Sr. Director, IT Security Operations & Deputy CISO

About The Position

Requirements

• Proven ability to lead and develop a team in a fast-paced technical environment.
• Strong knowledge of one or more security frameworks.
• Proven ability to effectively communicate complex concepts to both technical and non-technical audiences at all levels of the organization.
• Strong knowledge of current and emerging enterprise IT technologies and services
• Business savvy to be able to translate and effectively communicate security concerns in business terms.
• Forward-looking, out of the box thinker able to challenge the status-quo to deliver innovative security strategies and services.
• Ability to respond to Cyber Security alerts and communicate during off hours is required.
• Bachelor’s degree required.
• Minimum 10 years of related experience, or an equivalent combination of training and experience preferred.
• Minimum 3 years of experience managing employees / leading a team preferred

Nice To Haves

• Master of Business Administration degree or equivalent experience demonstrating business acumen desired.
• Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) is preferred.

Responsibilities

• In collaboration with the CISO and other leadership, develop and maintain a multi-year strategy for the assigned area of responsibility aligned with NYPA’s risk appetite, IT & business strategies, threat trends and regulatory requirements.
• Oversee the development of information security capabilities and services, including the development of service line strategies, policies & standards, program & project portfolios and recommended staffing and delivery options.
• Guide and oversee the development of performance metrics and dashboards to monitor and control service performance and/or demonstrate business value.
• Prepare & deliver reports and presentations to senior management covering service performance, security threats and incidents and service enhancements.
• Coordinate efforts across Business Units, including network and telecommunications engineering and infrastructure, application services, HR, Legal and other groups to identify and address information security concerns within NYPA’s risk appetite.
• Act as an escalation point for security incident response or service delivery concerns.
• Perform financial oversight including the preparation and management of project and operational budgets.
• Manage employees including performance management, salary administration, succession planning and workload balancing.  Identify and recommend solutions to modify staff to meet NYPA needs.
• Measure and monitor cost, schedule, and performance including security metrics (KRI/KPI) of the security program.