Director of Information Security Engineering

About The Position

Requirements

• 10+ years of progressive cybersecurity experience
• 5+ years in a senior technical leadership role overseeing architecture or engineering functions.
• High School Diploma or equivalent (i.e. GED)
• Professional Certification(s): CISSP, ISC2 Certifications, GIAC.
• Experience as a security engineer or architect across at least two core disciplines (Platform Security, Application Security, AI Security, Cloud/Infrastructure Security, Data Security, DSPM)
• Experience securing Azure PaaS/IaaS, Microsoft 365, Microsoft Fabric, or similar.
• Experience as an engineer or architect across multiple security domains: zero trust architecture, application security, cloud security (Azure), identity and access management, network security, endpoint protection, data security, and security automation.
• Experience with AI and machine learning applications in cybersecurity, including familiarity with AI-enabled security tools, LLM-related risks, and emerging threats associated with enterprise AI adoption.

Responsibilities

• Drive organizational and cultural change within the team, promoting a growth mindset, accountability, and engineering excellence while building alignment and demonstrating measurable progress.
• Establish and promote modern security engineering practices, including infrastructure-as-code, security-as-code, zero trust architecture, and DevSecOps integration across the university's technology ecosystem.
• Be an internal change agent, advocating for security modernization across ITS and with university leadership.
• Provide authoritative technical direction across security architecture and engineering disciplines, including network and cloud security, endpoint and data protection, application security, and security tooling platforms.
• Lead the security architecture practice including defining clear service parameters, setting high technical standards, reviewing architecture decisions, and ensuring solutions are forward-looking, practical, and aligned to risk posture.
• Own the university's enterprise security reference architecture, ensuring it reflects current threat landscapes, regulatory requirements (NIST 800-171, GLBA, FERPA, etc.), and modern delivery models including cloud-native and hybrid environments.
• Evaluate, select, and oversee implementation of security technologies with disciplined focus on reducing complexity, improving efficacy, and enabling automation.
• Establish and lead the ISMO's strategy for applying AI and machine learning to advance security engineering capabilities and tooling.
• Partner with governance, risk, privacy, and AI stakeholders to assess and address security risks introduced by AI adoption including shadow AI, generative AI data exposure, and risks introduced by autonomous AI agents operating within enterprise environments.
• Stay current with the rapidly evolving AI security landscape and serve as a subject matter authority to the D-CISO, senior IT leadership, and AI leadership on both AI-enabled security and AI-security related risk.
• Identify opportunities to leverage automation and AI to increase the team's capacity and capability without proportional headcount growth.
• Partner with the Deputy CISO to define a multi-year Security Architecture and Engineering strategy, translating vision into actionable roadmaps, funded initiatives, and measurable outcomes.
• Develop and present compelling business cases to the Deputy CISO and CISO to secure funding, headcount, and organizational support for strategic initiatives.
• Build and manage a portfolio of security initiatives, ensuring alignment to institutional risk priorities, compliance obligations, and technology strategy.
• Collaborate with the AVP of Governance, Risk, Compliance and Privacy to ensure architecture and engineering decisions are grounded in risk and that controls are implemented effectively and measurably.
• Lead, develop, and retain a team of security architects, engineers, and managers — creating clear career paths, fostering technical excellence, and building a high-performing culture.
• Design and evolve the team structure, capabilities, and leadership depth required to deliver the future-state vision, aligning talent and resources to strategic priorities while developing both managers and individual contributors.
• Recruit and onboard talent capable of delivering the future-state vision, including individuals who bring skills the current team does not possess.
• Set clear expectations for performance, accountability, and continuous improvement across the team.
• Serve as a mentor and technical escalation point for architects and engineers navigating complex problems.
• Advise the Deputy CISO, CISO, and ISMO leadership team on security architecture, engineering trends, and emerging risks.
• Engage effectively with university stakeholders across business units, translating technical concepts into business and mission impact.
• Represent the security architecture and engineering function in governance forums, project review boards, and vendor negotiations.

Benefits

• High-quality, low-deductible medical insurance
• Low to no-cost dental and vision plans
• 5 weeks of paid time off
• Paid holidays
• Employer-funded retirement
• Free tuition program
• Parental leave
• Mental health and wellbeing resources