Director, Cybersecurity

Primary Work Address: 4000 Jones Bridge Road, Chevy Chase, MD, 20815 Current HHMI Employees, click here to apply via your Workday account. HHMI is focused on supporting and moving science forward in a variety of different ways ranging from conducting basic biomedical research, empowering educators, inspiring students, developing the next generation of scientists – even stretching into film and media production. Our Headquarters is in the greater Washington, DC metro area and is home to over 300 employees with expertise in investments, communications, digital production, biomedical sciences, and everything in between. The work housed here supports and augments the groundbreaking research conducted in HHMI labs across the nation. As HHMI scientists continue to push boundaries in laboratories and classrooms, you can be sure that your contributions while working here are making a difference.

Summary

Howard Hughes Medical Institute (HHMI) advances scientific discovery and education in the life sciences. The Technology & Systems Management (TSM) team supports that mission by delivering secure, resilient, and forward-looking technology solutions across the Institute. We are seeking a Director, Cybersecurity to lead HHMI’s enterprise information security program and strengthen the Institute’s overall security posture in an evolving threat landscape. The Director, Cybersecurity serves as the Institute’s senior cybersecurity leader and trusted advisor to the CTO and executive leadership on risk posture and emerging threats. This role is responsible for ensuring the confidentiality, integrity, and availability of digital assets across enterprise systems, infrastructure, and applications. The Director leads internal cybersecurity and identity and access management (IAM) teams, partners with an external SOC/MSSP for continuous monitoring and response, and collaborates across TSM and Institute leadership to embed security into technology strategy and operations. This role also works closely with Risk and Compliance and the Office of General Counsel to align cybersecurity governance with regulatory requirements and the protection of sensitive research and regulated data. This position reports to the Chief Technology Officer and is based at HHMI’s headquarters in Chevy Chase, Maryland. It follows a hybrid schedule with three in-office days per week and will have occasional travel to our Janelia Research Campus in Ashburn, VA. What You’ll Get: Mission-Focused Work: The opportunity to safeguard world-class scientific research by leading security efforts in a research-intensive, innovation-driven environment Strategic Partnership in Cutting-Edge Work: Working directly with senior leadership to shape enterprise-wide strategy and influence AI governance and emerging technology security. Competitive Total Rewards Package: Comprehensive healthcare, generous retirement contributions, paid leave, and additional programs that support well-being and professional development.    What You’ll Do: Develop, implement, and continuously evolve a comprehensive cybersecurity strategy aligned with organizational priorities and risk appetite. Serve as senior advisor to executive leadership on cybersecurity risk, posture, and emerging threats. In coordination with the EverydayAI team, lead development of governance frameworks and security practices for emerging technologies, including artificial intelligence and machine learning systems. Lead and develop cybersecurity and IAM teams across two locations, setting priorities, guiding technical direction, and fostering professional growth. Oversee enterprise security operations, including monitoring, vulnerability management, threat intelligence, and incident response. Direct and optimize relationships with external SOC and managed security partners to ensure effective 24/7 coverage. Partner with Risk and Compliance, the Office of General Counsel and other stakeholders to develop and enforce security policies, standards, and procedures; lead internal assessments and coordinate external audits. Establish and communicate security metrics to senior leadership that reflect performance, maturity, and risk reduction. Embed security principles into infrastructure, applications, and business systems design, including secure architecture, network segmentation, and identity and access management best practices. Provide strategic guidance and leadership for a team responsible for internal security/access assessments, coordinating external audits, and supporting regulatory and compliance initiatives across financial systems and other technology areas. Lead enterprise incident response and recovery efforts, and develop and test disaster recovery and business continuity plans from a security perspective. Oversee cybersecurity budgeting, including operational expenses, service agreements, equipment, and special projects. What You Bring: Education & Certifications Bachelor’s degree CISSP, CISM, CISA, or equivalent advanced security certification Experience 12+ years of progressive experience in information security 5+ years of leadership experience managing teams and vendors Knowledge of emerging technologies, including Artificial Intelligence Skills & Expertise Deep understanding of cybersecurity frameworks (NIST, CIS Controls) and risk management methodologies Experience with SOC operations, IAM platforms, cloud security, and endpoint protection technologies Strong understanding of identity governance, privileged access management, and authentication technologies Experience developing security governance frameworks for AI/ML systems and third-party AI tools Proven ability to build high-performing teams and foster a culture of accountability, transparency, and continuous improvement Excellent communication skills with the ability to translate technical risks into business context Demonstrated problem-solving ability with strong communication, interpersonal, and organizational skills, and a high level of initiative. Physical

Requirements

Remaining in a normal seated or standing position for extended periods of time; reaching and grasping by extending hand(s) or arm(s); dexterity to manipulate objects with fingers, for example using a keyboard; communication skills using the spoken word; ability to see and hear within normal parameters; ability to move about workspace. The position requires mobility, including the ability to move materials weighing up to several pounds (such as a laptop computer or tablet). Persons with disabilities may be able to perform the essential duties of this position with reasonable accommodation. Requests for reasonable accommodation will be evaluated on an individual basis. Please Note: This job description sets forth the job’s principal duties, responsibilities, and requirements; it should not be construed as an exhaustive statement, however. Unless they begin with the word “may,” the Essential Duties and Responsibilities described above are “essential functions” of the job, as defined by the Americans with Disabilities Act. #LI-EG1 Compensation and Benefits Our employees are compensated from a total rewards perspective in many ways for their contributions to our mission, including competitive pay, exceptional health benefits, retirement plans, time off, and a range of recognition and wellness programs. Visit our Benefits at HHMI site to learn more. Compensation Range $213,319.20 (minimum) - $266,649.00 (midpoint) - $346,643.70 (maximum) Pay Type: Annual HHMI’s salary structure is developed based on relevant job market data. HHMI considers a candidate's education, previous experiences, knowledge, skills and abilities, as well as internal consistency when making job offers. Typically, a new hire for this position in this location is compensated between the minimum and the midpoint of the salary range. HHMI is an Equal Opportunity Employer We use E-Verify to confirm the identity and employment eligibility of all new hires. Howard Hughes Medical Institute (HHMI) is an independent, ever-evolving philanthropy that supports basic biomedical scientists and educators with the potential for transformative impact. We make long-term investments in people, not just projects, because we believe in the power of individuals to make breakthroughs over time. Why HHMI To move science forward we need a diverse collection of talents, expertise, and backgrounds in scientific research and science education, as well as communications, finance, human resources, information technology, investments, law, and operations. At HHMI, we encourage collaborative and results-driven working styles and offer an adaptable environment where employees can do their best work. What makes us strong is the diversity of our perspectives. We work to promote a culture of inclusion in our work environments and across the greater scientific community. To find more information about us and the steps we're taking to make HHMI a more inclusive organization, visit our About Us page. Your best option for consideration in our career opportunities is to apply directly via our HHMI Careers site. There, you will learn more about HHMI and can find information about our available roles. Contact us at [email protected] if you require an accommodation related to completing the job application. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. Applicants have rights under federal employment laws. For more information about your rights as an applicant, please review these posters: Family and Medical Leave Act (FMLA), Know Your Rights, and Employee Polygraph Protection Act (EPPA).

For more details click Apply Now.