The Center for Translational Data Science at the University of Chicago is a research center pioneering the discipline of translational data science to advance biology, medicine, and environmental research. We architect ecosystems of large-scale commons of research data, computing resources, applications, tools, and services for the broader research community to use data at scale to pursue scientific inquiry and accelerate discovery. These growing data commons offer petabytes of rich research data to scientists across the world.
The job uses best practices and knowledge of to develop and implement information security and identity management solutions. Guides teams to deploy new technologies and manage existing security infrastructure as well as respond to cyber security incidents. Anticipates risks to the organization and leads security penetration testing and security awareness outreach. This at-will position is wholly or partially funded by contractual grant funding which is renewed under provisions set by the grantor of the contract. Employment will be contingent upon the continued receipt of these grant funds and satisfactory job performance.
Development of diverse and impactful risk metrics.
Monitor and manage compliance of implemented enterprise information security controls.
Lead and conduct risk analysis, assessments, and security audits using internal solutions and third-party vendor partners.
Identify, implement, monitor, and lead enforcement of information security compliance, regulatory, and control frameworks.
Provide Information Security consulting and security awareness education.
Improve, monitor, and coordinate Third Party Vendor Risk Management activities.
Conduct research on information security best practices, solutions, strategies.
Develop, maintain, and lead enforcement of strong information security policy, procedures, standards, and position papers.
Develop, maintain, and lead enforcement of strong security governance of all Information Security strategy and operational process.
Plan and review annually the risks influencing the effectiveness of information security, privacy, and Information security risk management.
Represent Information Security and foster positive collaboration amongst CTDS peers, University departments, agency sponsors, and organizational partners.
Uses a deep understanding of IT expertise to develop and implement security and compliance policies, guidelines, and safe practices for university-wide computing and networking systems.
Leads teams to conduct in-depth information technology risk assessments; makes recommendations and designs improvements to IT security procedures.
Guides communications with users to understand their security needs and supports the implementation of procedures to accommodate them. Ensures that user community understands and adheres to necessary procedures to maintain security.
Performs other related work as needed.
Minimum requirements include a college or university degree in related field.
Minimum requirements include knowledge and skills developed through 5-7 years of work experience in a related job discipline.
5-7 years business/technical/information security/risk compliance experience.
Experience in information security risk analysis, auditing, compliance, policies, and overall governance and communication.
Demonstrated success implementing and Information Security control frameworks and standards such as ITIL, CIS Top 20, Soc2, GDPR, NIST CSF / 800-53, FISMA, and FedRAMP.
Strong knowledge of audit and risk management methodologies, such as COBIT, NIST 800-37/800-30, FAIR.
Experience with GRC, IAM, and risk management tools and solutions.
Experience with information security tools and solutions.
CISA, CRISC, GIAC, CISM, or CISSP certifications.
Knowledge of hybrid IT systems, networking, and cloud environments (AWS, Google, etc.).
Ability to respond to changing priorities and operate effectively in a dynamic demand-based environment, requiring extreme flexibility and responsiveness.
Ability to weigh Center, partner, and agency needs against security and risk tolerance.
Ability to conceptualize a course of action and to organize for the successful completion of that action are critical, often under tight deadlines.
Ability to present information in a consistent and concise manner.
Strong written and verbal communication skills and ability to foster collaborative working relationships.
Cover Letter (preferred)
Internal Number: JR10394
About Biological Sciences Division - University of Chicago
The Biological Sciences Division (BSD) is the largest unit of the University. Established in 1930, the BSD is comprised of faculty from the clinical and basic sciences. In this unique academic community, a unified division delivers undergraduate, graduate, medical, and postgraduate education in the biological sciences together with outstanding patient care and world-renowned research. The BSD currently includes approximately 135 faculty in the 10 basic science departments, over 800 faculty in 13 clinical departments, and 2400 staff members. The BSD includes the Pritzker School of Medicine (PSOM), approximately 24 academic units, degree-granting committees, and research centers and institutes. The BSD is located on the University's main campus in Hyde Park, 20 minutes south of downtown Chicago.