About Fordham
Founded in 1841, Fordham is the Jesuit University of New York, offering an exceptional education distinguished by the Jesuit tradition to more than 16,000 students in its nine colleges and schools. It has residential campuses in the Bronx and Manhattan, a campus in West Harrison, N.Y., the Louis Calder Center Biological Field Station in Armonk, N.Y., and the London Centre in the United Kingdom.
The University offers a comprehensive benefits package that includes medical, dental, and vision insurance; flexible spending accounts; retirement plans; life insurance; short and long-term disability; employee assistance program (EAP); tuition remission; and generous time off.
Successful candidates should have a knowledge of and commitment to the goals of Jesuit Education.
Title of Position Director, Apps and Systems Security
Position Number A02445
FLSA Exempt
Scheduled Hours Per Week 35
Department Information Services
Campus Rose Hill
Work Arrangement Hybrid
Hybrid Policy: Please review the Hybrid Policy at www.fordham.edu/hybridpolicy.
Position Summary
Reporting to the Senior Director of DevOps Planning, the Director of Application and System Security is responsible for shaping and implementing the security strategy for applications and systems, both on-premises and in the Cloud.
This position ensures that security principles are integrated into the configuration of systems and the development and deployment of web applications across all stages. Additionally, this position collaborates closely with application and engineering teams to proactively address current and potential security threats and oversees the University’s system configuration management, maintains a secure Software Development Life Cycle (SDLC) program, and conducts regular audits, assessments, penetration tests, and vulnerability scans of systems and applications.
This position may require occasional evening, weekend, and holiday hours.
Essential Functions
Formulates, defines, and executes application and system security strategies aimed at enhancing the adoption of new technologies and assesses the effects of these technologies on intended audiences through comprehensive impact analysis.
Manages the overall system configuration to ensure security and compliance, and ensures security is a core component in system configurations and the development/deployment process of web applications at all phases.
Oversees the security aspects of running systems and applications in both Cloud and On-Prem environments.
Partners with application and engineering teams to safeguard against existing and emerging security threats.
Implements vulnerability scanning of applications to detect potential security issues and leads penetration testing initiatives to identify vulnerabilities.
Crafts communications strategies by developing key messaging elements and channels, establishing timelines for agreed-upon actions, and overseeing the execution of the strategy.
Is responsible for a secure Software Development Life Cycle (SDLC) program.
Performs periodic audits and assessments for system and application security.
Negotiates with vendors, partners, and internal departments to achieve optimal security outcomes.
Essential Functions Note This list is not intended to be an exhaustive list.
The University may assign additional related duties as necessary.
Management Responsibilities Guides work of other employees who perform essentially the same work and/or student workers. Organizes, sets priorities, schedules and reviews work, but is generally not responsible for final decisions in hiring, performance management or compensation.
Additional Functions
Formulates training strategies through the assessment of available materials, development of training plans, selection of appropriate delivery methods, and management of related risks and issues.
Required Qualifications: Education and Experience
Bachelor’s degree in computer science or a related field.
Minimum of six years of IT resource and security management experience, including performing Threat Modeling and integrating these practices into the product lifecycle, conducting Attack and Penetration assessments and reviews, implementing a successful, highly automated SDLC program and using application vulnerability scanning products and Security Information and Event Management (SIEM) tools.
Required Qualifications: Knowledge and Skills
Proficiency in authoritative standards, guidelines, and best practices in information security.
Knowledge of cloud computing, virtualization, Cybersecurity framework (CSF), and ITIL framework.
Proven ability in leading teams focused on System Security Architecture, Secure Development Lifecycle Management, Application Security (Web and Mobile), Cloud Technology and Security, Risk, and Compliance.
Proficiency in penetration testing.
Excellent verbal and written communication skills, including public speaking experience.
Strong analytical and problem-solving abilities.
Effective customer focus and management of client expectations.
Excellent collaboration and team-building capabilities.
Good organizational and time management skills.
Demonstrated ability in consensus building across business and technology teams.
Proven ability to develop and maintain vendor relationships.
Preferred Qualifications
Background in security or technology administration within a Higher Education setting or a comparably decentralized environment.
Previous experience in roles such as network, server, database, or application administration.
Proficiency in using Project Management tools, such as Microsoft Project.
Possession of relevant information security certifications, including but not limited to CISSP, CISM, CCSP, CISA, or GIAC.
Minimum Starting Salary $128,000
Maximum Starting Salary $160,000
Note Salary is commensurate with qualifications, experience, and skills.
Is this a Union position? No
Posting Number A885P
Number of Vacancies 1
Start Date N/A
Posting Date 06/26/2025
Special Instructions
EEO Statement
Fordham University is committed to excellence through diversity and welcomes candidates of all backgrounds.
Fordham University is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, orientation, gender identity or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law.
Sitting Nearly Continuously
Repetitive Hand Motion (such as typing) Often
Hearing, Listening, Talking Often
Standing Seldom
Walking Seldom
Running Not Required
Bending, Stooping, Kneeling, squatting, Crouching, Crawling Not Required
Climbing stairs Not Required
Climbing ladders Not Required
Reaching overhead Not Required
Pulling, pushing Not Required
Shoveling Not Required
Lifting – up to 20 pounds Not Required
Lifting – up to 50 pounds Not Required
Lifting – over 50 pounds Not Required
Work Environment Office Environment: Employees are protected from weather conditions or contaminants, but not necessarily occasional temperature changes.
Read Full Description