Assistant Director, Information Security Operations

Lead the strategic and tactical planning, implementation, and continuous monitoring of the information security program and technical compliance for all clinical and administrative technology services at the Student Health Center (Washington Square, Brooklyn, and select global sites). Acting as the primary technical authority and subject matter expert, this role defines, develops, maintains, and implements policies, security architectures, and operational processes that enforce rigorous cybersecurity standards. Drive a culture of security awareness to minimize risk and ensure the confidentiality, integrity, and availability of sensitive information (including ePHI) owned, controlled, and processed within the Student Health Center, working in close partnership with central NYU Information Technology Services.

Required Education:
Bachelor's Degree in information technology, information systems, computer science, cybersecurity or relevant field.

Preferred Education:
Master's Degree in information technology, information systems, computer science, cybersecurity or a relevant field.

Required Experience:
7+ years of relevant professional level experience or equivalent combination. Must include experience managing information security operations, incident response, and risk management programs within a complex or regulated environment. Demonstrated experience with security toolsets (e.g., SIEM, DLP, vulnerability management), identity and access management solutions, and cloud-based technology platforms (i.e., Amazon/AWS Virtual Private Cloud, other cloud services, Citrix Workspace, etc.). Experience must also include budget projections, team leadership, building client relations, planning, developing, and implementing security policies, procedures, and projects; and supervising staff. Ability to communicate complex technical and security information effectively to non-technical staff, management, and leadership.

Preferred Experience:
10+ years of overall relevant experience in an information security or technology capacity. Experience in a management position within a health care delivery or higher education environment, leading a cybersecurity, risk management, or compliance program. Preferred experience includes securing clinical systems and web applications, working in a complex Windows and network environment, and deploying modern identity, endpoint, and cloud-based security products (i.e., Entra, Intune, Workspace ONE, AWS). Advanced experience executing vendor risk assessments, managing incident response, and ensuring adherence to stringent regulatory frameworks (e.g., HIPAA, FERPA) is highly desired. 5+ years Previous management experience with increasing responsibility and scope.

Required Skills, Knowledge and Abilities:
Excellent analytical, organizational, communication, interpersonal, problem-solving and time management skills. Proven ability to develop creative solutions to complex security challenges and communicate them effectively to both technical staff and clinical leadership. Demonstrated ability to integrate rigorous security controls, risk management protocols, and compliance requirements (e.g., HIPAA) into a coherent, secure, and encompassing environment across disparate departments. Deep knowledge of current cybersecurity frameworks, network security architecture, incident response, identity and access management (IAM), and emerging threat landscapes. Extensive knowledge of the information security field and the ability to align security operations with the strategic business and clinical goals of the Health Center. Skill in managing security information and event management (SIEM) and IT service management systems. Demonstrates a high level of accuracy, sound judgment, and swift decision-making, even under pressure. Strong project management skills.

Preferred Skills, Knowledge and Abilities:
Certification as CISSP. Programming skills in: SQL, Python, Powershell.

In compliance with NYC's Pay Transparency Act, the annual base salary range for this position is USD $130,000.00 to USD $170,000.00. New York University considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as, market and organizational considerations when extending an offer. This pay range represents base pay only and excludes any additional items such as incentives, bonuses, clinical compensation, or other items.

NYU aims to be among the greenest urban campuses in the country and carbon neutral by 2040. Learn more at nyu.edu/nyugreen.

NYU is an Equal Opportunity Employer and is committed to a policy of equal treatment and opportunity in every aspect of its recruitment and hiring process without regard to age, alienage, caregiver status, childbirth, citizenship status, color, creed, disability, domestic violence victim status, ethnicity, familial status, gender and/or gender identity or expression, marital status, military status, national origin, parental status, partnership status, predisposing genetic characteristics, pregnancy, race, religion, reproductive health decision making, sex, sexual orientation, unemployment status, veteran status, or any other legally protected basis. All interested persons are encouraged to apply at all levels.