Returning Candidate?

Chief Information Security Officer and Director, Office of Information Security

Chief Information Security Officer and Director, Office of Information Security

Posting Number 
Location : Location 
US-NY-New York
Posted Date 
Compensation Grade 
Band 54
NYU IT (WS1170)

More information about this job

Position Summary

With NYU senior leadership, coordinate the development and implementation of an information security strategy and program. Plan and execute University-wide technology security initiatives; create and maintain security policy; lead security assessment efforts; lead security risk assessment efforts; direct, advise and collaborate with NYU units on secure system development life cycle, and cyber security protection programs appropriate to risks, business continuity & disaster recovery plans, and audit & governmental compliance practices; direct security operations of the Office of Information Security group. Communicate cyber security risks, issues and program status to University leadership as directed by management.


Required Education:
Bachelor's degree

Preferred Education:
Master's degree in Cyber Security or IT Risk Management.

Required Experience:
10 years' progressively responsible experience with complex technology security systems and issues. At least 5 years experience managing technical staff. Must be familiar with security compliance requirements, such as PCI, FERPA, HIPAA, Sarbanes-Oxley, and Gramm-Leach-Bliley.

Preferred Experience:
Risk management and assessment in a not-for- profit environment. Experience outsourcing security program components. Chief Information Security Officer experience, or equivalent authoritative and collaborative security role. CISA, CISM or other security certification/accreditation or its equivalent.

Required Skills, Knowledge and Abilities:
Demonstrated ability to influence key stakeholders, and successfully manage risk, change and innovation. Excellent organizational, communication, and problem solving skills. Proven ability to measure, report, and publicly communicate complex security decisions, situations, and impacts. Ability to work and effectively prioritize in a highly dynamic decentralized work environment. Demonstrated ability to deliver security solutions that meet organizational needs. Familiarity with ISO 27001 and NIST 800-53. • CISSP is required

Preferred Skills, Knowledge and Abilities:
Experience communicating complex subjects to executives. Experience creating a security program, using a security framework. Demonstrated ability to create new models for virtual security teams that include stakeholder departments.

Additional Information

EOE/AA/Minorities/Females/Vet/Disabled/Sexual Orientation/Gender Identity

Connect with us

Sign-up to let us know about your interest in an NYU Career.