Information Security Architect

Department

F&A ITS - Information Security

About the Department

ITS collaborates with campus partners to support the mission of the University of Chicago through the consistent delivery of high-quality solutions and services.   We provide secure, stable, and reliable infrastructure and applications to support the mission of the University.   We support and enable faculty research and teaching with the effective use of technology.   We simplify the technology experience for faculty, students, alumni, and staff, and we ensure technology is mobile-friendly and accessible.   We identify, manage, and mitigate the technology risks of the University.

Job Summary

The University of Chicago Information Technology Services is seeking an Information Security Architect to join our Information Security team. The Information Security Architect oversees enterprise security architecture and information security governance; assesses risk, compliance, and control effectiveness; collaborates with stakeholders across the institution to provide technology solutions and promote security awareness; and oversees the security monitoring infrastructure. This role requires expert technical knowledge, strong collaboration and leadership skills, and a deep understanding of the University's technology, culture, and academic mission. This position reports directly to the Director of Information Security, and works alongside the Security Operations and Engineering, Information Assurance, and Identity and Access Management teams.

Responsibilities

• Designs and oversees the University's enterprise security architecture, ensuring alignment with research requirements, administrative operations, and educational technology needs.
• Develops and maintains security policies, standards, procedures, and guidelines that provide robust protection, ensure compliance with industry best practices and regulatory requirements, and meet the unique needs of an academic environment.
• Leads cross-functional teams to conduct in-depth information technology risk and compliance assessments for major IT initiatives.
• Monitors and assesses the effectiveness of existing security architecture, governance, and operations.
• Reviews and approves security designs for new projects and system changes.
• Provides strategic leadership and expert guidance on security trends, technologies, and services.
• Collaborates with stakeholders including researchers, administrative staff, and IT teams to understand requirements and provide solutions with appropriate security controls.
• Collaborates with higher education peers in identifying and sharing best practice solutions.
• Promotes information security awareness across the institution.
• Designs and oversees the information security and compliance monitoring infrastructure.
• Provides technical leadership for all phases of the incident response lifecycle.
• Monitors threat intelligence and emerging security trends to ensure the University's security posture remains robust and adaptive.
• Uses depth and breadth of IT expertise to develop and implement security and compliance policies, guidelines, and safe practices for university-wide computing and networking systems.
• Leads teams to conduct in-depth information technology risk assessments; makes recommendations and designs improvements to IT security procedures.
• Solves complex problems relating to user security needs and supports the implementation of procedures to accommodate them. Ensures that the user community understands and adheres to necessary procedures to maintain security.
• Performs other related work as needed.

Minimum Qualifications

Education:

Minimum requirements include a college or university degree in related field.

Work Experience:

Minimum requirements include knowledge and skills developed through 7+ years of work experience in a related job discipline.

Certifications:

Certified Information Systems Security Professional (CISSP) - International Information System Security Certification Consortium, SANS GIAC Certification - Global Information Assurance Certification

• --

Preferred Qualifications

Education:

• Bachelor's degree in computer science, cybersecurity, information technology, or a relevant field.

Experience:

• Three or more years of experience as an architect in information technology.

Certifications:

• Certification demonstrating broad security industry knowledge, such as CISSP or GSEC.
• Certification demonstrating expertise in a specific technology domain, such as security architecture or cloud computing.

Technical Skills or Knowledge:

• Expertise in common security frameworks and compliance standards, including NIST CSF, NIST 800-53, NIST 800-171, HIPAA, FedRAMP, and CMMC.
• Expertise in fundamental network and communication technologies including TCP/IP, HTTP, TLS, x.509, and DMARC.
• Analyze information provided by common security tools used to monitor networks, endpoints, cloud platforms, email security, and vulnerabilities.
• Create network diagrams, threat models, data flow diagrams, and related artifacts used for risk assessment and threat analysis.
• Understanding of the Secure Software Development Lifecycle.
• Understanding of native tools provided by AWS, Azure, and GCP for monitoring, management, and compliance.
• Understanding of common threat actor tools, techniques, and procedures.
• Understanding of all phases of security incident response.

Preferred Competencies

• Diagnose complex technical problems.
• Work collaboratively and independently.
• Lead cross-functional teams.
• Handle multiple tasks and substantial deadline pressure.

Working Conditions

• Office environment.
• Sit for 4 hours or more.
• Use computers extensively for 4 hours or more.
• Handle work outside of normal business hours on a scheduled or emergency basis.
• Occasional travel for training, conferences, or special events.

Application Documents

• Resume/CV (required)
• Cover Letter (required)

When applying, the document(s) MUST be uploaded via the My Experience page, in the section titled Application Documents of the application.

Job Family

Information Technology

Role Impact

Individual Contributor

Scheduled Weekly Hours

37.5

Drug Test Required

No

Health Screen Required

No

Motor Vehicle Record Inquiry Required

No

Pay Rate Type

Salary

FLSA Status

Exempt

Pay Range

$123,250.00 - $145,000.00

The included pay rate or range represents the University's good faith estimate of the possible compensation offer for this role at the time of posting.

Benefits Eligible

Yes

The University of Chicago offers a wide range of benefits programs and resources for eligible employees, including health, retirement, and paid time off. Information about the benefit offerings can be found in the Benefits Guidebook.

Posting Statement

The University of Chicago is an equal opportunity employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender, gender identity, or expression, national or ethnic origin, shared ancestry, age, status as an individual with a disability, military or veteran status, genetic information, or other protected classes under the law. For additional information please see the University's Notice of Nondiscrimination.

Job seekers in need of a reasonable accommodation to complete the application process should call 773-702-5800 or submit a request via Applicant Inquiry Form.

All offers of employment are contingent upon a background check that includes a review of conviction history. A conviction does not automatically preclude University employment. Rather, the University considers conviction information on a case-by-case basis and assesses the nature of the offense, the circumstances surrounding it, the proximity in time of the conviction, and its relevance to the position.

The University of Chicago's Annual Security & Fire Safety Report (Report) provides information about University offices and programs that provide safety support, crime and fire statistics, emergency response and communications plans, and other policies and information. The Report can be accessed online at: http://securityreport.uchicago.edu. Paper copies of the Report are available, upon request, from the University of Chicago Police Department, 850 E. 61st Street, Chicago, IL 60637.