Position Classification Description

Position Class Code / Title: E2060 / Cybersecurity Engineer 2
Recruitment Tier: Tier 1
FLSA: Exempt
Grade: 14
HR Review/Approval:RVIEW

This is a description of a Staff Position Classification. It is not an announcement of a position opening. To view descriptions of current openings, please go to UNMJobs and Search Postings to view positions that are currently accepting applications.

The following statements are intended to describe, in broad terms, the general functions and responsibility levels characteristic of positions assigned to this classification. They should not be viewed as an exhaustive list of the specific duties and prerequisites applicable to individual positions that have been so classified.

Summary

Under general direction, supports all components of UNM's cybersecurity programs. Requires advanced knowledge of cybersecurity regulations and practices. May supervise or provide functional direction to assigned staff and/or student employees. Positions in this classification are reserved for units reporting to the Chief Information Officer.

Duties and Responsibilities

  1. Assists the University's cybersecurity program and initiatives to ensure University information and information systems are adequately safeguarded as required by laws, regulations, and University policies and procedures. Supports projects and technologies designed to address cybersecurity risks.
  2. Assists in recommending and developing projects and deploying technologies to address cybersecurity risks.
  3. Monitors and assists with the development and implementation of University cybersecurity processes and systems.
  4. Implements, tests, monitors, and maintains new cybersecurity technologies including but not limited to firewalls, intrusion detection systems, extended detection and response tools, vulnerability scanning tools, security threat intelligence services and tools, and security information and event management tools.
  5. Participates in cybersecurity policy and process development, implementation, and communications.
  6. Leads cybersecurity incident and data breach response activities, as assigned.
  7. Provides support for authorized investigations, as assigned.
  8. Develops and maintains materials for cybersecurity education/awareness programs.
  9. Maintains advanced knowledge of relevant cybersecurity laws and regulations, and corresponding technologies.
  10. Identifies and develops effective working relationships and lines of communication with internal and external partners.
  11. Participates in the research and recommendation of improvements to the effectiveness and efficiency of cybersecurity services and solutions.
  12. Performs miscellaneous job-related duties as assigned.

Minimum Job Requirements

  • Bachelor's degree; at least 3 years of progressively responsible experience directly related to the duties and responsibilities specified.
  • Completed degree(s) from an accredited institution and/or experience that is directly related to the duties and responsibilities specified may be interchangeable on a year-for-year basis.

Knowledge, Skills and Abilities Required

  • Maintain currency of knowledge with respect to relevant laws and regulations related to cybersecurity.
  • Demonstrated verbal and written communication skills for both technical and non-technical audiences.
  • Ability to supervise and train assigned staff and/or lead cross-functional teams.
  • Demonstrated skills in the design, development, implementation, maintenance, and testing of complex cybersecurity solutions according to organizational requirements.
  • Advanced problem analysis and resolution skills as applied to cybersecurity concepts and services.
  • Advanced knowledge of one or more scripting languages such as BASH, PowerShell, Python, or Ruby.
  • Proficiency and advanced experience with various system administration knowledge domains including but not limited to operating systems (i.e. GNU/Linux and/or Windows Server); DNS, DHCP, IPAM; routing and switching; event monitoring; directory services; and infrastructure as code tools.
  • Ability to assist with the assessment and development of security controls of existing and/or proposed systems.
  • Strong interpersonal and communication skills and the ability to work effectively with a wide range of constituencies in a diverse community.
  • Advanced skills in organizing efforts and resources and adjusting work priorities in response to University priorities.

Distinguishing Characteristics

    a) Includes rotating on-call primary cybersecurity incident and breach response duties; b) Ability to operate on a scheduled 24-hour on-call basis; c) Expertise includes cybersecurity process design and corresponding technologies; d) Provides informal leadership to lower level staff and guidance to staff in other departments/unit; and e) Knowledge of relevant state-of-the-art cybersecurity technologies.

Conditions of Employment

  • Must pass a pre-employment criminal background check.
  • Requires professional-level cyber security certification.
  • Must maintain certification status.

Working Conditions and Physical Effort

  • No or very limited physical effort required.
  • No or very limited exposure to physical risk.
  • Work is normally performed in a typical interior/office work environment.

The University of New Mexico provides all training required by OSHA to ensure employee safety.

Revised Date: 02/01/2024