The mission of The University of Texas M. D. Anderson Cancer Center is to eliminate cancer in Texas, the nation, and the world through outstanding programs that integrate patient care, research and prevention, and through education for undergraduate and graduate students, trainees, professionals, employees and the public. The Director Cybersecurity serves a key member of the Cybersecurity leadership team and will act as a consensus builder, problem solver, and team leader for the overall cybersecurity organization. The Director Cybersecurity is a critical role that requires an individual with a strong technical background as well as innate understanding of balancing security requirements with business objectives. The Director Cybersecurity will act as an empowered team member with the Chief Cybersecurity Officer (CCSO) during planning and design initiatives to ensure security measures are incorporated into the IT strategy and priorities. In this role, the Director Cybersecurity must also articulate and intimately understand technical and complex Cybersecurity threats, methodologies, frameworks, technologies, and architectures. They should draw from previous hands-on experience to navigate technical decisions and challenges. This deep level of knowledge and fundamental understanding is critical to appropriately communicating, prioritizing, and mapping disparate technical data to actionable business risks - as well as holding others accountable. The Director Cybersecurity will assist with the consolidation of cybersecurity tools and the simplification and automation to streamline operations and the overall security architecture. JOB SPECIFIC COMPETENCIES - Department Management Oversees the Cyber Risk Management team who conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property (IP), as well as regulated or other protected data: Software as a service (SaaS) providers Cloud/infrastructure as a service (IaaS) providers Managed service providers (MSPs) - Collaboration/Coordination Coordinates with the Chief Data Officer and office to document data flows of sensitive information in the organization (e.g., PII or ePHI) and recommend controls to ensure that this data is adequately secured. - Architecture Work with Cyber Operations, Cyber Risk Management and Cyber Account Services to baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation and identity and access management (IAM), and other initiatives. - Assurance Validates IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable. - Management Oversees the team who evaluates statements of work (SOWs) for these providers to ensure that adequate security protections are in place. Assesses the providers' SSAE 16 SOC 1 and SOC 2 audit reports (or alternative sources) for security-related deficiencies and required controls. REQUIREMENTS Education: Bachelor's Level Degree Preferred Education: Master's Level Degree Certification: ISC2 - CISSP Experience: Fifteen years of cybersecurity experience to include five years of management. Preferred Experience: Experience with cyber risk management, GRC technologies, account services, disaster recovery, operations and cyber architecture design. It is the policy of The University of Texas MD Anderson Cancer Center to provide equal employment opportunity without regard to race, color, religion, age, national origin, sex, gender, sexual orientation, gender identity/expression, disability, protected veteran status, genetic information, or any other basis protected by institutional policy or by federal, state or local laws unless such distinction is required by law. http://www.mdanderson.org/about-us/legal-and-policy/legal-statements/eeo-affirmative-action.html Additional Information + Requisition ID: 172424 + Employment Status: Full-Time + Employee Status: Regular + Work Week: Days + Minimum Salary: US Dollar (USD) 220,000 + Midpoint Salary: US Dollar (USD) 240,000 + Maximum Salary : US Dollar (USD) 259,000 + FLSA: exempt and not eligible for overtime pay + Fund Type: Hard + Work Location: Hybrid Onsite/Remote + Pivotal Position: No + Relocation Assistance Available?: Yes + Science Jobs: No \#LI-Hybrid