The Information Security Architect is responsible for the design, development and delivery of the University of Chicago Booth School of Business information security strategy and the on-going management of that strategy. The position includes designing the information security architecture, defining security policies, security training and awareness, performing risk assessments, managing risk mitigations, monitoring for security incidents, responding to information security incidents and performing security incident remediation.
Manage all aspects of information technology security ensuring that information assets are protected by best practices in information security.
Responsible for developing the information security strategy and the plan to achieve the goals of that strategy.
Develop information security policies and standards aligning with University policies and standards.
Create a process to monitor and report on adherence to those the policies.
Work with management to determine acceptable levels of risk.
Responsible for information security incident response planning and the coordination of all information security incident response for the Booth School of Business in conjunction with the University Information Security office.
Perform risk assessments to identify potential risks and create risk mitigation strategies and contingencies to address the risks.
Coordinate and conduct information security training for faculty and staff and promote security awareness across the organization.
Assess current applications and architecture to ensure alignment with industry information security best practices and approved security standards.
Coordinate security penetration tests and define remediation plans to eliminate security vulnerabilities.
Coordinate with Internal and External Audit on security assessments.
Evaluate new products and technologies for information security best practices and perform security threat and architecture reviews prior to purchasing new technology.
Stay abreast of emerging issues and threats as well as technology to counter those threats.
Collaborate with peers across the University to continually improve information security throughout the organization.
Maintain the disaster recovery plan and manage the semi-annual testing of that plan.
Education, Experience and Certifications:
Bachelor's degree in an information technology related discipline required.
Master's degree preferred.
Advanced coursework or training in information technology security also required.
Security certification and related training preferred.
Minimum of seven years of progressive technology security experience with advanced knowledge of security technologies and concepts required.
Prior experience developing information security policies and managing the process to meet the objectives of those policies is required.
Prior experience with security in on-premise, cloud and hybrid environments required.
Technical Knowledge or Skills:
Advanced understanding of web and network penetration tools and techniques is required.
Ability to develop and deliver security awareness training required.
Proven technical expertise in networking, server technologies, applications and operating systems is required.
Ability to analyze and solve problems is required.
Ability to measure risks and identify strategies to address those risks required.
Proven ability to influence stakeholders and decision makers is required.
Familiarity with security concepts and standards, such as OAuth, SAML, Shibboleth, PHI, PCI, DSS, PII, encryption, and tokenization required.
Ability to lead and motivate teams to achieve tactical and strategic goals is required.
Strong attention to detail and good interpersonal skills required.
Excellent oral and written communication skills required.
NOTE: When applying, all required documents MUST be uploaded under the Resume/CV section of the application.
The University of Chicago is an Affirmative Action/Equal Opportunity/Disabled/Veterans Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national or ethnic origin, age, status as an individual with a disability, protected veteran status, genetic information, or other protected classes under the law. For additional information please see the University's Notice of Nondiscrimination.
Staff Job seekers in need of a reasonable accommodation to complete the application process should call 773-702-5800 or submit a request via the Applicant Inquiry Form.
The University of Chicago's Annual Security & Fire Safety Report (Report) provides information about University offices and programs that provide safety support, crime and fire statistics, emergency response and communications plans, and other policies and information. The Report can be accessed online at: securityreport.uchicago.edu. Paper copies of the Report are available, upon request, from the University of Chicago Police Department, 850 E. 61st Street, Chicago, IL 60637.
Relocation expenses are negotiable.
Internal Number: JR03930
About University of Chicago
One of the world's premier academic and research institutions, the University of Chicago has driven new ways of thinking since our 1890 founding. Today, UChicago is an intellectual destination that draws inspired scholars to our Hyde Park and international campuses, keeping UChicago at the nexus of ideas that challenge and change the world.