Job ID: 2020-7531 Type: NYU IT (WS1170) # of Openings: 1 Category: Technology New York University
The Senior Director, Policy & Compliance is the key source to establish, develop and maintain a proactive IT Policy & Compliance Plan which includes identifying legal and regulatory requirements, developing policy, tracking compliance, monitoring IT controls, planning the remediation of non-compliance, and resolution of issues; as such, works closely with all levels of the NYU workforce, including senior leadership and cross-functional units, to define scope, communicate related risk of non-compliance, make recommendations to resolve non-compliance, and provides progress and status of non-compliance remediation efforts. Some examples of key partners are Global Compliance Office, FERPA Office, IT leadership, and the Office of General Counsel. The Senior Director, Policy & Compliance works directly with the Associate VP Gloabl CISO to ensure alignment of priorities, and directives consistent with institutional and NYU-IT goals, and overall vision of the Associate VP Global CISO; and, is responsible for building out the Policy & Compliance team including: hiring, setting goals, establishing metrics, monitoring performance, providing reviews, and establishing individual professional training and development plans. The Senior Director, Policy & Compliance is responsible for leading, professionally developing and managing the performance of two employees.
About NYU IT -NYU IT CORE BELIEFS
We demonstrate our core beliefs everyday in our interactions, attitude and performance.
People at the heart of everything we do: We listen to our clients, and colleagues, and use our expertise to anticipate and address their needs.
Create space to innovate: We challenge assumptions and seek out fresh perspectives and new ways of thinking to fuel our productivity.
Right promise. Right delivery: We set clear goals and priorities, and execute with speed and agility to deliver better results.
Share information. Build trust: We engage in open and honest communications that reflect inclusiveness, fairness and respect for each other.
Teams and partnerships work. Boundaries don’t: We collaborate to maximize the value we bring to NYU because our best ideas come from working together.
Required Education: Master's Degree Information Security, Information Assurance, Management Information Systems, Computer Information Systems, Computer Science, Engineering or related field.
Preferred Education: Juris Doctorate (J.D.) or other related degree, such as, Master's in Business Administration with a concentration in Law.
Required Experience: 10+ years in an information security and/or information technology role requiring interaction with senior leadership, of which 7+ years are related to specific experience with information security and technical policy and compliance in a complex international environment. and 7+ years supervisory experience. and 7+ years with frameworks such as CIS, COBIT, NIST 800 series and ISO 2700x and their application to cybersecurity and IT policy and compliance
Preferred Experience: 5+ years higher education and 5+ years in an international setting and 5+ years conducting investigations
Required Skills, Knowledge and Abilities: Strong knowledge of specific compliance drivers, including: GDPR (General Data Protection Regulation), Shield Act, PCI-DSS (Payment Card Industry-Data Security Standards), GLBA (Gramm-Leach-Bliley Act), HIPAA Privacy and Security (Health Insurance Portability and Accountability Act), NYS DFS (New York State Department of Financial Services) Cybersecurity Regulation, Export Control (ITAR, EAR, OFAC), Controlled Unclassified Information (CUI), DMCA (Digital Millennium Copyright Information), FERPA (Family Education Rights and Privacy Act), FISMA (Federal Information Security Management Act), and Red Flags Rule for Identity Theft Prevention Working knowledge of frameworks such as COBIT, NIST 800 series and ISO 2700x and their application to policy and compliance Demonstrates the ability to influence others and communicate clearly and effectively with a wide variety of internal and external people, both in formal and informal circumstances, and where necessary to gain their agreement and acceptance. Ability to understand the implications of new information for both current and future problem-solving and decision-making and demonstrates a high commitment to quality. Knowledge of processes that build and sustain an environment that adheres to the highest standards of integrity, ethics and confidentiality. Effective interpersonal skills with excellent written and verbal communication abilities adjustable to audience Ability to work in a fast-paced and dynamic environment, simultaneously handling multiple priorities
Preferred Skills, Knowledge and Abilities: Awareness of Six Sigma, ITIL, and Project Management a plus.
NYU aims to be among the greenest urban campuses in the country and carbon neutral by 2040. Learn more at nyu.edu/sustainability.
Founded in 1831, New York University is now one of the largest private universities in the United States. Of the more than 3,000 colleges and universities in America, New York University is one of only 60 member institutions of the distinguished Association of American Universities.