Associate Director, Application Risk and Compliance

Job not on LinkedIn

🕒 April 10

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

New York University Tisch School of the Arts

WebsiteLinkedInAll Job Openings

501 - 1000 employees

📚 Education

📱 Media

Education • Media • Arts

New York University Tisch School of the Arts is a renowned institution dedicated to the education and development of artists in various creative disciplines. It offers undergraduate and graduate programs in fields such as film, television, performing arts, and interactive media. Tisch provides a dynamic and supportive environment for students to cultivate their artistic skills, engage in innovative research, and explore new mediums while drawing inspiration from the vibrant arts culture in New York City and beyond.

📋 Description

• Provide strategic oversight and define the validation and risk management frameworks required to ensure the security, data privacy, and integrity of the NYU enterprise application ecosystem in alignment with best practices and NYU’s Global Information Security Program. • Act as a primary partner to Institutional Solutions Group (ISG) application portfolio leads, ensuring that application ecosystems, controls, and processes are aligned with University policies, standards, and procedures. • Operationalize and oversee the implementation of application security and data privacy controls, identifying and assessing potential security and privacy risks across diverse technology stacks to ensure an integrated approach to risk management. • Develop and implement standardized playbooks, templates, and tools to improve application security and data privacy effectiveness. • Validate that required controls are effectively in place across all ISG application portfolios. • Aggregate risk data and provide comprehensive compliance reports and dashboards to executive leadership.

🎯 Requirements

• Required Education: Bachelor's Degree in Computer Science, Business, or related major • Required Experience: 5+ years of progressive experience in information security, IT risk management, or IT compliance. • Direct experience with secure software development lifecycles (S-SDLC), application security frameworks, and technical vulnerability management (e.g., OWASP Top 10). • Proven history of conducting IT risk assessments, developing risk mitigation strategies, and overseeing compliance against institutional or federal standards. • Experience operationalizing data protection standards and interpreting privacy regulations such as GDPR, HIPAA, or FERPA in a technical environment. • Required Skills, Knowledge and Abilities: Deep understanding of applications security risks (OWASP Top 10), secure software development lifecycles, secure application integration standards, and common vulnerabilities across modern (cloud-native, AI-integrated) and legacy application stacks. • Proficiency in modern identity and access management standards. • Experience establishing automated 'Joiner-Mover-Leaver' workflows and centralized access review processes. • Strong ability to interpret federal and state regulations (e.g., FERPA, HIPAA, GDPR) and translate them into actionable technical controls for application developers. • Demonstrated ability to act as a consultative partner to technical leads while effectively presenting risk-based data and dashboards to non-technical executive leadership.

🏖️ Benefits

• NYU aims to be among the greenest urban campuses in the country and carbon neutral by 2040.