Location
Albany, New York Metropolitan Area
Salary
Not specified
Type
fulltime
Posted
Today
Job Description
Location:
Albany or New York City, NY
Category:
Professional Positions
Job Type:
Full-time
Posted On:
Tue Jun 30 2026
Job Description:
The Chief Information Security Officer (CISO) serves as the leading authority on information security within the State University of New York (SUNY) System. The CISO establishes and advances systemwide information security governance by translating Board-approved policies into actionable standards, procedures, and guidance that are implementable across diverse campus environments. This includes aligning SUNY's cybersecurity program with recognized frameworks (e.g., NIST), and developing and maintaining core governance functions such as compliance attestation, standards management, third-party risk oversight, incident coordination, and campus support. Collectively, these activities form an integrated approach to managing shared cybersecurity risk across institutions with varied operations, resources, and technical environments.
The CISO also plays a central role in shaping SUNY's long-term cybersecurity strategy. This includes evaluating and defining the appropriate balance between centralized services and campus-level responsibilities; guiding the development of a sustainable security operations model; and ensuring coordination across key capabilities such as identity and access management, logging, threat detection, and incident response. In addition, the CISO serves as a senior advisor to system leadership on emerging and enterprise-level risks, including artificial intelligence governance, large-scale data initiatives, identity management, and third-party/vendor risk. The role emphasizes strategic coordination across policy, funding, and operational domains to ensure that cybersecurity capabilities are scalable, sustainable, and aligned with systemwide priorities.
Duties And Responsibilities
- Develop and execute a comprehensive cybersecurity strategy aligned with SUNY's mission, goals, and risk tolerance while providing strategic guidance to SUNY leadership on emerging cybersecurity threats, trends, and industry best practices.
- Direct and implement a comprehensive cybersecurity risk management framework that quantitatively assesses potential impacts on SUNY's mission and operations.
- Advise on security-affecting decisions and initiatives to align with SUNY's overall strategic objectives.
- Provide leadership and direction to IT and Security Operations teams to administer security operations effectively, including monitoring, threat intelligence, incident response, vulnerability management and collaboration \& intelligence sharing with New York State and other partners.
- Establish strong and trusting relationships with leadership at SUNY campuses and SUNY affiliated entities.
- Maintain consistent engagement with leadership at SUNY campuses and SUNY affiliated entities that will foster collaboration and cooperation for SUNY cybersecurity priorities and strategies.
- Oversee incident response activities, ensuring timely notifications and effective response to security incidents and breaches.
- Collaborate with the SUNY Risk and Compliance Office to ensure risk assessments are performed and recommend measures to mitigate information security risks.
- Oversee the SUNY Information Security Working Group, a cybersecurity group comprising internal and external stakeholders to gain diverse insights on security strategies.
- Advise on University-wide initiative on matters related to Information Security.
- Provide guidance and advice around risk assessment and management processes across academic and administrative programs, ensuring alignment with organizational objectives.
- Engage with key functional programs and stakeholders to advocate for the uniform application of SUNY information security policies and standards across all technology-based projects, systems, and services, while ensuring SUNY's compliance with relevant laws, regulations, and industry standards through enhancing and adapting the information security management framework.
- Foster awareness of information security threats and risks while promoting adherence to applicable laws and regulations.
- Coordinate with SUNY Counsel and functional office experts to ensure that clear guidance is provided.
- Promote a security-conscious culture across SUNY and provide training to faculty, staff, and students on cybersecurity best practices.
- Manage and assess security risks related to external vendors and partners, ensuring compliance with contractual security requirements.
- Develop and manage the CISO office budget, optimizing resource allocation to support security projects and initiatives aligned with SUNY's goals and priorities.
Direct Reports
- Assistant Chief Information Security Officer.
Job Requirements
Minimum Qualifications:
- Bachelor's degree in computer science, information technology, public administration, or a related field.
- Minimum of 10 years of progressive experience in information security, cybersecurity, or IT risk management, including at least 5 years in a leadership role.
- Demonstrated ability to lead and mentor security teams effectively. Excellent communication, collaboration, and problem-solving skills.
- Demonstrated experience developing and implementing enterprise-wide cybersecurity or information security programs within a complex, decentralized organization.
- In-depth knowledge of cybersecurity best practices, standards, frameworks, and regulations (e.g., NIST, ISO, FERPA, HIPAA).
- Strong understanding of information security technologies and tools, including network security, identity management, endpoint security, and cloud security.
- Demonstrated experience in incident response management and handling security breaches.
- Excellent communication, leadership, and collaboration skills, with the ability to influence and build strong relationships at all levels of the organization.
- Strong analytical and problem-solving skills, with the ability to make data-driven decisions and effectively manage risks.
Preferred Qualifications
- Advanced degrees and multiple relevant certifications (e.g., CISSP, CISM, GSOM, CRISC, CGEIT, CISA, etc.)
- Experience in leading information security initiatives in large, multifaceted government organizations or academic institutions.
- Comprehensive knowledge of cybersecurity practices, standards, and regulations. Demonstrated proficiency in managing security technologies and tools, incident response, and risk assessment.
Additional Information
- Salary is dependent on a variety of factors, including but not limited to, experience, education, training, and certifications. The range for this position is $160,000 - $192,000 annually.
- This position will be based in Albany or New York City.
- Usual work schedule is full-time Monday-Friday with required schedule flexibility including night and weekend work as part of emergency operations center (EOC) liaison duties when necessary.
- The SUNY CISO is routinely available for travel and after hours work as needed.
- Excellent Benefit Package which includes: NYS health insurance, free dental and vision coverage, competitive retirement options, tuition assistance, parental leave at full pay, and generous vacation, sick, and holiday time.13 days of paid holidays per year; 21 days of vacation, and 21 days of sick time accrued each year. Please see our MC benefits summary for additional information.
- Management/Confidential appointments work under the leadership and discretion of the appointing authority and are not represented by a union.
Applicants must be currently authorized to work in the United States on a full-time basis. VISA sponsorship is not available for this position.
SUNY System Administration Benefits
SUNY System Administration provides an outstanding and comprehensive benefits package to support you and your family through the many life changes you may experience while you work for SUNY. Our nationally recognized benefits include:
- Retirement: The choice between a fully funded pension plan and a self-driven defined contribution plan, along with two supplemental plans to increase your ability to save for retirement.
- Health Insurance: Several health insurance options at an affordable cost that provide full coverage without mandatory deductibles.
- Time Off: Paid time off with separate vacation and sick leave accruals up to 21 days a year for each category.
- Additional paid leave policy options for childbirth, adoption, elder care, and other family care situations.
- Explore our full benefits offerings here: www.suny.edu/benefits
Looking for more opportunities?
Browse thousands of graduate jobs and entry-level positions.