"Director of Information Security"

Director of Information Security

SUNY Brockport

Salary: $113,568.00 - $125,523.00 Annually

Location: SUNY Brockport

Job Type: Professional Full-Time

Job Number: 2500262

Division: Administration and Finance

Department: Information Technology Services (BITS)

Opening Date: 01/30/2026

SUMMARY

SUNY Brockport invites applications for the Director of Information Security. This role is responsible for maintaining, developing, and executing a comprehensive information security strategy and policies that support academic, research, and administrative functions. This strategic leader will report directly to the Chief Information Officer and will manage the Information Security Office (ISO), overseeing the direction of information security, managing audits, overseeing compliance, and serving as the primary authority on institutional cybersecurity.

JOB FUNCTIONS

Essential Functions:

• Strategic Leadership: Defines and implement the university-wide information security and privacy strategy, including governance, risk, compliance, and operational oversight.
• Risk & Compliance Management: Leads audits, regulatory compliance initiatives, and risk assessments to ensure adherence to federal, state, and institutional requirements, including GLBA and SUNY Information Security Policy 6900.
• Advises senior leadership and external partners concerning information security risks. This could include vendors, third-party technology, and AI-related initiatives.
• Oversees the day-to-day information security practices associated with phishing, user vulnerabilities, and departmental requests about information security.
• Manages student workers who support the Information Security Office's operations.
• Partners with IT units and campus leaders to embed security and privacy practices as well as reviews into technology planning, solution design, procurement, and change management.
• Develops and leads security awareness and education efforts for the university community and provides consulting support for departments using KnowB4.

REQUIREMENTS

Minimum Qualifications:

• Bachelor's degree from a college or university accredited by the U.S. Department of Education or an internationally recognized college or university
• Minimum of five years of progressive experience in information security, cybersecurity, risk management, or other IT leadership roles
• Strong understanding of security vulnerabilities, attack vectors, and countermeasures across major operating systems
• Excellent written and verbal communication skills

Preferred Qualifications:

• Strong understanding of NIST, ISO 27001, SOC 2, and GLBA
• Professional security certification such as CISSP, CISM, CRISC, or equivalent
• Knowledge of information security controls and administration
• Experience with higher education information security data compliance

ADDITIONAL INFORMATION

Work Schedule: 37.5 hours/week: Monday-Friday, 8 am-4 pm.

Benefits: This position is benefits eligible. Find out more about benefits at Careers@Brockport.

Application Instructions: This position is not eligible for visa sponsorship. Visit jobs.hr.brockport.edu to complete an application including your cover letter that addresses required and preferred qualifications, resume/CV, and contact information for three professional references.