict month-end deadlines. Verify accuracy and completeness of billing details before processing invoices. Resolve discrepancies by clarifying issues with managers and cross-checking with internal records. Prioritize and organize billing tasks to maintain an efficient month-end closing cycle. Collaborate closely with management to ensure revenue is recognized accurately and invoices are released without delay.
• Preparation of invoices and getting approval as required.
• Coordinating with the customer for the invoices and making sure the payment is received.
• Maintaining accurate book of accounts in SAGE 50 Accounting system - Record and update all financial transactions daily in the SAGE 50 Accounting system, ensuring accuracy and completeness of data. Maintain up-to-date ledgers, including general ledger, accounts payable, accounts receivable, and bank accounts. Perform regular reviews of entries to ensure proper coding to the correct GL accounts, cost centers, and departments. Reconcile sub-ledgers with the general ledger to ensure consistency and identify discrepancies early. Generate financial reports such as trial balance, P&L, and balance sheet as needed for management review. Ensure compliance with accounting standards, internal policies, and month-end closing procedures within SAGE 50. Troubleshoot posting errors and correct misclassifications to maintain clean and reliable financial records.
• Aging Reports (Receivables and Payables) - Generate and review Accounts Receivable and Accounts Payable aging reports on a regular basis to monitor outstanding balances. Analyze aging data to identify overdue invoices, upcoming due dates, and potential cash flow concerns. Follow up with customers regarding overdue receivables, ensuring timely collections and maintaining healthy cash flow. Coordinate with vendors to clarify outstanding payables and resolve discrepancies in billing or payments. Provide aging summaries to management for decision-making and month-end closing activities. Investigate and reconcile aged items by verifying supporting documents and updating records in the accounting system. Ensure accuracy of aging schedules by continuously reviewing applied payments, credit notes, and adjustments.
• Review expenses and look for any discrepancies - Examine all expense entries regularly to ensure they are accurate, properly documented, and coded to the correct GL accounts. Verify supporting documents such as receipts, invoices, and approvals to confirm legitimacy of expenses. Compare expenses against budgets, purchase orders, and previous periods to identify unusual or inconsistent transactions. Investigate discrepancies by coordinating with relevant departments to clarify errors or missing information. Correct misposted or duplicate entries and ensure timely updates in the accounting system. Prepare summaries of findings and escalate significant variances or policy breaches to management. Maintain strong internal controls by ensuring all expenses comply with company policies and accounting standards.
• Reviewing PORFPs and quotes to ensure accuracy, completeness, and alignment with project or departmental requirements. Verify that pricing, terms, quantities, and specifications in the quotes match the details requested in the PORFP. Compare multiple vendor quotes to support cost analysis and assist management in selecting the most competitive and compliant option. Ensure all PORFPs follow internal procurement policies, budget limits, and approval workflows. Identify discrepancies or missing information and coordinate with requesters or vendors to obtain clarifications or corrections. Maintain organized documentation of PORFPs, quotes, and approvals for audit and reference purposes. Provide recommendations or summaries to management to support informed purchasing decisions.
• Assist with forecasting and budgeting - Support the preparation of annual budgets and periodic financial forecasts by gathering historical data, analyzing trends, and validating assumptions. Collaborate with department managers to collect input on expected revenues, expenses, and upcoming operational needs. Prepare preliminary budget drafts, variance analyses, and updated forecast reports for management review. Compare actual performance against budgeted figures and identify areas requiring adjustment or explanation. Assist in building financial models or spreadsheets to project cash flow, expenses, and revenue patterns. Monitor spending throughout the year to ensure alignment with approved budgets and highlight potential overruns early. Maintain organized and accurate documentation to support the budgeting and forecasting process during audits or internal reviews.
• Assist with ensuring the accuracy of financial information on BMS (Business Management System) - Regularly review and validate all financial data entered into the Business Management System (BMS) to ensure accuracy, consistency, and completeness. Cross-check BMS entries with source documents such as invoices, purchase orders, contracts, and receipts to verify correctness. Identify data-entry errors, mismatches, or missing information and make necessary corrections promptly. Collaborate with relevant departments to clarify unclear entries and ensure proper coding to the correct accounts and cost centers. Monitor system updates, status changes, and workflow approvals to ensure financial information flows correctly through the BMS. Assist in maintaining strong internal controls by ensuring all financial data complies with accounting standards and company policies. Generate reports from the BMS to support management decision-making and help identify areas for process improvement.
• Timelive tasks, sending reminders, preparing different reports for billing and US payroll - Monitor and manage TimeLive entries to ensure employees submit accurate and timely timesheets for billing and payroll purposes. Send regular reminders to staff and managers to complete pending timesheets, approvals, or corrections before deadlines. Verify timesheet data for accuracy, ensuring hours are properly coded to the correct projects, clients, or cost centers. Prepare detailed billing reports based on approved TimeLive data, including billable hours, project allocations, and supporting documentation for client invoicing. Generate and compile US payroll reports, ensuring employee hours, overtime, PTO, and adjustments are accurately reflected. Maintain organized records of timesheets and reports to support audits, month-end closing, and management reviews.
• Reviewing Paychex and other billing to make sure these are as per the contract and highlighting the discrepancies
• Reviewing SOWs - Carefully review Statements of Work (SOWs) to ensure all project requirements, deliverables, timelines, and pricing are clearly defined and aligned with company standards. Verify that the scope, milestones, and responsibilities outlined in the SOW match internal project plans and client expectations. Check for accuracy in financial terms, including billing rates, payment schedules, and budget allocations. Identify inconsistencies, missing details, or ambiguous clauses and coordinate with project managers, sales teams, or clients to obtain clarification. Ensure that all SOWs comply with company policies, contractual guidelines, and approval workflows before execution. Maintain proper documentation of approved SOWs and update internal systems to reflect project setup or changes.
• Uploading POs to BMS and updating BMS with numbers - Upload and enter all Purchase Orders (POs) into the Business Management System (BMS) accurately and in a timely manner. Verify that PO details, including vendor information, items, quantities, rates, and payment terms, match supporting documents before uploading. Update BMS records with relevant numerical data such as invoice amounts, payments, and adjustments to maintain accurate financial tracking. Cross-check entered data against source documents and resolve discrepancies with vendors, procurement teams, or department managers. Maintain organized records of all uploaded POs and updates to facilitate auditing and reporting. Ensure BMS data integrity by following company policies, accounting standards, and internal controls. Generate preliminary reports from BMS to support billing, month-end closing, and management reviews.
• Updating bills and other docs on server
• Reviewing M&T statements and receipts
• Reviewing AMEX Statements and receipts
• Preparing POs and coordinating with managers and vendors for the POs processing - Prepare accurate Purchase Orders (POs) based on approved requests, ensuring all details such as vendor information, items, quantities, pricing, and payment terms are correct. Coordinate with department managers to verify purchase requirements, obtain necessary approvals, and clarify any discrepancies before issuing POs. Communicate with vendors to confirm order details, delivery schedules, and payment terms, ensuring timely and accurate processing. Track the status of POs throughout the procurement cycle and update records in the BMS .
• Preparation of payment reports
• Review source documents before recording transactions
• Classify transactions appropriately under the correct accounts
• Verify accuracy of transaction entries before posting to the ledger
• Maintain supporting documentation for all ledger entries
• Schedule payments according to vendor terms to optimize cash flow
• Select the appropriate payment method based on vendor preferences - Review vendor agreements and preferences to determine the most suitable payment method, such as bank transfer, cheque, ACH, or online payment platforms. Ensure that the selected payment method aligns with company policies, internal controls, and accounting standards. Coordinate with the finance or treasury team to schedule and execute payments using the chosen method. Confirm that payments are processed accurately, on time, and with proper documentation for audit purposes. Communicate with vendors to verify receipt of payment and address any payment-related queries or issues. Maintain records of payment methods used and related transactions for reporting and reconciliation purposes. Continuously review and update payment procedures to improve efficiency and accommodate vendor requirements.
• Notify vendors of completed payments and provide remittance details
• Reconcile payment records with bank statements
• Maintain a log of all issued payments for reference and auditing
• Monitor payment processing to avoid duplicate or missed payments
• Coordination with vendors - Serve as the primary point of contact for vendors regarding invoices, purchase orders, deliveries, and payment schedules. Communicate clearly to resolve discrepancies, clarify billing details, and ensure timely processing of payments. Follow up on pending invoices, delivery confirmations, or required documentation to maintain smooth business operations. Collaborate with internal departments to address vendor queries or issues related to procurement, contracts, or financial transactions. Maintain accurate records of all vendor communications and updates in the accounting or business management system. Support vendor relationship management by ensuring professionalism, responsiveness, and adherence to company policies. Assist in negotiating timelines, clarifying terms, and coordinating approvals to ensure compliance with internal controls and agreements.
• Compare customer payments with issued invoices - Review and reconcile customer payments against issued invoices to ensure amounts, dates, and references match accurately. Identify discrepancies such as short payments, overpayments, or missing payments, and coordinate with customers or internal teams for resolution. Apply payments correctly in the accounting system, ensuring proper allocation to the respective invoices and customer accounts. Maintain accurate records of reconciled payments to support Accounts Receivable reporting and month-end closing activities.
• Investigate discrepancies in customer accounts
• Record all communications and agreements with customers - Maintain detailed records of all customer interactions, including emails, calls, meetings, and formal agreements, in the accounting or CRM system. Document agreements related to payments, credit terms, billing disputes, or contract amendments to ensure clarity and accountability. Ensure all communications are logged accurately with dates, participants, and key discussion points for future reference. Use recorded information to support Accounts Receivable follow-ups, dispute resolution, and audit requirements. Coordinate with sales, finance, and customer service teams to update records whenever changes occur. Generate summaries or reports from customer communication logs to assist management in decision-making and relationship management. Maintain confidentiality and professionalism while recording sensitive financial and contractual information.

1. Bi-weekly US payroll reports.
2. Enter bills on daily basis.
3. Always critically scrutinize and audit expense reports, bills, invoices, and other supporting to make sure everything is accurate and comply with the policies set by SPS.
4. Weekly payments report.
5. Weekly Aged receivables report.
6. Saving and keeping all the data on the server on weekly basis and at least monthly basis.
7. Create job codes as soon as you receive the request.
8. Closing of books timely before in the first week of the month if there is weekend in the start of the month, else till 4th of every month.
9. Always respond timely to each and every query and try to solve it as quickly as possible.
10. Always get my work reviewed through my direct manager in order to make sure there is sufficient internal control, transparency and high degree of accuracy.

To sum up, Accuracy, Timeliness, Completness, Detail Scrutiny, Double check oneself and also get work check from manager make a task successful.

Education:

• Bachelor\'s Degree in Accounting, Finance, or a related field 
• Certified Public Accountant (CPA) or Certified Management Accountant (CMA) 

Experience:

• 2+ years of experience in accounting, a similar role such as an accounting assistant.

Certification:

Certified Public Accountant (CPA) 

 Certified Management Accountant (CMA) 

Broad knowledge of computer security issues, requirements, solutions, and trends, especially in the higher education environment.\
• Knowledge of applicable business processes and operations of customer organizations.
• Knowledge of new and emerging information technology (IT) and information security technologies.
• Knowledge of risk management processes, including steps and methods for assessing risk.
• Knowledge of system lifecycle management principles, including software security and usability.
• Knowledge of critical information technology (IT) procurement requirements.
• Strong interpersonal and communication skills, plus the ability to achieve goals through influence, collaboration, and cooperation.
• Demonstrated ability to work effectively with an array of constituencies in a community that is both demographically and technologically diverse.
• Ability to think critically and analyze information and situations, present findings and make recommendations; ability to turn data into information and present it in a meaningful manner.
• Ability to analyze issues and solve sensitive and complex problems under pressure. Skilled in interpersonal communication and conflict resolution.
• Excellent written and verbal skills.
• Excellent presentation skills and experience in public speaking or training.

Competencies:
• Decision Making
o Decisions may affect a work unit or area within a department. May contribute to business and operational decisions that affect the department.
• Problem Solving
o Problems are varied, requiring analysis or interpretation of the situation. Problems are solved using knowledge and skills, and general precedents and practices.
• Independence of Action
o Results are defined and existing practices are used as guidelines to determine specific work methods and carries out work activities independently; supervisor/manager is available to resolve problems.
• Communication and Collaboration
o Contacts and information are primarily within the job’s working group, department and/or campus.
o Contacts and information sharing are external to the job’s department, but internal to the campus/campuses (i.e. other departments/campuses, central administration/services such as Human Resources, Payroll, Finance, Facilities, Mail Services, Student Services, etc.)
o Contacts and information sharing are internal/external to the College, for the primary reason of scheduling, coordinating services, collaborating, etc.
Required Industry Certifications
• At least one relevant certification, e.g. Certified Identity and Access Manager (CIAM), Certified Identity Management Professional (CIMP), Certified Identity Governance Expert (CIGE), Certified Information Systems Security Professional (CISSP

Essential Functions:
Identity and Access Management
• Design, implement, and manage identity services solutions, including authentication, authorization, and identity lifecycle management to provide a strong IAM program.
• Ensure the integrity and security of the College's identity data.
• Identify and evaluate complex business and technology risks, internal controls that mitigate risks, and related opportunities for internal control improvement.
• Develop and maintain Role-Based Access control (RBAC), Attribute-Based Access control (ABAC), and least-privilege models to reduce access risk.
• Integrate systems with Single Sign-on (SSO) and Multi-Factor Authentication (MFA) using SSO and MFA technologies.
• Implement and manage Privileged Account Management (PAM) controls including credential vaulting and session monitoring.
• Monitor, investigate, and respond to IAM-related incidents, abnormal login behavior, and security alerts.
• Maintain detailed documentation of IAM architecture, configurations, integrations, and process flows.
• Ensure IAM alignment with regulatory, audit, and compliance requirements across the organization.
• Identify the broader impact of current decisions related to user access, data access and information security
Strategic Leadership
• Envisions organizational outcomes and facilitates alignment with them.
• Aligns IAM processes across the organization, and develops and documents standards for organizational use.
• Understands business and information technology management processes and demonstrates advanced understanding of business processes, internal control risk management, IT controls and related standards.
• Lead the planning, development, and execution of IAM projects, ensuring they are completed on time and within budget and aligned with IAM best practices.
• Collaborate with security architecture, application owners, and infrastructure teams to design scalable and secure IAM solutions.
• Define and track IAM metrics, KPIs, and maturity indicators to support continuous improvement.
• Advise senior management on IAM-related risks and security posture.
Awareness, Training and Other Communications
• Fosters an understanding of the need for and application of the IAM system, and facilitates decision making with the end users.
• Builds and nurtures positive working relationships with College units and departments.
• Identifies opportunities to improve engagement with the College units and departments.

Perform other duties as assigned

Bachelor's degree from an accredited college or university with course work in computer science, information systems, cybersecurity, or a related field, and/or any combination of
education, training, and experience that provides the required knowledge, and expertise to perform the essential functions of the position. • Four years of progressively responsible experience in the management of identity and access management, or similar experience managing complex applications, projects or systems.
• Proven experience in designing and implementing IAM solutions in a complex organization.
• Experience dealing with complex risk-related issues with managing vendor relationships, information security or regulatory compliance programs, and audits.

Working knowledge of computer network defense and vulnerability assessment tools and their capabilities.
• Working knowledge of network protocols (e.g., TCP/IP (Transmission Control Protocol/Internet Protocol), DHCP (Dynamic Host Configuration Protocol), DNS (Domain Name System).
• Working knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
• Knowledge of new and emerging information technology (IT) and information security
technologies.
• Knowledge of data backup, types of backups (e.g., full, incremental), and recovery concepts and tools.
• Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
• Ability to accurately and completely source all data used in intelligence, assessment, and/or planning products.
• Skill in using incident handling methodologies.
• Skill in collecting data from a variety of cyber defense resources.
• Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
• Skill in assessing security controls based on cybersecurity principles and tenets.
• Skill in implementing security controls and tools.
• Strong interpersonal and communication skills.
• Ability to achieve goals through influence, collaboration, and cooperation.
• Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
• Ability to produce technical documentation.

• Ability to handle and maintain confidential information.
• Ability to exercise judgment when policies are not well-defined.
• Ability to think critically, analyze issues and solve sensitive and complex problems under pressure.
• Ability to work effectively with an array of constituencies in a community that is both demographically and technologically diverse

Perform assessments of systems and networks within the College environment and identify where those systems/networks deviate from approved configurations, or College policy.
o Measure effectiveness of defense-in-depth architecture against known vulnerabilities.
o Conduct vulnerability scanning activities across the enterprise.
o Analyze scan results to identify security weaknesses, misconfigurations, and areas of elevated risk.
o Correlate vulnerability data with current threat intelligence to assess exploitability and potential impact.
o Produce detailed reports on identified vulnerabilities, severity levels, business impact, and remediation status.
o Coordinate and support remediation efforts across business owners and support teams.
o Supports security awareness and education efforts for the College community, i.e. Employees, Students, Contractors, Volunteers, etc.
• Analyze data from cyber defense tools (e.g. Vulnerability Management tools, EDR, SEG, IDS alerts, firewalls, network traffic logs) for the purposes of mitigating threats.
o Review SIEM and/or audit logs to identify anomalous activity and potential threats to network resources.
o Perform continuous monitoring and analysis of system and user activity to identify malicious activity.
o Maintain detailed tracking of vulnerabilities, including deadlines, remediation progress, ownership, and closure.
o Manage, and update Plans of Action and Milestones (POA&Ms).
o Correlate events across a wide variety of source data (indications and warnings).
o Notify management of incidents that may require additional attention.
o Stay current with existing and evolving technologies to provide enhanced security service offerings to stakeholder groups.
o Act as a security consultant to help identify business needs and design appropriate security controls.
o Ensure cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
• Manage security incidents. Act as a trusted point of contact and provide expertise for incidents and executes incident response activities including escalation to upper management.
o Serve on the Cybersecurity Incident Response Team.
o Respond to alerts received from monitoring systems.
o Perform event correlation to gain situational awareness and determine the impact of an observed attack.
o Provide timely analysis of events to distinguish malicious incidents and events from benign activities.
o Analyze malicious activity to determine weaknesses exploited, exploitation methods, and effects on systems and information.
o Provide recommendations for improvements as needed.

• Bachelor's degree from an accredited college or university with course work in cybersecurity and information technology or a related field, and/or any combination of education, training, and experience that provides the required knowledge, and expertise to perform the essential functions of the position.
• Three years of working experience in various aspects of information technology as an analyst/engineer or similar professional level, including systems administration, networking and/or application development.
• Three years of working experience in cybersecurity as an analyst or security engineer.
• Experience in incident handling/response and disaster recovery planning.
• Experience in OS, network, and application hardening using baselines such as CIS or STIG.

• Knowledge of cyber security and privacy industry, including the technology used to protect the confidentiality, integrity and availability of sensitive information.
• Working knowledge of security frameworks and regulatory requirements such as NIST SP 800-171, CIS Controls, FERPA, GLBA, PCI-DSS, and privacy standards.
• Knowledge, appreciation and prioritization of principles and practices of project organization, planning, records management, and general administration.
• Working knowledge of IT enterprise operations, architecture, and IT as a Service.
• Strong understanding of vulnerability management principles, methodologies, and tools
• Familiarity with patch management processes, secure configuration standards, and system hardening practices.
• Working knowledge of common threat vectors, exploitation techniques, and the vulnerability lifecycle.
• Knowledge of risk management concepts, risk scoring, risk registers, and POA&M tracking.
• Familiarity with SOC reports, third-party risk assessments, and due diligence reviews.
• Ability to analyze vulnerability data, correlate findings with threat intelligence, and assess potential business impact.
• Skilled in interpreting scan results, identifying false positives, and validating remediation actions.
• Ability to perform root-cause analysis for recurring or high-risk findings.
• Strong attention to detail when documenting risks, findings, or compliance gaps.
• Ability to manage multiple assessments, findings, risks, and remediation efforts simultaneously.
• Skill in writing policies, standards, processes and procedures.
• Skill in leading and/or conducting audits, assessments or reviews of technical systems and processes.
• Effective verbal and written communication skills, presentation, and public speaking skills.
• Effective skills in developing and presenting educational or training programs.
• Effective planning, organizational and multi-tasking skills with minimal supervision.
• Ability to think critically and analyze information and situations; present findings and make recommendations.
• Ability to identify compliance and security needs independent of management direction.
• Ability to grasp technical concepts at all levels of computer systems, from system hardware components and architecture to system integration and implementations.
• Ability to work independently and as part of a team.
• Ability to advise, train, and motivate technical and non-technical individuals in regulatory compliance and information and systems security efforts.
• Ability to work effectively with an array of constituencies in a community that is both demographically and technologically diverse.
• Ability to communicate technical concepts and data to non-technical audiences.
• Ability to achieve goals through influence, collaboration, and cooperation.
• Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
• Ability to produce technical documentation.
• Ability to handle and maintain confidential information.
• Ability to exercise judgment when policies are not well-defined.
• Ability to think critically, analyze issues and solve sensitive and complex problems under pressure.

• Governance and Compliance:
o Maintain the GRC framework in alignment with organizational policies and regulatory requirements, including FERPA, GLBA, PCI-DSS, and other privacy regulations.
o Support compliance activities related to security frameworks such as NIST SP 800-171, CIS Controls, and PCI-DSS.
o Analyze requirements needed to comply with college policies and procedures, industry standards, and federal, state, and local regulations.
o Conduct regular reviews, assessments, and updates of policies, standards, and procedures to reflect changes in frameworks, regulations, and industry standards.
• Risk Management:
o Maintain and update the risk register with identified risks, assessments, mitigation strategies, and status updates.
o Evaluate and prioritize vulnerabilities based on severity, risk exposure, exploit likelihood, and business impact.
o Document risk exceptions in accordance with established policies, ensuring proper review and approval workflows.
o Document, track and communicate risk exceptions to relevant stakeholders to promote transparency and understanding.
o Perform risk assessments and prepare reports summarizing findings and recommendations for management.
o Monitor emerging risks, industry trends, and regulatory changes; recommend enhancements based on best practices.
• Security Controls Validation:
o Validate the implementation and effectiveness of security controls by conducting and participating in internal assessments and audits.
o Collaborate with IT and security teams to remediate identified control gaps and track follow-up actions.
• Third-Party Risk Management:
o Conduct assessments of third-party vendors, including reviewing and validating security and privacy documents, and compliance evidence.
o Ensure vendors meet organizational risk, security, and compliance requirements.
o Track vendor risks, findings, and remediation activities as part of the third-party risk management program.
• Vulnerability Management:
o Conduct regular vulnerability scans and assessments across networks, systems, applications, and cloud platforms.
o Analyze scan results to identify security weaknesses, misconfigurations, and areas of elevated risk.
o Correlate vulnerability data with current threat intelligence to assess exploitability and potential impact.
o Continuously monitor the environment for new vulnerabilities, zero-days, and emerging threats.
• POA&M Management:
o Maintain detailed tracking of vulnerabilities, including deadlines, remediation progress, ownership, and closure.
o Develop, manage, and update Plans of Action and Milestones (POA&Ms).
o Validate remediation actions to ensure vulnerabilities are effectively resolved.
o Participate in cross-functional remediation projects to ensure timely and effective risk reduction.
• Reporting & Documentation:
o Produce detailed reports on identified vulnerabilities, severity levels, business impact, and remediation status.
o Maintain documentation of assessment findings, remediation efforts, compliance standards, and audit requirements.
o Present management summaries and dashboards for leadership and governance committees.
• Training & Awareness:
o Deliver training sessions on risk management practices, compliance requirements, and security standards.
o Conduct training sessions to raise awareness on vulnerabilities, secure configurations, and mitigation best practices.
o Foster a culture of compliance and risk awareness across the organization.

Competencies:
• Decision Making
o Decisions may affect a work unit or area within a department. May contribute to business and operational decisions that affect the department.
• Problem Solving
o Problems are varied, requiring analysis or interpretation of the situation. Problems are solved using knowledge and skills, and general precedents and practices.
• Independence of Action
o Results are defined and existing practices are used as guidelines to determine specific work methods and carries out work activities independently; supervisor/manager is available to resolve problems.
• Communication and Collaboration
o Contacts and information are primarily within the job’s working group, department and/or campus.
o Contacts and information sharing are external to the job’s department, but internal to the campus/campuses (i.e. other departments/campuses, central administration/services such as Human Resources, Payroll, Finance, Facilities, Mail Services, Student Services, etc.)
o Contacts and information sharing are internal/external to the College, for the primary reason of scheduling, coordinating services, collaborating, etc.

Minimum Education, Training and Experience Required:
• Bachelor's degree from an accredited college or university with course work in cybersecurity and information technology or a related field, and/or any combination of education, training, and experience that provides the required knowledge, and expertise to perform the essential functions of the position.
• Three years of information security experience including conducting risk assessments/audits/reviews of information systems and assessing and/or mitigating information security threats/risk and/or three years of working experience with security requirements, systems, security architecture, as related to risk management.

Required Industry Certifications:

Certified in Risk and Information Systems Control (CRISC)
• Certified in Governance, Risk and Compliance (CGRC)
• Certified Information Systems Security Professional (CISSP)
• CompTIA Security+
• CompTIA Cybersecurity Analyst (CySA+)
• Certified Ethical Hacker) (CEH)
• GIAC Vulnerability Assessment
• Tenable/ Nessus certification

Responsibilities

• Lead the implementation and optimization of IBM Security Verify for Identity Governance on IBM mainframes
• Oversee the analysis and design of identity governance solutions
• Provide hands-on support for existing and new IAM solutions
• Collaborate with cross-functional teams to ensure security requirements are met
• Stay current on industry trends and best practices related to IAM on IBM mainframes

Tasks:

• Configure and manage IBM Security Verify for Identity Governance on IBM mainframes
• Collaborate with security and IT teams to develop IAM policies and procedures
• Perform regular audits and assessments of IAM controls
• Troubleshoot and resolve IAM-related issues in a timely manner
• Document and communicate IAM processes and guidelines to stakeholders

Success Metrics

• Successfully implement IBM Security Verify for Identity Governance on IBM mainframes within specified timelines
• Reduction in the number of security incidents related to IAM processes
• High satisfaction ratings from internal stakeholders on support and implementation processes
• Consistent compliance with industry regulations and standards related to IAM on IBM mainframes
• Efficient and effective IAM processes that streamline user access and maintain data security