Associate Director, Cybersecurity Information Technology

• Leadership of NYPL’s cybersecurity team and daily operations
• Technical architecture and administration of the cybersecurity ecosystem
• Relationships with business partners, vendors, and government entities
• Communication of cybersecurity posture to senior leadership
• Cybersecurity KPIs, OKRs, and roadmap planning

• Mentor cybersecurity staff and build organization-wide awareness
• Guide teams in understanding and balancing risk
• Partner with IT and business units to promote security-by-design

• The Library’s unique public-sector responsibilities and dynamics
• Evolving regulatory and community expectations
• How to right-size tools and processes for transparency, scale, and resilience

• Operational efficiency and incident response maturity
• Cross-functional collaboration and communication
• Public trust in NYPL’s cybersecurity leadership

• Directly review current network topology, configurations, and circuit health across 90+ sites
• Log into and inspect FortiManager, FortiAnalyzer, and FortiGate firewall policies
• Validate AWS networking setup including VPN tunnels, security groups, and routing tables
• Shadow the team during real-time incident response and review escalated network tickets
• Assess monitoring and alerting workflows (SolarWinds, Cacti, etc.) for gaps or noise

• Personally lead a review and cleanup of legacy switch/router configs and firewall rules
• Optimize alert thresholds and performance dashboards across network monitoring tools
• Audit AWS VPC structure and VPN connectivity for resiliency and best practices
• Introduce configuration or automation improvements based on early observations
• Report on baseline network health, ticket trends, and team responsiveness with recommendations

• Architect and implement targeted improvements (e.g., circuit upgrades, core switch refresh, AWS route tuning)
• Lead technical planning for capital projects, wiring closet rebuilds, and site expansions
• Serve as Tier-3 hands-on escalation for complex or recurring network incidents
• Validate network security controls (segmentation, NAC, remote access) across all layers
• Deliver measurable gains in uptime, response time, and documentation maturity

• Develop and enforce cybersecurity policies, procedures, and standards
• Lead threat detection, investigation, and response efforts across the organization
• Administer and optimize NYPL’s cybersecurity tools, including EDR, NDR, and phishing defense platforms
• Analyze security alerts and threat intel to drive real-time response and containment
• Conduct hands-on technical reviews of security events, response workflows, and emerging risks
• Coordinate audits, tabletop exercises, and maturity assessments
• Report on cybersecurity posture, risk trends, and incidents to senior leadership

• Build alignment with stakeholders to balance security and operations
• Liaise with NYC Cyber Command, Physical Security, and law enforcement
• Advance cybersecurity awareness across the organization
• Partner with IT and business leads to close security gaps
• Lead complex, cross-functional cybersecurity initiatives
• Maintain trust through clear, timely communication during incidents

Required Education, Experience & Skills

• Bachelors degree or combination of education and work experience

• 8+ years administering technology in widely distributed or decentralized organizations
• 5+ years in a cybersecurity leadership role with direct stakeholder engagement responsibilities
• 5+ years managing teams in complex, cross-functional environments
• Demonstrated experience operating in public sector, non-profit, or highly regulated settings
• Proven ability to lead and influence implementation of new cybersecurity policies and procedures across diverse teams
• Strong hands-on experience with vulnerability management, network security, and systems security
• Familiarity with building and scaling cybersecurity programs from both strategic and operational perspectives
• Deep knowledge of NIST, ISO, or similar cybersecurity frameworks and how to apply them in real-world business contexts
• Experience navigating regulatory compliance, public sector governance, and politically sensitive environments
• Track record of leading cross-functional initiatives with multiple stakeholders, including boards, government agencies, and community partners

• Exceptional written and verbal communication skills; able to tailor complex security topics for technical teams, business stakeholders, and executive leadership
• Strong critical thinking and problem-solving abilities, with a track record of delivering solutions under tight budget and resource constraints
• Deep understanding of risk management with pragmatic, business-aligned remediation strategies
• Demonstrated ability to influence without authority across complex organizational structures
• High emotional intelligence and the ability to navigate organizational dynamics and manage change
• Skilled at building consensus among diverse stakeholder groups with competing priorities
• Experience translating technical risk into business impact for non-technical audiences, including executives and board members
• Familiarity with public sector environments, including political and community considerations
• Broad hands-on expertise across core Information Security domains, including:
  • Incident Response
  • BCP/DR 
  • Endpoint protection (AV/MDR)
  • Security monitoring and SIEM
  • Log aggregation
  • WAF and firewall management
  • Patch and vulnerability management
  • Penetration testing and incident response coordination

• Direct management of a team with focus on developing both technical and soft skills. This position reports to the Senior Director, ITIO & Cybersecurity and coordinates executive communications through established IT leadership and communication channels.

More...

• Be Helpful to patrons and colleagues
• Be Resourceful in solving problems 
• Be Curious in all aspects of your work
• Be Welcoming and Inclusive

• Office setting with significant stakeholder interaction
• Hybrid 3-on / 2-off as workload permits

• Lift equipment up to 25 lbs

• Available on-call after hours and weekends
• Hybrid 3-on / 2-off as workload permits
• Travel to NYPL sites as needed
• Availability for stakeholder meetings and community events as required