NYC Staffing
Chief Information Security Officer (CISO) | Information Technology
NYC Staffing, New York, New York, United States, 10001
Chief Information Security Officer (CISO)
Rockefeller University is seeking a strategic and forward-thinking Chief Information Security Officer (CISO) to lead and manage the university's information security program. Reporting to the Chief Information Officer (CIO), and working with the IT leadership team and members of the university's administration, the CISO will build upon the university's current security strategy to safeguard sensitive research data, regulated information, and infrastructure across academic and administrative domains. The ideal candidate will have experience in academic or research-intensive environments, a deep understanding of emerging cybersecurity threatsincluding those involving AIand demonstrated success in integrating security practices within modern DevSecOps frameworks. Key responsibilities include, but are not limited to the following: Define and lead the university's enterprise-wide information security strategy to support and advance research and business goals. Develop, implement, and maintain policies and procedures aligned with research compliance, grant requirements, and federal regulations. Identify and assess cybersecurity risks to scientific data, research systems, and enterprise infrastructure. Work with stakeholders to communicate, manage, and mitigate risks. Oversee cybersecurity incident response planning activities; investigate and manage response to security breaches as needed. Continuously evaluate and improve defenses against evolving threats, including those driven by generative AI and adversarial ML techniques. Implement scalable DevSecOps pipelines for secure code development, vulnerability scanning, and automated compliance testing. Stay abreast of how AI is both leveraged for cyberattacks and as a defensive tool. Cultivate a campus-wide culture of cybersecurity awareness through regular training and communication. Provide tailored guidance to faculty, lab managers, and data custodians handling sensitive and/or regulated datasets. Manage audits and assessments of security posture and readiness. Support and champion the university's data classification program; additional duties and special projects as assigned. Required qualifications: Master's degree in computer science, cybersecurity, information systems, or a related field. A minimum of ten (10) years of progressive experience in information security leadership roles. Must possess a deep knowledge of cybersecurity frameworks, federal research security requirements, and risk management practices. Experience with implementing practical security controls in Bring-Your-Own-Device ("BYOD") environments. Prior experience with securing hybrid computing and storage environments. Familiarity with the cybersecurity implications of artificial intelligence and machine learning. A demonstrated ability to lead diverse technical teams and communicate effectively with researchers, faculty, executives, and auditors. Prior direct support of scientific research infrastructure. Prior hands-on experience integrating security into agile development environments. Preferred qualifications: Advanced degree is preferred. Prior experience in an academic or biomedical research setting strongly preferred. Experience deploying and managing DevSecOps pipelines. Relevant certifications preferred. The Rockefeller University is an equal opportunity employer
veterans/individuals with disabilities. Qualified applicants will receive consideration for employment without regard to characteristics protected by applicable local, state or federal law, including but not limited to disability and protected veteran status. The salary of the finalist selected for this role will be set based on various factors, including but not limited to organizational budgets, qualifications, experience, education, licenses, specialty, and training. Compensation Range: Min USD $200,000.00/Yr. Compensation Range: Max USD $245,000.00/Yr.
Rockefeller University is seeking a strategic and forward-thinking Chief Information Security Officer (CISO) to lead and manage the university's information security program. Reporting to the Chief Information Officer (CIO), and working with the IT leadership team and members of the university's administration, the CISO will build upon the university's current security strategy to safeguard sensitive research data, regulated information, and infrastructure across academic and administrative domains. The ideal candidate will have experience in academic or research-intensive environments, a deep understanding of emerging cybersecurity threatsincluding those involving AIand demonstrated success in integrating security practices within modern DevSecOps frameworks. Key responsibilities include, but are not limited to the following: Define and lead the university's enterprise-wide information security strategy to support and advance research and business goals. Develop, implement, and maintain policies and procedures aligned with research compliance, grant requirements, and federal regulations. Identify and assess cybersecurity risks to scientific data, research systems, and enterprise infrastructure. Work with stakeholders to communicate, manage, and mitigate risks. Oversee cybersecurity incident response planning activities; investigate and manage response to security breaches as needed. Continuously evaluate and improve defenses against evolving threats, including those driven by generative AI and adversarial ML techniques. Implement scalable DevSecOps pipelines for secure code development, vulnerability scanning, and automated compliance testing. Stay abreast of how AI is both leveraged for cyberattacks and as a defensive tool. Cultivate a campus-wide culture of cybersecurity awareness through regular training and communication. Provide tailored guidance to faculty, lab managers, and data custodians handling sensitive and/or regulated datasets. Manage audits and assessments of security posture and readiness. Support and champion the university's data classification program; additional duties and special projects as assigned. Required qualifications: Master's degree in computer science, cybersecurity, information systems, or a related field. A minimum of ten (10) years of progressive experience in information security leadership roles. Must possess a deep knowledge of cybersecurity frameworks, federal research security requirements, and risk management practices. Experience with implementing practical security controls in Bring-Your-Own-Device ("BYOD") environments. Prior experience with securing hybrid computing and storage environments. Familiarity with the cybersecurity implications of artificial intelligence and machine learning. A demonstrated ability to lead diverse technical teams and communicate effectively with researchers, faculty, executives, and auditors. Prior direct support of scientific research infrastructure. Prior hands-on experience integrating security into agile development environments. Preferred qualifications: Advanced degree is preferred. Prior experience in an academic or biomedical research setting strongly preferred. Experience deploying and managing DevSecOps pipelines. Relevant certifications preferred. The Rockefeller University is an equal opportunity employer
veterans/individuals with disabilities. Qualified applicants will receive consideration for employment without regard to characteristics protected by applicable local, state or federal law, including but not limited to disability and protected veteran status. The salary of the finalist selected for this role will be set based on various factors, including but not limited to organizational budgets, qualifications, experience, education, licenses, specialty, and training. Compensation Range: Min USD $200,000.00/Yr. Compensation Range: Max USD $245,000.00/Yr.