Associate Vice President - NYU IT

Position Summary With NYU senior leadership, coordinate the development and implementation of an information security strategy and program. Plan and execute University-wide technology security initiatives; create and maintain security policy in coordination with the Information Security Advisory Group (ISAG) and NYU IT Policy and Compliance; lead security assessment efforts; lead security risk assessment efforts; direct, advise and collaborate with NYU units on secure system development life cycle, and cyber security protection programs appropriate to risks, business continuity & disaster recovery plans, and audit & governmental compliance practices; direct security operations of the Office of Information Security group. Communicate cyber security risks, issues and program status to University leadership and the NYU community as directed. Qualifications Required Education: Bachelor's degreePreferred Education: Master's degree in Cyber Security or IT Risk Management.Required Experience: 10 years' progressively responsible experience with complex technology security systems and issues. At least 5 years experience managing technical staff. Must be familiar with security compliance requirements, such as PCI, FERPA, HIPAA, Sarbanes-Oxley, and Gramm-Leach-Bliley.Preferred Experience: Risk management and assessment in a not-for-profit environment. Experience outsourcing security program components. Chief Information Security Officer experience, or equivalent authoritative and collaborative security role. CISA, CISM or other security certification/accreditation or its equivalent. Required Skills, Knowledge and Abilities: Demonstrated ability to influence key stakeholders, and successfully manage risk, change and innovation. Excellent organizational, communication, and problem solving skills. Proven ability to measure, report, and publicly communicate complex security decisions, situations, and impacts. Ability to work and effectively prioritize in a highly dynamic decentralized work environment. Demonstrated ability to deliver security solutions that meet organizational needs. Familiarity with ISO 27001 and NIST 800-53, and emerging security standards for restricted and sensitive data. Preferred Skills, Knowledge and Abilities: Experience communicating complex subjects to executives. Experience creating a security program, using a security framework. Demonstrated ability to create new models for virtual security teams that include stakeholder departments in a collaborative model. Additional Information EOE/AA/Minorities/Females/Vet/Disabled/Sexual Orientation/Gender Identity #J-18808-Ljbffr

Created: 2025-02-01