Under supervision, implement and operate security controls to minimize risk to physical and logical assets of the Biological Sciences Division (BSD) at the University of Chicago and continue to improve efficiencies for the management of all the BSD Information Security program elements in a consistent manner to ensure the confidentiality and integrity of BSD sensitive information. The Risk Management Security Administrator identifies and evaluates risks to the organization, develops policies and procedures to lower identified risk.
Perform risk assessments on mission critical information systems or business processes.
Identify and document information security vulnerabilities and risks.
Develop remediation plans to address identified risks and vulnerabilities.
Facilitate risk management governance meetings to gain organizational approval of remediation plans.
Track progress on remediation of identified risks and vulnerabilities and provide appropriate reporting.
Develop security policies, standards, procedures, checklists, and guidelines tailored to meet the requirements of the organization.
Analyze and understand threat intelligence information and how it might impact the organization.
Ability to respond to changing priorities, and operate effectively in a dynamic demand-based environment, requiring extreme flexibility and responsiveness.
Ability to weigh business needs against security concern
Ability to conceptualize a course of action and to organize for the successful completion of that action critical, often under tight deadlines.
Ability to present information in a consistent and concise manner.
Ability to communication in a personally effective and socially appropriate manner.
Bachelor of Science in a related field such as Computer Science, Information Science and Security OR four (4) years of substantial related professional experience
Certified Information Systems Auditor (CISA), Certified Information System Security Professional (CISSP) or CompTIA Advanced Security Practitioner (CASP) preferred
Basic knowledge of cyber security with one or more of the following security frameworks, FISMA, HIPAA, NIST
Basic knowledge of quantifying and qualifying security risks
Basic knowledge in Information Technology with a focus on cyber security
Basic knowledge of Governance Risk and Compliance technology
Basic knowledge of one or more of the following technologies: Qualys, Rapid7, Nessus
Direct experience providing customer service
The University of Chicago is an Affirmative Action/Equal Opportunity/Disabled/Veterans Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national or ethnic origin, age, status as an individual with a disability, protected veteran status, genetic information, or other protected classes under the law. For additional information please see the University's Notice of Nondiscrimination.
Staff Job seekers in need of a reasonable accommodation to complete the application process should call 773-702-5800 or submit a request via the Applicant Inquiry Form.
The University of Chicago's Annual Security & Fire Safety Report (Report) provides information about University offices and programs that provide safety support, crime and fire statistics, emergency response and communications plans, and other policies and information. The Report can be accessed online at: securityreport.uchicago.edu. Paper copies of the Report are available, upon request, from the University of Chicago Police Department, 850 E. 61st Street, Chicago, IL 60637.
Internal Number: JR00520
About University of Chicago
One of the world's premier academic and research institutions, the University of Chicago has driven new ways of thinking since our 1890 founding. Today, UChicago is an intellectual destination that draws inspired scholars to our Hyde Park and international campuses, keeping UChicago at the nexus of ideas that challenge and change the world.