Jobs · Information Technology · New York

Chief Information Security Officer

The State University of New York · Albany, New York Metropolitan Area · 4 days ago
Information Technology$160k–$192k/yrFull-time

About the role

The Chief Information Security Officer (CISO) serves as the leading authority on information security within the State University of New York (SUNY) System. The CISO establishes and advances systemwide information security governance by translating Board-approved policies into actionable standards, procedures, and guidance that are implementable across diverse campus environments.

Responsibilities

  • Develop and execute a comprehensive cybersecurity strategy aligned with SUNY's mission, goals, and risk tolerance while providing strategic guidance to SUNY leadership on emerging cybersecurity threats, trends, and industry best practices.
  • Direct and implement a comprehensive cybersecurity risk management framework that quantitatively assesses potential impacts on SUNY's mission and operations.
  • Advise on security-affecting decisions and initiatives to align with SUNY's overall strategic objectives.
  • Provide leadership and direction to IT and Security Operations teams to administer security operations effectively, including monitoring, threat intelligence, incident response, vulnerability management and collaboration & intelligence sharing with New York State and other partners.
  • Maintain consistent engagement with leadership at SUNY campuses and SUNY affiliated entities.
  • Oversee incident response activities, ensuring timely notifications and effective response to security incidents and breaches.
  • Collaborate with the SUNY Risk and Compliance Office to ensure risk assessments are performed and recommend measures to mitigate information security risks.
  • Oversee the SUNY Information Security Working Group, a cybersecurity group comprising internal and external stakeholders to gain diverse insights on security strategies.
  • Advise on University-wide initiative on matters related to Information Security.
  • Provide guidance and advice around risk assessment and management processes across academic and administrative programs, ensuring alignment with organizational objectives.
  • Engage with key functional programs and stakeholders to advocate for the uniform application of SUNY information security policies and standards across all technology-based projects, systems, and services, while ensuring SUNY's compliance with relevant laws, regulations, and industry standards through enhancing and adapting the information security management framework.
  • Foster awareness of information security threats and risks while promoting adherence to applicable laws and regulations.
  • Promote a security-conscious culture across SUNY and provide training to faculty, staff, and students on cybersecurity best practices.
  • Manage and assess security risks related to external vendors and partners, ensuring compliance with contractual security requirements.
  • Develop and manage the CISO office budget, optimizing resource allocation to support security projects and initiatives aligned with SUNY's goals and priorities.

Requirements

  • Minimum Qualifications: Bachelor's degree in computer science, information technology, public administration, or a related field. Minimum of 10 years of progressive experience in information security, cybersecurity, or IT risk management, including at least 5 years in a leadership role.
  • Excellent communication, collaboration, and problem-solving skills.
  • Demonstrated experience developing and implementing enterprise-wide cybersecurity or information security programs within a complex, decentralized organization.
  • In-depth knowledge of cybersecurity best practices, standards, frameworks, and regulations (e.g., NIST, ISO, FERPA, HIPAA).
  • Strong understanding of information security technologies and tools, including network security, identity management, endpoint security, and cloud security.
  • Demonstrated experience in incident response management and handling security breaches.
  • Strong analytical and problem-solving skills, with the ability to make data-driven decisions and effectively manage risks.

Preferred Qualifications

  • Advanced degrees and multiple relevant certifications (e.g., CISSP, CISM, GSOM, CRISC, CGEIT, CISA, etc.).
  • Experience in leading information security initiatives in large, multifaceted government organizations or academic institutions.
  • Comprehensive knowledge of cybersecurity practices, standards, and regulations.
  • Demonstrated proficiency in managing security technologies and tools, incident response, and risk assessment.

Similar jobs

Security Officer

DK SecurityMuskegon, MI· Yesterday
Management$20/hrapply on joblinkapply.com

Security Officer

Northeast Regional Medical CenterKirksville, MO· 2 days ago
Information Technologyapply on fa-evxo-saasfaprod1.fa.ocs.oraclecloud.com

Security Officer

BayCare Health SystemMorton County, ND· 1 wk ago
apply on css-baycarehs-prd.inforcloudsuite.com

Security Officer

Roseshire Gaming ParlorRichmond, VA· 1 wk ago
Information Technology$17/hrapply on jobs.churchilldowns.com

Security Officer

Angel Of The Winds Casino ResortArlington, WA· 1 wk ago
Management$23/hrapply on angelofthewinds.hire.trakstar.com

Security Officer

Crouse HealthSyracuse, NY· 1 wk ago
OTHR$20–$24.24/hrapply on pm.healthcaresource.com