Required Education:
Bachelor's Degree or equivalent combination of education and experience
Required Experience:
5+ years experience involving information technology and/or information security, compliance, or risk management.
Preferred Experience:
5+ years Experience with structured Information Security Enterprise Architecture practices, hybrid cloud deployments, and on-premise-to-cloud migration deployments. Experience in designing, implementing, and delivering security for cloud-native, distributed computing, and architectural solutions with the principle of 'Secure by Design.” Experience delivering information security expertise through a deep understanding of the academic and secure research environment, IT security technologies, and processes supporting the university research mission. Maintaining and applying understanding of NIST frameworks to public cloud solutions. Providing timely operational, technical, and consultative guidance to promote a secure and compliant technology environment by maintaining confidentiality and acting with the highest ethical standards.
Required Skills, Knowledge and Abilities:
Demonstrated understanding of IT security principles and concepts. Ability to communicate information and security concepts to non-technical audiences. Knowledge of cybersecurity applied to the cloud, data, applications, platforms, operating systems, and networks. Have a strong working understanding of information and cybersecurity architectural principles and models. Ability to develop cybersecurity standards and patterns. Strong ability to navigate an NYU multi-school and global campuses environment and build cross-functional relationships with the local IT and security leadership teams. Organized, process-oriented, and able to manage multiple concurrent work streams. Excellent written and verbal communication skills. Must be able to effectively communicate technically with strong understanding of Zero Trust, Privileged Access Management, and Identity Management to lead multifunctional projects or initiatives—knowledge of laws, regulations, and standards relevant to higher education.
Preferred Skills, Knowledge and Abilities:
Knowledge of advanced security controls and information security best practices. Knowledge of enterprise infrastructure and application monitoring tools. Familiarity with security frameworks such as CIS, NIST, ISO, and PCI-DSS. Familiarity with cloud architecture and security concepts. Working knowledge of computer network protocols, network security architecture, and computer architecture. Working knowledge of network systems, security principles, applications, and risk and compliance initiatives. Advanced knowledge of Risk assessment and Compliance processes and required supporting artifacts. Understanding of contemporary security theory and application (including vulnerabilities, exploitation techniques, and attack vectors). Knowledge in developing processes and systems for building and maintaining high-performance computing and cloud systems and secure research enclaves in an efficient, compliant, and repeatable fashion.