Description

Georgia Tech seeks a visionary and collaborative leader with a distinguished record of outstanding accomplishment.  While no one person will embody all of the qualities enumerated below, the ideal candidate will possess as many of the following professional and personal characteristics:

• 10+ years of technology management experience, as well as experience in a university (or equivalent) environment.
• Strong interpersonal skills, the ability to organize resources and establish priorities, problem solving skills, and knowledge of office related computer applications.
• Demonstrated success in understanding research university business objectives and applying appropriate process or technology solutions.
• Strong skills in building professional relationships with peers both inside and outside of the institution.
• Knowledge of state and/or federal procurement processes and requirements.
• Strong knowledge of IT auditing and enterprise risk assessment.
• Knowledge of cyber security legal and policy issues.
• Ability to independently assess new technologies in the marketplace, determines relevance to the Georgia Tech mission, and plan for the acquisition and implementation of those technologies.
• This job requires advanced knowledge of strategic planning in a complex technology environment. 
• Experienced managing large IT or cybersecurity budgets.
• Team building, coaching, skills assessment and personnel evaluation skills are necessary.
• Ability to aggregate and prioritize multiple complex priorities. 
• Strong servant leadership philosophy skills are required to also include adaptive, agile, and versatile thinking in the face of rapid changes and uncertainty, situational awareness and assessment in making sound decisions, and aligning team and institutional values. 
• Strong skills in risk management and tolerance are also necessary.
• Experienced with securing and leading responsible adoption of emerging technologies with the security function and across the organization.  

Requirements

A key element of the AVP/CISO's role is working with Georgia Tech’s executive leadership team, external and internal leadership, stakeholders, and law enforcement agencies to determine acceptable levels of risk for the organization.  The AVP/CISO must be highly knowledgeable about the higher education environment (or can demonstrate equivalent experience) and ensure that information systems and data are maintained in a  secure mode while ensuring usability for The GT community.. The ideal candidate is a thought leader, a consensus builder, and an integrator of people, technology and processes. 

Specific responsibilities will include:

• Provide cyber security risk management leadership in support of the academic, research, and administrative mission and goals of the Institute.
• Define vision, mission, objectives, and goals of the Institute cyber security program, and manage the overall program to attain goals.
• Provide strategic budget management across organizational domains to maximize investments in information technology, while minimizing risk to appropriate levels.
• Engage with information technology and business leaders across GT to continuously improve customer experience and increase business impact. 
• Identify cyber threats and vulnerabilities; lead response efforts for all major cyber incidents, including partnership with USG and law enforcement agencies.
• Direct operations of the cyber security engineering activities across GT including design, development, and deployment of cyber security solutions that provide identification, prevention, detection, and response capabilities.
• Direct programs to continuously mature monitoring and response capabilities and direct operations for detecting incidents, respond to incidents, manage vulnerabilities, and lead the digital forensics program.
• Direct programs to continuously mature cyber security policy and compliance framework including to design, develop, and promulgate Institute cyber policy, standards and guidelines and ensure compliance with relevant regulations.
• Define cybersecurity metrics and reporting mechanisms to measure the ongoing success of the GT cyber security program, and regularly report the state of cyber risk to Institute executive leadership.
• Partner with Information Technology and Institute leadership to ensure institute initiative and programs incorporate appropriate controls and standards to manage risk and safeguard information/data assets belonging to, or entrusted to the Institute.
• Partner with Information Technology and other stakeholders across GT to develop innovative approaches to defend GT information systems and data including leveraging automation and emerging technologies such as generative artificial intelligence.
• Collaborate with the University System of Georgia and the Georgia Technology Authority to ensure Institute policies, the University System of Georgia, and the state support the efforts of the Institute.
• PREFERRED SKILL: CISSP (Certified Information System Security Certification), Masters Degree in Information Technology.