The Talent Acquisition department hires qualified candidates to fill positions which contribute to the overall strategic success of Howard University. Hiring staff “for fit” makes significant contributions to Howard University’s overall mission.
At Howard University, we prioritize well-being and professional growth.
Here is what we offer:
- Health & Wellness: Comprehensive medical, dental, and vision insurance, plus mental health support
- Work-Life Balance: PTO, paid holidays, flexible work arrangements
- Financial Wellness: Competitive salary, 403(b) with company match
- Professional Development: Ongoing training, tuition reimbursement, and career advancement paths
- Additional Perks: Wellness programs, commuter benefits, and a vibrant company culture
Join Howard University and thrive with us!
https://hr.howard.edu/benefits-wellness
JOB PURPOSE:
The Senior Director of Cybersecurity will oversee and enhance the university's cybersecurity program within a sophisticated hybrid IT environment. This position combines visionary leadership typical of a cybersecurity executive with extensive technical expertise similar to that of a Security Architect and Engineer. The Senior Director will have primary accountability for securing the university's systems, applications, networks, and data, ensuring adherence to regulatory requirements, and guiding technical teams in initiatives focused on threat prevention and mitigation.
SUPERVISORY AUTHORITY:
The Senior Director of Cybersecurity will supervise a team of cybersecurity professionals, including managers, engineers, and analysts. This position holds the authority to make decisions regarding hiring, training, performance evaluations, and disciplinary actions within the cybersecurity department.
NATURE AND SCOPE:
Internal contacts include administrators, faculty, students and staff of the department and University and Howard University Hospital CIO. External contacts include vendors, consultants, investigators, auditors, etc. Collaborate closely with the Chief Audit and Compliance Officer.
PRINCIPAL ACCOUNTABILITIES:
- Develop and execute a university-wide cybersecurity strategy that aligns with Howard University’s goals and emerging threat landscapes
- Lead cross-functional cybersecurity governance initiatives, partnering with senior academic and administrative leaders to promote a security-first culture
- Design, implement, and continuously evolve a secure infrastructure architecture across hybrid environments (on-premises and Azure cloud), including identity management (Entra ID), network segmentation, Zero Trust, and secure access
- Evaluate and select enterprise-class security solutions: firewalls, IDS/IPS, SIEM (e.g., Microsoft Sentinel), endpoint detection and response (EDR), encryption, and data loss prevention (DLP)
- Conduct architectural risk analysis, threat modeling, and develop mitigation strategies for new and existing systems and applications
- Ensure identity and access management (IAM) policies align with least privilege and role-based access control principles
- Oversee real-time security monitoring, incident detection, and coordinated incident response efforts, utilizing SIEM and SOAR platforms
- Drive security assessments, penetration tests, and red/blue team exercises to proactively identify and resolve vulnerabilities
- Manage vulnerability management programs and ensure timely patch management across all systems
- Maintain and test business continuity and disaster recovery (BC/DR) plans related to information security incidents
- Coordinate with other departments to integrate cybersecurity measures into business processes
- Monitor and analyze security metrics to provide insights and recommendations to senior leadership
- Stay informed about the latest cybersecurity trends, threats, and technologies
CORE COMPETENCIES:
- Expert experience in the following:
- Windows Server Operating Systems, VMware
- Core enterprise roles such as Active Directory, Group Policy, RAIDUS\NPS, CAs
- Bare metal servers and data center configurations
- Falcon Crowdstrike
- Microsoft Azure (IaaS, PaaS, SaaS), Office 365, Entra ID, Azure Sentinel
- Hybrid cloud integrations
- Authentication protocols
- Threat Intelligence, Threat Hunting
- Proficient in securing firewalls, VPNs, and virtual environments (VMware/Hyper-V).
- Hands-on experience with Microsoft Defender Suite, Cisco DNA, and Cisco ISE
- Familiar with scripting for automation (e.g., PowerShell, Python) to streamline security operations
- Deep knowledge of secure software development lifecycle (SSDLC), DevSecOps principles, and CI/CD pipeline security
- Experience implementing TLS, SSL, VPN encryption, HSMs, and certificate lifecycle management
- Ability to lead cross-functional teams in promoting a culture of compliance and cybersecurity accountability across the enterprise.
- Demonstrated expertise in developing, implementing, and auditing cybersecurity policies, controls, and compliance frameworks within complex IT environments.
- Strong experience with cybersecurity risk management processes, including risk assessments, business impact analyses (BIAs), and control mapping.
MINIMUM REQUIREMENTS:
A Bachelor's degree from a four-year college or university in computer science/ Information Technology with a security concentration and a Master’s degree in business administration is highly desirable. Industry certifications in cybersecurity are preferred and 10 to 15 years of experience in information security. Minimum three years’ experience working with firewall, vulnerability scanning, intrusion detection products and authentication technologies and three years of experience with network security, incident response, auditing, intrusion detection, forensics, vulnerability assessments, and/or analytic tools; or equivalent combination of education and experience. One or more of the following: CISM, CISSP, CISA, CGEIT, CRISC, and, or other security certification.
Compliance Salary Range Disclosure
$160,000-$170,000