Brandeis University is hiring for the position of Director, Information Security. The Director of Information Security is responsible for developing, implementing, and managing the universityâ™s information security program. This role ensures that institutional information assets, technology systems, and data are protected through policy, governance, risk management, technical controls, incident response, and security awareness. The Director leads cybersecurity personnel and collaborates with campus stakeholders to ensure adherence to regulatory and contractual requirements. The position works closely with academic and administrative leadership to balance security needs with the universityâ™s mission of research, teaching, and openness, and operates under the leadership of the Associate CIO to help define Brandeisâ™ institutional risk posture. 

Core Responsibilities:

• Function 1 â” Information Security Program Leadership, Governance, and Risk Management (35%) Develops, implements, and manages the universityâ™s information security program including policies, standards, governance, and risk management activities. Serves as the primary ITS liaison to General Counsel, Risk Management, Internal Audit, and Public Safety on matters related to information security, compliance, and incident coordination. Prepares materials and provides updates for the Board of Trustees Risk and Audit Committee in coordination with the Associate CIO or CIO. Works closely with Identity and Access Management on authentication and authorization standards, while IAM operations remain under a separate reporting structure.

• Function 2 â” Cybersecurity Operations, Threat Response, and Resilience (25%) Leads cybersecurity operations including threat monitoring, vulnerability management, and incident detection and response. Contributes security requirements and risk evaluations to business continuity and disaster recovery planning, including review of backup protection standards, cyber-resilience practices, and tabletop exercises. Coordinates with external partners such as law enforcement, government agencies, and incident-response organizations when required during major security events. Collaborates with Networking and Systems on infrastructure hardening standards, logging requirements, and review of changes with security impact.

• Function 3 â” Regulatory Compliance, Risk Management, and Vendor Security (15%) Ensures regulatory, contractual, and compliance obligations are met, including FERPA, GLBA, state privacy laws, federal research security mandates, and other applicable standards. Oversees third-party vendor security assessments for procurement, contracting, and SaaS adoption, ensuring appropriate risk evaluation and mitigation. Supports development of research security controls and compliance frameworks in partnership with the Office of Research Administration and relevant federal guidelines.

• Function 4 â” Campus Engagement, Security Advising, and Stakeholder Partnership (15%) Advises university leadership, faculty, researchers, and administrative units on security risks, emerging threats, and mitigation strategies that support secure teaching, research, and business operations. Builds strong partnerships with campus stakeholders to promote secure technology practices and integrate security considerations into institutional planning and decision-making.

• Function 5 â” Security Awareness, Community Education, and Outreach (10%) Develops and delivers campus-wide security awareness, training, and outreach programs tailored to faculty, researchers, students, and staff. Promotes a culture of shared responsibility for cybersecurity across the institution.

The hiring range for the position is $160k-$174.8k.

Job Requirements:

• Bachelor's degree required. Master's degree preferred.

• 8+ years of experience required with 3-5 years of supervisory experience

• Knowledge of information security principles, risk management, compliance requirements (for example FERPA, GLBA), and cybersecurity frameworks (such as NIST or CIS Controls). Strong communication and collaboration skills with the ability to work with technical and non-technical stakeholders

• Responsible for directing work, assigning priorities, and conducting performance reviews for cybersecurity staff.

• Requires the ability to drive. Requires the ability to lift 50 pounds.

• May provide input on hiring, corrective action, and other employment decisions. This position makes decisions related to cybersecurity risk, incident response, and the implementation of technical and administrative security controls. The role provides recommendations to senior leadership on emerging threats, compliance obligations, and risk mitigation strategies and coordinates with legal, audit, research, and IT units on security-related matters.

• The position requires discretion, sound judgment, and the ability to balance institutional mission needs with security and compliance requirements.

About Brandeis University

As a medium-sized private research university with global reach, we are dedicated to first-rate undergraduate education while making groundbreaking discoveries. Four major academic units with 3,600 undergraduates and 2,050 graduate students comprise the University: the College of Arts and Sciences, the Heller School for Social Policy and Management, the International Business School, and the Rabb School of Continuing Studies. In 1985, Brandeis was elected to membership in the prestigious Association of American Universities (AAU), which represents the 62 leading research universities in the United States and Canada. Brandeis has been ranked among the top 35 national universities by U.S. News & World Report every year since the rankings’ inception. Our 235-acre campus is located in the suburbs of Boston, a global hub for higher education and innovation. Our faculty are leaders in their fields, as passionate about teaching and mentorship as they are about pushing the boundaries of knowledge. Our students are motivated, compassionate, curious and open to exploring new and challenging experiences. Brandeis was founded in 1948 as a nonsectarian university under the sponsorship of th...e American Jewish community to embody its highest ethical and cultural values and to express its gratitude to the United States through the traditional Jewish commitment to education. By being a nonsectarian university that welcomes students, teachers and staff of every nationality, religion and orientation, Brandeis renews the American heritage of cultural diversity, equal access to opportunity and freedom of expression.

Show more

Show less

Connections working at Brandeis University