×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Senior Director, Information Security

Job in Cambridge, Middlesex County, Massachusetts, 02140, USA
Listing for: Broad Institute
Part Time position
Listed on 2026-05-08
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

Description & Requirements

Senior Director, Global Information Security and Risk is the senior-most leader accountable for the organization's enterprise-wide information security posture, risk management, and compliance maturity. Reporting to the CIO, this role provides strategic direction, technical authority, and operational oversight for security across enterprise IT, cloud platforms, research environments, and external partnerships.

Operating at the intersection of academia and industry, the Senior Director ensures that security enables scientific innovation while meeting the expectations of commercial partners, regulators, and funding organizations. This role translates executive risk tolerance and institutional priorities into a coherent, defensible, and scalable security program, and ensures consistent execution through strong domain leadership across Enterprise & Cloud Security, Security Operations, and Risk management.

The Senior Director is the primary authority on security risk, control effectiveness, and program maturity, and serves as a trusted advisor to executive leadership on the organization's readiness to engage in increasingly complex industry partnerships.

This role is a hybrid position, requiring 3 days a week onsite at our office in Cambridge, MA.

What You Will Be Doing
  • Define, own, and continuously mature the organization’s global information security and risk strategy, aligning security investments with institutional mission, growth objectives, and partnership requirements.
  • Establish and maintain a multi-year security roadmap that integrates enterprise, cloud, application, data, and operational security capabilities.
  • Own the enterprise security risk management program, including risk identification, assessment, prioritization, and reporting, and maintain the authoritative enterprise risk register.
  • Translate executive and board-level risk tolerance into actionable security architectures, control frameworks, and operational priorities.
  • Provide oversight and direction to Associate Directors and senior leaders across Enterprise & Cloud Security, Security Operations, and GRC, ensuring clear accountability and consistent execution.
  • Build, mentor, and sustain a high-performing security leadership team with strong technical depth and management capability.
  • Own the overall Information Security budget, including planning, prioritization, forecasting, and investment decision-making.
  • Govern strategic security tooling, vendor relationships, and managed service providers to ensure architectural coherence and measurable value.
  • Lead the maturation of the organization’s compliance and assurance posture, supporting frameworks such as HIPAA, NIST, ISO 27001, SOC 2, FISMA, and related standards.
  • Ensure security controls are not only compliant but operationally effective, repeatable, and auditable, supporting both regulatory obligations and partner due diligence.
  • Serve as the senior technical authority during audits, assessments, and industry partner security reviews.
  • Act as the primary security advisor to the CIO and executive leadership, providing clear, accurate insight into security posture, risk trends, and investment needs.
  • Develop and deliver executive- and board-level reporting on security risk, incidents, program maturity, and strategic initiatives.
  • Own executive-level oversight of security incident response, ensuring preparedness, effective coordination, and durable remediation.
  • Partner with Legal, Compliance and Data Privacy, Research, Engineering, IT, Finance, and external stakeholders to embed security into institutional initiatives by design.
  • Drive continuous improvement and security transformation through automation, standardization, and scalable security platforms.
What You Bring Along
  • Bachelor’s degree in Computer Science, Information Security, Engineering, or equivalent professional experience.
  • 15+ years of progressive experience in information security, with at least 10+ years leading large, multi-domain security programs and teams.
  • Demonstrated experience operating at the senior executive level in complex, regulated, and research-driven environments.
  • Deep understanding of enterprise and…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search