Associate Director, Cyber Defense OIT

Emory University is a leading research university that fosters excellence and attracts world-class talent to innovate today and prepare leaders for the future. We welcome candidates who can contribute to the excellence of our academic community.

Emory University is seeking a strategic and technically skilled Associate Director of Cyber Defense to lead its Cyber Defense Team. This role is responsible for overseeing cybersecurity detection engineering managing threat intelligence and Emorys vulnerability management program and coordinating incident response efforts across the institution. The Associate Director will play a critical role in protecting Emorys digital assets and ensuring operational resilience.

KEY RESPONSIBILITIES:

• Lead the Cyber Defense Team in all aspects of security incident management and response.
• Oversee the development and execution of threat intelligence and vulnerability management programs.
• Direct incident investigations and ensure timely and accurate documentation of findings.
• Coordinate with law enforcement and external incident response vendors as needed.
• Provide expert guidance on procedural aspects of incident response and forensic analysis.
• Regularly update the CISO and other leadership groups on incident status and risk assessments.
• Conduct investigations of containment of compromised systems and assess potential data exposure.
• Support the implementation integration and enhancement of security monitoring tools and methodologies including: EDR SIEM IDS/IPS SOAR etc.
• Represent the Cyber Defense function in cross-functional initiatives and governance forums.
• Manage relationships with third-party MSSPs.
• Develop and maintain operational metrics to measure the effectiveness of incident response activities and vulnerability remediation efforts.
• Continuously mature and evolve the cyber defense program identifying opportunities for improvement in processes tools and team capabilities.
• Lead regular simulations and tabletop exercises to test incident response readiness improve coordination and ensure alignment with Emorys risk management objectives.

• Technical design implementation maintenance and strategic thought-leadership responsibilities for multiple information security disciplines such as security policy awareness and education risk management incident response vulnerability management intrusion detection and prevention regulatory compliance and security operations.
• Drafts and reviews information security policies processes and procedures.
• Prepares information security awareness and education materials and other documentation.
• Determines and documents information security requirements and controls necessary for the protection of information resources.
• Implements and administers plans processes and procedures necessary to ensure compliance.
• Supervises other information security professionals and acts as a senior consultant to internal and external stakeholders or auditors as well as senior management.
• Provides guidance and assistance regarding information security matters such as the interpretation of information security policies and requirements or their applicability to particular situations.
• Oversees information security incident response activities risk assessment and risk management activities and vulnerability assessment and vulnerability management activities spanning multiple business units.
• Manages detailed network operating system database and application vulnerability assessments and security configuration audits.
• Manages information security projects and initiatives.
• Oversees operational tasks supporting information security functions such as intrusion detection and prevention security event log analysis management reporting virus prevention and remediation encryption network segmentation remote access and authentication.
• Supports maintains monitors troubleshoots and enhances security infrastructure tools methodologies software and hardware.
• Independently develops automated tools and methodologies in support of Information Security functions.
• Analyzes data from Information Security functions and provides reports and recommended response actions to Information Security management.
• Represents Information Security to other organizations on information security related matters as assigned.
• Publishes regular status reports and submits to management.
• Performs related responsibilities as required.

MINIMUM QUALIFICATIONS:

• A bachelors degree and seven years of related IT experience including demonstrated technical expertise in multiple information security domains project management skills and lead or supervisory experience OR an equivalent combination of education training and experience.
• Excellent project management and team participation skills.
• Good written and verbal communication skills.
• Strongly preferred qualifications include: knowledge of information security technologies methodologies and practices in security policy standards and best practices; security awareness; security incident response; risk assessment and management; vulnerability assessment and management; intrusion detection and prevention; system administration (Windows OS X Linux Solaris etc.); auditing and security administration of network operating system database and application security; access control; encryption; firewalls and proxies; networking; security event log analysis; virus prevention and remediation; and programming/scripting.
• Security certifications are a plus (e.g. SANS/GIAC CISSP CISA CISM).

PREFERRED QUALIFICATIONS:

• GCIH GIAC Certified Incident Handler
• GCFA GIAC Certified Forensic Analyst
• GCIA GIAC Certified Intrusion Analyst
• CISSP Certified Information Systems Security Professional
• CISM Certified Information Security Manager
• CEH Certified Ethical Hacker
• CHFI Computer Hacking Forensic Investigator
• CompTIA CySA CompTIA Cybersecurity Analyst
• CompTIA CASP CompTIA Advanced Security Practitioner

NOTE: Tasks related to this position can be performed remotely with only occasional visits to an Emory University location. Eastern (EST) time zone business hours may apply. Emory reserves the right to change this status with notice to employee. Emory does not approve as a primary work location in the following states; NJ AK and HI any U.S. Territories or outside of the United States.

Emory is an equal opportunity employer and qualified applicants will receive consideration for employment without regard to race color religion sex national origin disability protected veteran status or other characteristics protected by state or federal law. Emory University does not discriminate in admissions educational programs or employment including recruitment hiring promotions transfers discipline terminations wage and salary administration benefits and training. Students faculty and staff are assured of participation in university programs and in the use of facilities without such discrimination. Emory University complies with Section 503 of the Rehabilitation Act of 1973 the Vietnam Era Veterans Readjustment Assistance Act and applicable executive orders federal and state regulations regarding nondiscrimination equal opportunity and affirmative action (for protected veterans and individuals with disabilities). Inquiries regarding this policy should be directed to the Emory University Department of Equity and Civil Rights Compliance 201 Dowman Drive Administration Building Atlanta GA 30322. Telephone: (V) (TDD).

Emory University is committed to ensuring equal access and providing reasonable accommodations to qualified individuals with disabilities upon request. To request this document in an alternate format or to seek a reasonable accommodation please contact the Department of Accessibility Services at or call (Voice) (TDD). We kindly ask that requests be made at least seven business days in advance to allow adequate time for coordination.