Position Details
Job Title: Director & Chief Information Security Officer
Position Number:
Location: Rogers Park-Lake Shore Campus, Department: Technology Services, Location Code: Information Security and Compliance
Work Modality: Hybrid - 4 In-Person
Job Type: Full-Time - Exempt (FLSA)
Position Overview
The Director & Chief Information Security Officer (CISO) will oversee the development, implementation, and use of information security and cybersecurity resources and practices throughout the organization. This role guides the university’s strategic IT initiatives to enhance productivity, efficiency, and security.
General Responsibilities
- Strategic Oversight: Develop and implement an IT strategy aligned with the organization’s business goals and objectives, ensuring efficient and secure operation of all IT systems and processes.
- Leadership and Management: Lead and manage the IT department and/or unit, including hiring, training, and developing IT staff. Foster a culture of innovation, collaboration, and continuous improvement.
- Innovation and Emerging Technologies: Stay current with industry trends and emerging technologies, evaluate their potential impact on the organization and recommend strategic investments.
- Budgeting and Cost Control: Develop and manage the UISO’s budget, ensuring cost-effective use of resources and adherence to financial goals.
- Compliance and Risk Management: Ensure the organization’s IT systems comply with relevant regulations and standards, managing risks associated with technology use.
- Relationship Management: Establish and maintain relationships with IT vendors and service providers, negotiating contracts and ensuring the delivery of quality services.
Position Specific Responsibilities
- Provide strategic and operational leadership of all functions for the University Information Security Office (UISO).
- Demonstrate a commitment to Loyola’s mission and strategy by supporting the ITS core values of service excellence for university strategic initiatives and continuous development/improvement.
- Develop and implement plans to ensure institutional compliance with applicable laws, regulations and requirements related to information security.
- Create and manage the university’s information security program and establish relevant security metrics.
- Act as an independent reviewer to ensure that technology compliance issues and concerns within Loyola University Chicago are appropriately evaluated, investigated and resolved.
- Coordinate the creation, testing and execution of business continuity and disaster recovery plans across the Loyola University Chicago departments and schools.
- Communicate regularly in writing and in-person to end users and resource contributors about the state of information security, security expectations and ongoing information risk status.
- Identify staff development/training plans, as well as succession planning, for the UISO staff.
- Participate in relevant professional activities, including involvement in university-wide and external professional organizations.
- Perform other duties as required.
Minimum Education and/or Work Experience
- Master’s degree in Management Information Systems, Computer Science or Engineering or equivalent experience.
- At least 10 years of experience in information security and/or network/security management.
- At least 7 years of experience in managing information security, technology risk or compliance personnel.
- Proven experience with technology risk assessment and regulatory compliance, such as FERPA, GLBA, HIPAA, PCI DSS, DMCA, GDPR, Illinois Personal Information Protection Act, and similar regulations.
- Familiarity with security concepts such as defense-in-depth, the principle of least privilege, access controls, risk management, and mitigating controls required.
- Demonstrated skills related to business continuity and disaster recovery planning.
- Experience in Higher Education is a plus, but not required.
- Experience with IT frameworks such as NIST or the ISO 27000 series is a plus, but not required.
Qualifications
- Language Ability: Excellent communication (oral, written, presentation), interpersonal and consultative skills to work effectively with vendors, clients, peers, and ITS management and staff.
- Core Consulting Skills: Business writing, presenting, and analytic comparisons.
- Technical Communication: Ability to communicate technical concepts and solutions to both technical and non-technical audiences.
- Computation Ability: Strong analytical and problem-solving skills.
- Reasoning Ability: Detail oriented, results focused, supports change management initiatives. Generates creative solutions, identifies and resolves problems in a timely manner, gathers and analyzes information skillfully, and develops alternative solutions.
- Interpersonal: Strong work ethic, ability to work independently and in team settings. Maintains confidentiality and follows university data security policies. Demonstrates commitment to diversity and ethical conduct.
- Organizational Skills: Supports organization’s goals and values, develops strategies, adapts to changing conditions, includes appropriate people in decision-making, and has strong administrative ability.
- Certificates/Credentials/Licenses: CISSP or CISM certification required. GIAC certifications are a plus.
- Computer Skills: Competence in network and web application firewalls, intrusion prevention, security monitoring, multi-factor authentication, data loss prevention, data encryption/transfer, email and end-user security, log management, and security incident and event management technologies. Proficient in Microsoft applications.
Employment Terms
Salary Range: $160,000 to $180,000 per annum (dependent on experience and qualifications).
Open Date: 04/15/2026
Equal Opportunity Employer
Loyola adheres to all applicable federal, state, and/or local civil rights laws and regulations prohibiting discrimination in private institutions of higher education. Please see the University’s Nondiscrimination Policy.
#J-18808-Ljbffr