×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Project Manager IT Consultant Information Security

Chief Information Security Officer; CISO | Information Technology

Job in New York City, Richmond County, New York, 10261, USA
Listing for: ISACA
Full Time position
Listed on 2026-01-12
Job specializations:
  • IT/Tech
    Cybersecurity, IT Project Manager, IT Consultant, Information Security
Salary/Wage Range or Industry Benchmark: 150000 - 200000 USD Yearly USD 150000.00 200000.00 YEAR
Job Description & How to Apply Below
Position: Chief Information Security Officer (CISO) | Information Technology

Organization Overview

The goal of Information Technology (IT) is to provide information resources and services to accelerate and support scientific research at The Rockefeller University. Our department is responsible for cyberinfrastructure,high-performance computing,bioinformatics,decision support,data analytics,cybersecurity,and the scientific and administrative software environment at the university. The department is in the midst of a major transition in culture,including the adoption of Dev Ops and Agile practices,the facilitation of self-service approaches,as well as a 'cloud first' deployment philosophy.
Overview

Rockefeller University is seeking a strategic and forward-thinking Chief Information Security Officer (CISO) to lead and manage the university’s information security program. Reporting to the Chief Information Officer (CIO), and working with the IT leadership team and members of the university’s administration, the CISO will build upon the university’s current security strategy to safeguard sensitive research data, regulated information, and infrastructure across academic and administrative domains.

The ideal candidate will have experience in academic or research-intensive environments, a deep understanding of emerging cybersecurity threats—including those involving AI—and demonstrated success in integrating security practices within modern Dev Sec Ops  frameworks.

Responsibilities

Key responsibilities include, but are not limited to the following:

  • Define and lead the university’s enterprise-wide information security strategy to support and advance research and business goals.
  • Develop, implement, and maintain policies and procedures aligned with research compliance, grant requirements, and federal regulations (e.g., NIST 800-171, NIH GDS, , GDPR, FISMA).
  • Identify and assess cybersecurity risks to scientific data, research systems, and enterprise infrastructure. Work with stakeholders to communicate, manage, and mitigate risks.
  • Work with Human Resources, the Office of General Counsel, external partners, and other stakeholders to support litigation hold implementations.
  • Oversee cybersecurity incident response planning activities; investigate and manage response to security breaches as needed.
  • Continuously evaluate and improve defenses against evolving threats, including those driven by generative AI and adversarial ML techniques.
  • Implement scalable Dev Sec Ops  pipelines for secure code development, vulnerability scanning, and automated compliance testing.
  • Stay abreast of how AI is both leveraged for cyberattacks (e.g., phishing, deepfakes, LLM-based social engineering) and as a defensive tool (e.g., anomaly detection, threat intelligence).
  • Cultivate a campus-wide culture of cybersecurity awareness through regular training and communication.
  • Provide tailored guidance to faculty, lab managers, and data custodians handling sensitive and/or regulated datasets.
  • Manage audits and assessments of security posture and readiness.
  • Support and champion the university’s data classification program; additional duties and special projects as assigned.
Qualifications

REQUIRED QUALIFICATIONS:

  • Master’s degree in computer science, cybersecurity, information systems, or a related field. A minimum of ten (10) years of progressive experience in information security leadership roles.
  • Must possess a deep knowledge of cybersecurity frameworks (e.g., NIST CSF, ISO 27001), federal research security requirements, and risk management practices. Experience with implementing practical security controls in Bring-Your-Own-Device (“BYOD”) environments.
  • Prior experience with securing hybrid (cloud computing and on premises) computing and storage environments, and a desire to support the university’s goal to embrace a “cloud first” transformative strategy. Familiarity with the cybersecurity implications of artificial intelligence and machine learning.
  • A demonstrated ability to lead diverse technical teams and communicate effectively with researchers, faculty, executives, and auditors.
  • Prior direct support of scientific research infrastructure, including high-performance computing (HPC), lab systems, or genomic data platforms.
  • Prior…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search