Associate Director, IT Risk Management

Job description

Position Summary

The Associate Director, IT Risk Management plans, manages, and develops the Cyber Risk Management Program's processes and team to facilitate risk-based decision-making to prioritize projects, allocate budget and human resources. This technical leadership role of Associate Director, IT Risk Management, is the key critical resource and subject matter expert on: designing risk assessments; formalizing risk analysis methodologies; testing/audit tools; and expanding management of the electronic governance-risk-compliance program through the Relational Security Assessment Manager platform for optimal efficiency across all NYU operational and technical teams. This role requires collaboration with business units, schools, campuses and study-abroad sites to gather information regarding cyber risk management, requirements, and integration into reporting mechanisms for executive-level status dashboards. The Associate Director, IT Risk Management works directly with the Associate VP Global CISO to ensure alignment of priorities, and directives consistent with institutional and NYU-IT goals, and overall vision of the Associate VP Global CISO; and, is responsible for building out the cybersecurity IT Risk Management team including: hiring, setting goals, establishing metrics, monitoring performance, providing reviews, and establishing individual professional training and development plans. The team this role manages includes employees, contractors and student employees.


Reporting directly to NYU's Global CIO, the Associate VP Global Chief Information Security Officer leads the Office of Information Security (OIS) which is a high performance and highly technical team charged with the responsibility of mitigating cyber risks, minimizing the likelihood of a breach, and maintaining compliance with information security regulatory requirements for all of NYU.  OIS aims to evolve the maturity of the NYU Information Security Program through people, process and technology while maintaining alignment with university initiatives, IT goals and core beliefs.  OIS is made up of several functional areas including Operations Planning & Strategy, Security Architecture & Engineering, IT Risk Management, Detect Response & Forensics, IT Policy & Compliance and Security Awareness & Outreach.



We demonstrate our core beliefs everyday in our interactions, attitude and performance.


People at the heart of everything we do: We listen to our clients, and colleagues, and use our expertise to anticipate and address their needs.


Create space to innovate: We challenge assumptions and seek out fresh perspectives and new ways of thinking to fuel our productivity.


Right promise. Right delivery: We set clear goals and priorities, and execute with speed and agility to deliver better results.


Share information. Build trust: We engage in open and honest communications that reflect inclusiveness, fairness and respect for each other.


Teams and partnerships work. Boundaries don’t: We collaborate to maximize the value we bring to NYU because our best ideas come from working together.


Insist on excellence: We take pride in what we do, strive to improve constantly and hold ourselves accountable for the results.


Required Education:Bachelor's Degree or equivalent Information Assurance, Risk Management, Information Security, Computer Science or equivalentPreferred Education:Master's Degree Master's in Information Assurance, Risk Management, Information SecurityRequired Experience:10+ years 10+ years in IT Risk Management or equivalent and 7+ years 7+ years supervisory experience and 5+ years 5+ years governance-risk-compliance platformsRequired Skills, Knowledge and Abilities:Demonstrates the ability to communicate clearly and effectively both in writing and verbally with a wide variety of internal and external people, both in formal and informal circumstances, and where necessary to gain their agreement and acceptance, maintain confidentiality Ability to work on multiple efforts within tight timeframes while maintaining a commitment to quality, accuracy, and thoroughness; and, absorb complex technical information and communicate effectively to both technical and non-technical audiences. Demonstrates proficiency at managing, coaching, providing constructive feedback and inspiring high performance in others. Excellent collaboration and team building skills. Identifies measures or indicators of systems performance and the actions needed to improve or correct performance, relative to the goals of the system.

Additional Information

NYU aims to be among the greenest urban campuses in the country and carbon neutral by 2040. Learn more at Orientation/Gender Identity




Diversity Profile: University



View more

Learn more on Inside Higher Ed's College Page for University

Arrow pointing right
Job No:
Posted: 9/18/2020
Application Due: 10/18/2020
Work Type: