FIT NYC Deputy Director of Cyber & Endpoint Security

About Fashion Institute of Technology:

The Fashion Institute of Technology (FIT), part of the State University of New York and an internationally renowned college of art, design, business and technology with a strong emphasis on liberal arts, invites nominations and applications for a Deputy Director of Cyber & Endpoint Security.

Job Description:

The Fashion Institute of Technology seeks an experienced and highly capable cybersecurity leader to serve as Deputy Director, Cyber & Endpoint Security. Reporting to the AVP of IT Infrastructure Services / Chief Information Security Officer (CISO), this role serves as the senior operational leader supporting the day-to-day execution of FIT's cybersecurity program and helps safeguard the institution's systems, endpoints, networks, applications, and data.

This is a hands-on leadership role combining cybersecurity operations, endpoint security strategy, vulnerability management, incident response, governance, awareness training, and technical program execution. The Deputy Director partners across IT and campus stakeholders to strengthen FIT's cyber resilience while supporting the academic, administrative, and creative mission of the College.

Essential Functions:

Cybersecurity Operations & Enterprise Protection

• Lead day-to-day cybersecurity operations for the institution, including monitoring, threat detection, hardening, vulnerability management, endpoint protection, phishing defense, data protection, and remediation activities.
• Oversee security controls across institutional endpoints, servers, cloud platforms, mobile devices, and smart technologies.
• Manage security tools and services such as SIEM/log correlation, MDR/XDR, anti-malware, DLP, email security, intrusion detection/prevention, and vulnerability scanning platforms.
• Partner with infrastructure and engineering teams to ensure secure configurations, patching, image management, and lifecycle security practices.

Incident Response & Risk Management

• Lead or coordinate cybersecurity incident response activities including investigation, containment, recovery, root cause analysis, and communication.
• Maintain readiness for urgent or after-hours incidents requiring rapid response.
• Evaluate risks related to new technologies, vendors, systems, and business processes; recommend practical mitigation strategies.
• Lead vulnerability remediation planning and risk prioritization across enterprise systems.

Governance, Compliance & Policy

• Support institutional compliance obligations and security controls aligned with frameworks such as NIST, ISO, FERPA, PCI-DSS, and related standards.
• Assist in developing and maintaining cybersecurity policies, standards, procedures, and operational controls.
• Conduct or coordinate audits, control assessments, third-party security reviews, and documentation efforts.

Strategic Planning & Program Leadership

• Partner with the CISO on cybersecurity strategy, roadmaps, investments, and continuous improvement initiatives.
• Monitor emerging threats, technologies, and regulatory developments to inform institutional planning.
• Recommend enhancements that improve security maturity, efficiency, user experience, and cost effectiveness.
• Lead or support enterprise cybersecurity initiatives and cross-functional projects.

Security Awareness, Training & Communication

• Lead cybersecurity awareness programs for faculty, staff, and students including phishing simulations, training campaigns, events, and outreach.
• Provide expert guidance to IT teams and business stakeholders regarding cyber risk, secure practices, and operational controls.
• Prepare metrics, dashboards, and executive-ready communications for audiences ranging from technical staff to senior leadership.

Documentation & Operational Excellence

• Maintain security documentation, SOPs, knowledge articles, response playbooks, implementation plans, and operational reporting.
• Promote a culture of accountability, customer service, collaboration, and continuous improvement.

The preceding description is not designed to be a complete list of all duties and responsibilities required of the position; other duties may be assigned consistent with the classification of the position.

Requirements:

Minimum Qualifications:

• Bachelor's degree in Information Security, Computer Science, Information Systems, Enterprise Applications, Information Architecture, Engineering, Networking, or a related field.
• CISSP, CISM, or ISSMP certification.
• Minimum of five (5) years of relevant professional experience working within an information security/IT risk functional area, preferably with several years at a higher education institution.
• Experience administering or managing enterprise security technologies such as endpoint protection, vulnerability management, SIEM/log monitoring, identity/access controls, phishing defense, or incident response tools.
• Experience leading technical initiatives, coordinating cross-functional teams, and managing competing priorities.
• Experience developing or implementing security standards, procedures, or controls.

Preferred Qualifications:

• Experience in higher education.
• Experience supporting hybrid or remote workforce security models.
• Experience with JAMF, KACE, GPO, vulnerability scanners, cloud security tools, or SaaS security platforms.
• Experience leading awareness programs, phishing campaigns, audits, or regulatory compliance initiatives.
• Experience supporting strategic planning, budgeting, or cybersecurity program maturity efforts.
• Additional certifications in cloud security, privacy, audit, risk, or incident response.

Knowledge, Skills, & Abilities:

• Strong knowledge of cybersecurity principles, threat detection, endpoint security, systems hardening, patch governance, and incident response.
• Working knowledge of Windows, macOS, Microsoft Active Directory, and Google Workspace administration.
• Knowledge of cybersecurity frameworks and regulations including NIST, ISO, FERPA, and PCI-DSS.
• Knowledge of enterprise IT environments, cloud services, SaaS applications, and security operations best practices.
• Strong analytical, troubleshooting, problem-solving, and risk assessment skills.
• Strong verbal, written, and presentation communication skills.
• Strong project leadership, vendor management, and cross-functional collaboration skills.
• Ability to prepare executive summaries, dashboards, reports, and technical documentation.
• Ability to operate effectively during incidents and high-pressure situations.
• Ability to explain technical matters clearly to technical and non-technical audiences.
• Ability to influence stakeholders and lead through collaboration without direct authority.
• Ability to balance institutional accessibility, service needs, and cybersecurity priorities.
• Ability to manage multiple priorities with sound judgment and minimal supervision.

Additional Information:

Please note all offers of employment are contingent upon successful completion of the background check process.

Salary

Salary: $99,777.63 - $144,170.54 per year; commensurate with experience and qualifications.

Hiring Salary: $99,777.63 per year with step increments per Salary Schedule 96C, after one year of service and annually thereafter.

Work Schedule

Days/Hours: M-F, 9am-5pm, work schedule subject to change based on needs of the department.

Flexible Hybrid Schedule

Benefits

The Fashion Institute of Technology (FIT) provides comprehensive employee benefit programs designed to help keep our faculty and staff and their families healthy, safe, happy, and productive. Our programs also include a variety of components to help our employees improve the quality and balance of their work and family lives, and to help them prepare for their futures.

• Retirement Plans
• Health Care Plan and Dental Plan
• Employee Assistance Program
• Flexible Spending Account
• Commuter Benefit Plan
• FIT Tuition Exemption Program
• Paid Time Off (Vacation, Personal, Sick and Holidays)
• 4-day Summer Workweek
• Qualifying Employer for the Public Service Loan Forgiveness (PSLF) Program

For a full list of FIT benefits, visit our benefits webpage .

Pay Equity by State Employers

Pursuant to Executive Order 161, no State entity, as defined by the Executive Order, is permitted to ask, or mandate, in any form, that an applicant for employment provide his or her current compensation, or any prior compensation history, until such time as the applicant is extended a conditional offer of employment with compensation. If such information has been requested from you before such time, please contact the Governor's Office of Employee Relations at (518) 474-6988 or via email at [email protected].

Visa Sponsorship

This position is not eligible for visa sponsorship by the Fashion Institute of Technology.

Equal Employment Opportunity (EEO) Statement

FIT is firmly committed to creating an environment that will attract and retain people from a range of backgrounds. FIT is firmly committed to creating a learning and working environment that encourages, utilizes, respects, and appreciates the full expression of every individual's ability. The FIT community fosters its mission and grows because of its rich, pluralistic experience. FIT is committed to prohibiting discrimination, whether on the basis of race, color, creed, age, national origin, immigration or citizenship status, gender, sexual orientation, disability, marital status, partnership status, caregiver status, sexual and reproductive health decisions, uniformed service, height, weight, any lawful source of income, status as a victim of domestic violence or as a victim of sex offenses or stalking, whether children are, may be or would be residing with a person or conviction or arrest record, or any other characteristic protected by applicable federal, state, or local laws. FIT is committed to providing equal opportunity in employment, including the opportunity for upward mobility for all qualified individuals. Applications from veterans and persons with disabilities are encouraged. Inquiries regarding FIT's non-discrimination policies may be directed to the Chief Equal Employment Opportunity Officer/Title IX Coordinator, 212.217.3360.

Annual Security Report

The safety and well-being of FIT's students, faculty, staff, and visitors is of paramount importance. Pursuant to the Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act, FIT publishes an annual report containing crime statistics and statements of security policy, accessible here: Safety Statistics . A paper copy of the report will be provided upon request by contacting Public Safety's administrative office number at (212) 217-4999.

Physical Requirements and Work Environment

The working conditions for this position will be primarily in an office space. The physical requirement for this position will require constant sitting, occasional standing, occasional bending, occasional walking, and occasionally lifting 10 lbs. or less.

Application Instructions:

In order to be considered for this position, please submit the following documents online:

• Resume
• Cover letter
• Unofficial Transcript
• A list of three references with telephone numbers and email addresses

Returning Applicants - Login to your FITNYC Careers Account to check your submitted application material.

Review of applications will begin immediately until the position is filled.

Please note that due to the volume of applications, we will not be able to contact each applicant individually.

Additional information about the Fashion Institute of Technology can be found at: .