We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Chief Information Security Officer at NORC at the University of Chicago. Location Information: Illinois, Chicago – 55 East Monroe Street, IL, Remote, Remote. JOB SUMMARY:. Join the leadership team at NORC at the University of Chicago as our Chief Information Security Officer (CISO) in the Information Technology department. As a nationally renowned non-partisan research institute that informs decision-makers around the world, we take information security seriously. . . Guide a highly successful and critical team to new heights of achievement and excellence with your proven leadership skills, vision, and extensive management experience in information security and compliance. . . The Information Security and Compliance team sits within the larger IT department and is responsible for protecting all NORC electronic assets, writing all company security policies, maintaining all NIST 800-53 compliance documentation, and educating the company on security awareness. . DEPARTMENT: Information Technology. NORC's Information Technology program provides technology services to our staff and clients. Given the critical role technology plays in our day-to-day lives, we are committed to providing professional, high-quality solutions in order to further our collective goal of advancing social science research.​ . RESPONSIBILITIES:. . Lead all aspects of information security, compliance, and privacy, including budgeting, operations, staff management and development, strategic partnerships, and business development . . Develop short- and long-term vision and strategies to support organizational information security and align them to NORC’s overall strategic goals . . Identify and report risks to the organization; develop comprehensive recommendations to manage risk in response to organizational security and privacy threats . . Maintain an efficient vulnerability management program that identifies system vulnerabilities, and prioritizes and reports them to the system owners; monitor vendor sites for emergency patches . . Guide client security teams on new requirements, threats, and progress on outstanding issues . . Cooperate with client and independent third-party auditing teams to provide compliance documentation and evidence to auditors . . Review information security in all contracts and data use agreements as a member of the Data Governance Board . . Track state and federal legislative, technological, and societal changes in data security and privacy; identify any changes that could have an adverse impact on the collection and protection of respondent data . . Liaise across all IT teams on effective designs, processes, and procedures to sufficiently protect NORC’s data and ensure it meets all legal and contractual requirements . . Lead all data loss prevention efforts across organizational systems and devices . . Organize business continuity testing and reporting across various IT teams; ensure systems are prepared to prevent an extended systems outage . . Manage organization-wide security awareness program . . Partner with research departments on new technology relating to the collection, processing, and storing of personally identifiable information . . Collaborate with system administrators, engineers, and developers to create or update application/system/site policies, procedures, and process guides . . Devise and regularly revisit policies and procedures regarding . incident response. , business continuity planning, data loss prevention, cloud security, and privacy . . Oversee organizational system security and compliance requirements. . . REQUIRED SKILLS:. . Bachelor Degree in a related field required, advanced degree preferred . . Minimum 10 years of applicable work experience in information security and IT infrastructure . . Extensive experience maintaining security in a highly regulated environment . . Significant knowledge of the NIST 800-53 security framework or equivalent framework . . Proven track record successfully leading a strategic team across all levels of the organization . . Exceptional analytic capabilities with competency in advanced problem-solving techniques . . Ability to identify organizational risks in a timely manner and prepare appropriate action to minimize risks . . Strong record of directing IT infrastructure and security teams and managing multiple projects with competing timelines and resource demands . . Expertise in security best practice, privacy regulations, and U.S. Government FISMA and Fedramp compliance . . Outstanding collaborative work style with an emphasis on effective communications . . Strategic thinker who can simultaneously direct multiple critical projects and strategic initiatives . . Familiarity with the technologies used in all aspects of data security, compliance, and privacy. . . SALARY AND BENEFITS:. The pay range for this position is $195,000 - $325,000. . . Open to remote work. . . This position is classified as regular. Regular staff are eligible for NORC’s comprehensive benefits program. Benefits include, but are not limited to: . . . . Generously subsidized health insurance, effective on the first day of employment . . . . Dental and vision insurance . . . . A defined contribution retirement program, along with a separate voluntary 403(b) retirement program . . . . Group life insurance, long-term and short-term disability insurance . . . . Benefits that promote work/life balance, including generous paid time off, holidays; paid parental leave, bereavement leave, tuition assistance, and an Employee Assistance Program (EAP). . . . . . NORC’s Approach to Equity and Transparency . . Pay and benefits transparency helps to reduce wage gaps. As part of our commitment to pay equity and . salary. transparency, NORC includes a salary range for each job opening along with information about eligible benefit offerings. At NORC, we take a comprehensive approach to setting salary ranges and reviewing raises and promotions, which is overseen by a formal Salary Review Committee (SRC). . WHAT WE DO:. NORC at the University of Chicago is an objective, non-partisan research institution that delivers reliable data and rigorous analysis to guide critical programmatic, business, and policy decisions. Since 1941, our teams have conducted groundbreaking studies, created and applied innovative methods and tools, and advanced principles of scientific integrity and collaboration. Today, government, corporate, and nonprofit clients around the world partner with us to transform increasingly complex information into useful knowledge.. WHO WE ARE:. For over 80 years, NORC has evolved in many ways, moving the needle with research methods, technical applications and groundbreaking research findings. But our tradition of excellence, passion for innovation, and commitment to collegiality have remained constant components of who we are as a brand, and who each of us is as a member of the NORC team. With world-class benefits, a business casual environment, and an emphasis on continuous learning, NORC is a place where people join for the stellar research and analysis work for which we’re known, and stay for the relationships they form with their colleagues who take pride in the impact their work is making on a global scale.. EEO STATEMENT: . NORC is an equal opportunity employer. NORC evaluates qualified applicants without regard to race, color, religion, sex, gender, national origin, disability, status as a protected veteran, sexual orientation, and other legally protected characteristics.. . #LI-DNI. . . .