Cybersecurity Specialist presso Carl Sandburg College, IL

About the Department

Purpose/position code/classification/level/work relationships

• Provide departmental and administrative support for the entire College community.
• MIDTIC18210
• Confidential, Level I
• Non-exempt, non-bargaining unit
• Reports to: Chief Information Officer
• Principal working relationships: IT staff, faculty, staff, and students

Position Duties

1. Monitor security logs, alerts, and reports from intrusion detection/prevention systems (IDS/IPS), firewalls, and Microsoft 365 security tools.
2. Escalate suspicious activities and assist with incident response investigations.
3. Document findings and contribute to playbooks and runbooks for recurring alerts.
4. Conduct periodic audits of physical security (locks, keycard systems, cameras).
5. Provide basic end-user support related to security best practices.
6. Stay up to date with emerging cyber threats, vulnerabilities, and security advisories, applying updates or mitigation strategies.
7. Support access control reviews and user account audits to ensure compliance with least privilege principles.
8. Participate in tabletop exercises and security awareness training initiatives.
9. Other duties as assigned.

1. The delivery and tracking of annual staff and student cybersecurity awareness training.
2. Developing educational materials, phishing awareness campaigns, and knowledge base articles.
3. Maintaining secure access to network closets, server rooms, and other sensitive areas.
4. Enforcing and documenting physical access policies.
5. Compliance of security frameworks and state/federal regulations (e.g., SOPPA, FERPA, PCI DSS).
6. Vulnerability management by scanning systems, analyzing results, and tracking remediation with IT teams.

1. Maintain a working knowledge of the college’s emergency procedures and actively participate in the college risk-management program.
2. Monitor conditions, events and circumstances that present risk to the college community. Intervene and/or report as specified in the college’s risk-management plan.

Minimum Qualifications

1. Associate’s degree in Cybersecurity, Information Technology, or related field OR equivalent experience/industry certification (e.g., CompTIA Security+) required.
2. Foundational knowledge of cybersecurity concepts (e.g., phishing, malware, firewalls, authentication).
3. Basic understanding of networking concepts (IP, VLANs, switches, routers).
4. Strong organizational and communication skills.
5. Ability to handle sensitive information with discretion.
6. Experience with Microsoft 365 security tools (Entra ID, Defender, Exchange Online) preferred.
7. Familiarity with SIEM tools or log monitoring platforms preferred.
8. Hands-on experience with intrusion detection/prevention or endpoint security tools preferred.
9. Exposure to compliance requirements in education or public sector preferred.
10. Spanish or French proficiency preferred.

Other Qualifications

Physical requirements to perform job functions

1. Basic dexterity skills (computer work, telephoning, and other office equipment).
2. General physical effort required includes sitting, bending, reaching, and some lifting (20 lbs. or less) and the ability to place a work order for anything over that limit