Overview
Our top-notch Information Security team quickly finds and responds to real time threats. These critical thinkers have a hunger to keep ahead of new exploits and security trends. They protect the vast trove of valuable data that passes through our in house and cloud servers each day. As a part of the Information Security leadership team, you''ll continue to uphold our reputation for integrity and protection of institutional data in this growing and ever-changing field. The Deputy Chief Information Security Officer (Deputy CISO) serves as the principal lead to the CISO and provides continuity of leadership for the Information Security program across all Touro University campuses and affiliates.
Responsibilities
Responsibilities include but are not limited to:
Serve as acting CISO when required, ensuring uninterrupted leadership of the Information Security function, including representing Information Security on governance committees (eg, Information Security Steering Committee), and providing guidance to IT leadership, campus CIOs, Deputy CIOs, and senior administrators on security matters, as needed
Operationalize the Information Security strategy, goals, and performance measures defined by the CISO through close collaboration and alignment with leadership priorities
Lead enterprise incident response activities, ensuring:
Alignment with documented incident response (IR) procedures and regulatory obligations
Coordination with the CISO, internal stakeholders, third party vendors, cyber insurance carriers, and legal counsel during incidents
Proper documentation, evidence handling, post incident reviews, and remediation tracking using institutional tools (eg, incident management platforms)
Manage daily information security operations, including administration of security software tools associated with:
On-going review and continuous improvement of data protection programs, and processes
Entitlement review program and processes
Vulnerability management program and process
Security monitoring, logging, and review processes, including identifying and reviewing logs, creating playbooks, and producing reports that can be used to detect and deter unauthorized access that may be a threat to the university data, employee, and student security
Ensure a consistent application of security policies across all campuses and systems, identifying exceptions and compensating controls, where necessary
Contribute to and lead in the development, review, and enforcement of information security policies, standards, and procedures, ensuring alignment with regulatory requirements (FERPA, HIPAA, GDPR, GLBA, etc) and institutional risk posture
In collaboration with the CISO, contribute to maintaining risk registers, control gap analysis, and mitigation strategies aligned with NIST CSF, NIST AI RMF and privacy frameworks; ensure risks, incorporate AI risks and all institutional risks are clearly mapped to HIPAA, FERPA, PCI DSS, and other regulatory obligations, with defensible documentation and audit-ready evidence
Qualifications
Education/Experience
Knowledge/Skills/Abilities
Certifications/Licensures
Travel
Working Conditions
Maximum Salary
USD $150,000.00/Yr.
Minimum Salary
USD $120,000.00/Yr.