Advancement Lead, Information Security

About The Position

Requirements

• Minimum requirements include a college or university degree in related field.
• Minimum requirements include knowledge and skills developed through 5-7 years of work experience in a related job discipline.

Nice To Haves

• Major in technology, computer systems, computer science or similar major.
• Minimum five years of professional experience in nonprofit management, development, alumni relations, marketing, public relations, sales or similar field.
• Minimum two years of professional work experience in information security with emphasis on application and data security, IAM, and SaaS governance in enterprise environments.
• Related security certification, such as Security+, CISA/CISM, and CCSP.
• Demonstrated skill and knowledge of, or ability to learn quickly, the internal workings of the University as well as the technology tools available to the UChicago Advancement.
• Proficient with Salesforce permissions/security.
• Proficient with data classification.
• Proficient in planning and executing security audits and risk analysis.
• Outstanding interpersonal and communications skills characterized by the ability to listen, speak, and write effectively.
• Manage confidential information with discretion and tact.
• Act with integrity, professionalism, and confidentiality.
• Prioritize multiple projects and independently follow through with detail.
• Critically think and troubleshot.
• Work collegially and collaboratively in a team setting.
• Self-motivated and take initiative.

Responsibilities

• Uses a deep understanding of IT security expertise to develop and implement security and compliance policies, guidelines, and safe practices for Advancement-wide technology systems, run access reviews, manage change controls, coordinate incident response, and deliver security reporting across platforms.
• Leads in-depth IT risk assessments and security design for UChicago Advancement; sets and governs data and platform security standards; integrates security into the vendor/SaaS lifecycle and change control.
• Designs job-based roles and permission models, establishes the access-review cadence, and sets standards for onboarding, role changes, and offboarding with HR and IAM.
• Leads incident readiness and response across Advancement systems, maintains runbooks, coordinates incidents with ITS Security, captures evidence, and drives remediation to closure.
• Leads the security analytics and reporting function, including metrics, data sources and quality standards, dashboards, and the annual audit plan.
• Leads security training and enablement, delivers role-based training and quick guides, and manages enrollment, completion tracking, and reporting.
• Maintains Advancement security documentation and records; supports security operations with Legal and HR in coordination with ITS Security.
• Seeks opportunities for professional development that will enhance job performance including attending webinars, seminars, building networks within the University and with colleagues at peer institutions.
• Uses a deep understanding of IT expertise to develop and implement security and compliance policies, guidelines, and safe practices for university for university-wide computing and networking systems.
• Leads teams to conduct in-depth information technology risk assessments; makes recommendations and designs improvements to IT security procedures.
• Guides communications with users to understand their security needs and supports the implementation of procedures to accommodate them.
• Ensures that user community understands and adheres to necessary procedures to maintain security.
• Performs other related work as needed.

Benefits

• The University of Chicago offers a wide range of benefits programs and resources for eligible employees, including health, retirement, and paid time off. Information about the benefit offerings can be found in the Benefits Guidebook .