Position Purpose
The Director of Security Assurance leads Dartmouth’s cybersecurity governance, risk, and compliance functions within the Office of Information Security. The role establishes and maintains the institutional security policy framework, enterprise risk management program, third party risk oversight, awareness initiatives, and audit support processes, translating complex regulatory and research security requirements into actionable institutional standards.
Operating in a decentralized academic environment with shared governance, the Director advises the CISO and senior leadership on institutional cyber risk posture, ensures compliance with applicable federal and state requirements, and partners across academic and administrative units to embed security and risk management practices that support Dartmouth’s teaching, research, and clinical missions.
Required Qualifications - Education and Yrs Exp
Bachelors plus 6 or more years' experience or combination of education and experience
Required Qualifications - Skills, Knowledge and Abilities
- Demonstrated commitment to a collaborative, mission driven environment, with a track record of building cross functional trust and enabling teaching, research, and clinical operations through effective security practices.
- Minimum of 10 years of progressive professional experience in cybersecurity, including at least 5 years in governance, risk, and compliance leadership roles.
- Demonstrated experience designing, implementing, and maturing cybersecurity governance, risk, and compliance programs.
- Ability to conduct risk assessments, develop enforceable policies and standards, configure and optimize GRC platforms, and perform compliance gap analyses.
- Direct experience with at least two of the following regulatory or compliance frameworks: NIST SP 800-171, CMMC, HIPAA, FERPA, GLBA Safeguards Rule, PCI DSS, or ITAR and EAR.
- Demonstrated application of established security frameworks, such as NIST CSF, NIST RMF, CIS Controls, or ISO 27001, to structure and advance enterprise security programs.
- One or more current industry certifications, such as CISSP, CISM, CRISC, CGRC, or CISA, or equivalent credentials.
- Proven ability to communicate complex security and risk concepts effectively to executive leadership, faculty governance bodies, and technical stakeholders.
- Experience leading, hiring, mentoring, and developing cybersecurity or GRC professionals.
Preferred Qualifications
- Master’s degree in cybersecurity, information security, risk management, or a related field preferred.
- Experience in an R1 or R2 research university, academic medical center, or complex multi entity higher education environment.
- Experience supporting or managing controlled unclassified information environments, including Department of Defense funded research subject to NIST SP 800-171 or CMMC requirements.
- Experience operating effectively in decentralized organizations where influence, relationship building, and consensus development are critical to success.
- Experience assessing and governing security and privacy risks associated with artificial intelligence and machine learning systems, including generative AI adoption, data exposure risks, and institutional AI governance frameworks.
Department Contact for Recruitment Inquiries
Kyle Hastbacka
Department Contact Phone Number
Department Contact for Cover Letter and Title
Tom Nudd, Chief Information Security Officer
Department Contact's Phone Number
Equal Opportunity Employer
Dartmouth College is an equal opportunity employer under federal law. We prohibit discrimination on the basis of race, color, religion, sex, age, national origin, sexual orientation, gender identity or expression, disability, veteran status, marital status, or any other legally protected status. Applications are welcome from all.
Background Check
Employment in this position is contingent upon consent to and successful completion of a pre-employment background check, which may include a criminal background check, reference checks, verification of work history, conduct review, and verification of any required academic credentials, licenses, and/or certifications, with results acceptable to Dartmouth College. A criminal conviction will not automatically disqualify an applicant from employment. Background check information will be used in a confidential, non-discriminatory manner consistent with state and federal law.
Is driving a vehicle (e.g. Dartmouth vehicle or off road vehicle, rental car, personal car) an essential function of this job?
Not an essential function
Special Instructions to Applicants
Dartmouth College has a Tobacco-Free Policy. Smoking and the use of tobacco-based products (including smokeless tobacco) are prohibited in all facilities, grounds, vehicles or other areas owned, operated or occupied by Dartmouth College with no exceptions. For details, please see our policy. https://policies.dartmouth.edu/policy/tobacco-free-policy