Job Details

Cybersecurity Manager

Position Number: 6901785
Location: Albany, NY
Position Type: Computing - Network/System Administration

Cybersecurity Manager

About The Research Foundation for SUNY:

The Research Foundation for The State University of New York (RF) is the largest comprehensive university-connected research foundation in the country.

Our mission is to provide talent, services, and technology that empower SUNY to research, innovate, and transfer discoveries that transform the world's knowledge economy.

Our vision is to make SUNY the best place for faculty, students, and staff to research, innovate and solve the world's most pressing problems.

The RF serves SUNY by providing essential administrative services that enable faculty to focus their efforts on educating students and performing life-changing research across a wide range of disciplines including Artificial Intelligence, Clean Energy, Biotechnology, Longevity, Substance Addiction, Nextgen Quantum Computing, Environmental Health, and Resiliency. We work with the academic and business leadership of SUNY campuses to facilitate research and discovery by administering sponsored projects and delivering intellectual property and technology transfer services that fuel innovation and move ideas and inventions to the marketplace.

The RF is committed to diversity, inclusion, and a working environment that enhances productivity creates personal and professional opportunities, unleashes everyone's full potential, and fuels innovation. We hold the organization and each other to the highest standards of integrity, accountability, and ethical behavior.

Visit www.rfsuny.org and connect with us on Facebook, Twitter, and LinkedIn. Learn about SUNY at www.suny.edu.

Job Description:

FUNCTION AND SCOPE

The Cybersecurity Manager is responsible for leading the evaluation, implementation, and ongoing operation of the organization's information security program to ensure that information assets and associated systems, applications, infrastructure, and processes are adequately protected.

Reporting to the Chief Information Security Officer (CISO), this role is accountable for managing cybersecurity risk across the organization, overseeing security operations and governance processes, and ensuring compliance with applicable legal, regulatory, contractual, and sponsor requirements.

This position requires a strategic, hands-on leader with strong technical breadth, proven leadership ability, and deep experience operating in regulated, research, or government-funded environments. The Cybersecurity Manager works cross-functionally with ITS, Compliance, Legal, Sponsored Programs, Data Governance, Human Resources, campuses, system partners, and external agencies to implement and sustain effective security practices aligned with organizational risk tolerance and business objectives.

A key responsibility of this role is partnering with leadership and stakeholders to define acceptable risk levels, translate risk into business terms, and ensure that security controls and investments are aligned to institutional priorities.

KEY RESPONSIBILITIES

Lead and operate the organization's cybersecurity risk management program, including risk identification, assessment, treatment, and reporting.
Oversee third-party and vendor security risk management, including security reviews of cloud services, applications, AI tools, and external service providers.
Direct vulnerability and threat management programs, including network, firewall, endpoint, identity, and application security, and ensure timely remediation of findings.
Lead and coordinate cybersecurity incident response activities, including tabletop exercises, investigations, and coordination with internal teams and external partners.
Maintain and govern information security policies, standards, and procedures, ensuring regular review and alignment with regulatory and sponsor requirements.
Prepare and present cybersecurity risk, posture, and readiness reports to executive leadership, audit committees, and external stakeholders.
Coordinate and support cybersecurity audits, sponsor reviews, and compliance assessments (e.g., CMMC, DFARS, FAR, NIST).
Collaborate with Data Governance, Legal, I&E, HR, and Sponsored Programs to ensure alignment between cybersecurity, privacy, and regulatory obligations.
Assist in cybersecurity budget planning, cost justification, and procurement of security tools and services.
Support the design and operation of secure research environments, including cloud-based enclaves and segmented networks supporting CUI/FCI and regulated research.
Provide leadership, direction, and prioritization across multiple concurrent security initiatives and operational demands.

LEADERSHIP PROFILE

Acts with integrity and sound judgment - Handles sensitive and confidential matters with discretion and professionalism.
Leads through influence and service - Builds trust, bridges organizational boundaries, and aligns business and technical stakeholders.
Understands the business - Brings a pragmatic, risk-based approach to security that enables research and operations while protecting the organization and its assets.
Communicates effectively - Can translate cybersecurity risk and technical concepts to executives, business leaders, and both technical and non-technical staff.
Operates under pressure - Remains calm, decisive, and effective during incidents, audits, and high-stakes situations.
Thinks strategically and executes tactically - Balances long-term program maturity with day-to-day operational execution.
Drives outcomes - Brings strong project, financial, and resource management skills and can lead complex initiatives to completion.
Shapes decisions - Influences outcomes in complex or ambiguous environments using data, judgment, and collaboration.
Develops people - Invests in mentoring and coaching staff, builds skills and confidence in junior team members, and actively contributes to the organization's long-term cybersecurity capabilities.

Requirements:

EDUCATION & EXPERIENCE

Required:

Minimum of five (5) years of experience in information security, including at least three (3) years in a leadership or supervisory role.
Bachelor's degree in information security, information technology, business, or a related field, or equivalent combination of education, experience, and certifications.
Strong working knowledge of cybersecurity governance and frameworks, including:

NIST CSF
NIST SP 800-53, 800-171, 800-172
CMMC 2.0

Experience supporting regulated or research environments involving CUI/FCI, FAR, DFARS, export-controlled research, and/or NIH/DoD/DoW/DOE requirements.
Professional certification such as CISSP, CISM, CISA, or similar.

Additional Information:

Compensation for this position: The compensation for this role is between $112,835 -$144,491 . The pay will depend on a variety of factors that may include but are not limited to experience, education, training, certifications, and internal equity.

Application Instructions:

Applicants interested in applying MUST submit the following documents:

1. Resume/Cv
2. Cover Letter

After submitting your resume/CV, the subsequent pages enable you to upload your cover letter and additional documents.

To apply, please visit: https://rfsuny.interviewexchange.com/jobofferdetails.jsp;jsessionid=D0A11C44229F28D23E1468F23F062A49?JOBID=196995