Deputy Chief Information Security Officer

Job Locations US-NY-New York
ID
2026-13353
College
Administration
Position Type
Full-Time
Schedule Shift
Monday–Thursday, 9:00am - 5:30pm, Friday, 9:00am–3:30pm
Hours Per Week
36.5
Travel
As needed
Category
Information Technology
FLSA Status
Exempt
Location : Country
US

Overview

Our top-notch Information Security team quickly finds and responds to real time threats. These critical thinkers have a hunger to keep ahead of new exploits and security trends. They protect the vast trove of valuable data that passes through our in house and cloud servers each day. As a part of the Information Security leadership team, you'll continue to uphold our reputation for integrity and protection of institutional data in this growing and ever-changing field. The Deputy Chief Information Security Officer (Deputy CISO) serves as the principal lead to the CISO and provides continuity of leadership for the Information Security program across all Touro University campuses and affiliates.

Responsibilities

Responsibilities include but are not limited to:

  • Serve as acting CISO when required, ensuring uninterrupted leadership of the Information Security function, including representing Information Security on governance committees (eg, Information Security Steering Committee), and providing guidance to IT leadership, campus CIOs, Deputy CIOs, and senior administrators on security matters, as needed
  • Operationalize the Information Security strategy, goals, and performance measures defined by the CISO through close collaboration and alignment with leadership priorities
  • Lead enterprise incident response activities, ensuring:
    • Alignment with documented incident response (IR) procedures and regulatory obligations
    • Coordination with the CISO, internal stakeholders, third party vendors, cyber insurance carriers, and legal counsel during incidents
  • Proper documentation, evidence handling, post incident reviews, and remediation tracking using institutional tools (eg, incident management platforms)
  • Manage daily information security operations, including administration of security software tools associated with:
    • On-going review and continuous improvement of data protection programs, and processes
    • Entitlement review program and processes
    • Vulnerability management program and process
    • Security monitoring, logging, and review processes, including identifying and reviewing logs, creating playbooks, and producing reports that can be used to detect and deter unauthorized access that may be a threat to the university data, employee, and student security
  • Ensure a consistent application of security policies across all campuses and systems, identifying exceptions and compensating controls, where necessary
  • Contribute to and lead in the development, review, and enforcement of information security policies, standards, and procedures, ensuring alignment with regulatory requirements (FERPA, HIPAA, GDPR, GLBA, etc) and institutional risk posture
  • In collaboration with the CISO, contribute to maintaining risk registers, control gap analysis, and mitigation strategies aligned with NIST CSF, NIST AI RMF and privacy frameworks; ensure risks, incorporate AI risks and all institutional risks are clearly mapped to HIPAA, FERPA, PCI DSS, and other regulatory obligations, with defensible documentation and audit-ready evidence

Qualifications

Education/Experience

  • Bachelor's degree in Computer Science, Management Information Systems (MIS), Cybersecurity, or a closely related field required; major in Information Security preferred.
  • Five or more years of relevant experience in information security in a higher education leadership role is required.
  • Deep demonstrated knowledge of all aspects of Information Security domains and industry best practices associated with compliance frameworks.
  • Ability to translate NIST CSF and NIST RMF to business- friendly, non-technical terms for communicating with Senior Leadership.
  • Understanding and hands on use of tools that support information security (e.g., email security tools, vulnerability tools, incident reporting tools, etc.).

Knowledge/Skills/Abilities

  • Excellent communication skills and detail oriented.
  • Demonstrate knowledge and experience across a broad range of information security management technologies and processes, including identity provisioning, life cycle management, governance, separation of duties analysis, role management, access request systems, privileged access management, entitlement reviews, data loss prevention, firewalls, privacy, and incident response.
  • Must possess analytical and critical thinking and problem-solving skillsets, including defining severity of issues and demonstrating appropriate escalation for resolution and identifying trends that warrant immediate attention.
  • Must keep current with industry news and regulations, especially as they impact higher education.
  • Maintain good (digital) citizenship, while upholding, enforcing and abiding by all institutional policies.
  • Proficiency in Microsoft Office Suite including Word, Excel, Power Point, Outlook, Co-Pilot, Gemini+

Certifications/Licensures

  • CISM or CISSP required and CISA certification, strongly desired.

Travel

  • As needed to various Touro University Campuses.

Working Conditions

  • Possibility of Flexible Work Arrangements including remote work opportunities.
  • Extensive time sitting/working with computers.

Maximum Salary

USD $150,000.00/Yr.

Minimum Salary

USD $120,000.00/Yr.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed