Cornell University — Chief Information Security Officer

Cornell University is seeking the rare individual with expert information security knowledge and experience, the executive presence, gravitas, and communication skills to interact with and communicate to a sophisticated Board of Trustees and senior leadership team, and the ability to set and execute strategy and vision across a complex, decentralized organization to be its next Chief Information Security Officer (CISO).

The CISO provides direct leadership and management of the IT Security Office (ITSO). He/she sets direction and establishes campus priorities to reduce the risk and impact of cybersecurity intrusions by, to the extent possible, proactively preventing attacks through strategic engagement with appropriate external agencies together with investments in staff and contracted resources, technologies, policies, and communications. The incumbent creates and continuously improves a suite of effective and efficient security incident response procedures that enable the quickest and most effective reaction to cyber-attacks. The CISO will make decisions and lead security strategies that potentially affect every aspect of the Cornell infrastructure. Security decisions that are implemented within the central network can have diverse impact on the distributed units. This individual must understand the needs of the broader Cornell community, the requirements of the distributed units and the growing obligations for increased security.

The CISO provides general and specific leadership in the area of data security for both the central administrative functions as well as the distributed departments. He/she must help balance the computing needs of the university with the appropriate security measures to protect the data within the Cornell computing infrastructure and address the requirements in current and emerging international, federal, state and local legislation. This individual is also responsible for setting strategic direction and support for the federated authentication and authorization infrastructure. Decisions made in the context of this function greatly impact central services across the university and further impact services within local departments that rely on the central infrastructure.

The CISO will coordinate with the Director of IT Audit and other representatives of the internal audit function to assess university risk at both large and small scales and define appropriate safeguards to mitigate those risks.

Cornell is seeking candidates who possess a record of professional experience that demonstrates progressive responsibilities and significant senior-level management experience in a complex IT and IT Security environment. The CISO will ideally possess an in-depth understanding of a university academic environment and the roles and relationships of faculty, staff, students, and third-parties. Experience developing and/or supporting information technologies in a multi-platform, distributed environment, with responsibility for security of systems, networks and identity management technologies required.

The successful candidate should be highly collegial, consultative, have a non-hierarchical management style, the ability to develop and sustain collaborative relationships, and demonstrate commitment to cultural diversity and equal opportunity. Maintenance of a high degree of personal credibility and confidentiality is essential in this role due to the nature of the support and incidents this individual will be involved with.

Education and/or experience equivalent to a related master’s degree is required. Candidates must be proven leaders demonstrating a minimum of ten years prior experience managing cross functional teams in complex organizations including accountability for strategic planning, consensus building, organizational leadership, and technical performance. Coursework in computer science or information technology, and formal training or certification in IT security field, e.g., CISSP, is preferred. The successful candidate will be skilled at communicating with a Board of Trustees, senior level leadership, and both technical and non-technical audiences.

Cornell University has engaged Koya Leadership Partners to help in this search. Please submit applications, expressions of interest, and nominations to Liz Neumann, Tom Phillips, and Charlotte Harris here. The full position profile is available here.

No person shall be denied admission to any educational program or activity or be denied employment on the basis of any legally prohibited discrimination involving, but not limited to, such factors as race, color, creed, religion, national or ethnic origin, marital status, citizenship, sex, sexual orientation, gender identity or expression, age, disability, or protected veteran status. Cornell University is an affirmative action/equal opportunity employer.