Job Summary

• The Director provides strategic and operational oversight for three critical pillars of the University’s cybersecurity program: Security Engineering, Security Operations, and Information Compliance & Risk.
• This role is responsible for translating institutional vision into actionable plans, ensuring that Brown’s digital assets are protected through robust engineering, that security incidents are managed with precision, and that the University maintains a rigorous posture regarding IT risk and regulatory compliance.
• Acting as a key liaison between technical practitioners, University leadership, and administrative departments (including the Office of General Counsel and Brown Risk, Audit, and Compliance teams), the Director fosters a culture of continuous improvement and proactive risk management.

Matching Summary

Skills & Requirements

Key Requirements

• 10+ years of combined IT and IT security experience
• at least 3 years in a significant leadership role
• Proven management experience
• Experience with security operations, incident response, and security engineering
• Knowledge of privacy regulations (e.g., GDPR, CCPA, FERPA, HIPAA) preferred
• Industry certifications such as CISSP, CISM, CISA, or equivalent preferred
• Experience with vulnerability management, and security architecture
• Experience with cloud security (e.g. Azure, GCP, and AWS) preferred
• Knowledge of compliance frameworks and regulatory requirements (e.g. NIST 800-171 and PCI DSS)

Work Rights