Director, Information Security

Job Description:

Director, Information Security

Office of Information Technology

Brown University

The Director of Information Security in the Office of Information Technology (OIT) is a senior leadership role within Brown University’s Information Security Group (ISG). Reporting to the Chief Information Security Officer (CISO), the Director provides strategic and operational oversight for three critical pillars of the University’s cybersecurity program: Security Engineering, Security Operations, and Information Compliance & Risk.

The Director provides critical operational continuity in the CISO’s absence. This role is responsible for translating institutional vision into actionable plans, ensuring that Brown’s digital assets are protected through robust engineering, that security incidents are managed with precision, and that the University maintains a rigorous posture regarding IT risk and regulatory compliance.

Acting as a key liaison between technical practitioners, University leadership, and administrative departments (including the Office of General Counsel and Brown Risk, Audit, and Compliance teams), the Director fosters a culture of continuous improvement and proactive risk management.

This role has technical subject matter expertise and management duties. They may be alerted for unplanned escalation or backup support at any time. They are expected to respond to alerts as appropriate.

Occasional travel to the Providence, RI campus is required for on-site leadership meetings or incident management.

Qualifications:

Education and Experience

• Bachelor's Degree required.

• 10+ years of combined IT and IT security experience, with at least 3 years in a significant leadership role.

• Proven management experience providing strategic oversight and mentorship to multidisciplinary technical teams, ensuring alignment between departmental goals and high-performance execution.

• Experience with security operations, incident response, and security engineering.

• Knowledge of privacy regulations (e.g., GDPR, CCPA, FERPA, HIPAA) preferred.

• Industry certifications such as CISSP, CISM, CISA, or equivalent preferred.

• Experience with vulnerability management, and security architecture.

• Experience with cloud security (e.g. Azure, GCP, and AWS) preferred.

Job Competencies

• Strong leadership and team-building skills.

• Ability to manage multiple priorities in a dynamic environment.

• Excellent verbal and written communication skills.

• Strong analytical and problem-solving abilities.

• Knowledge of compliance frameworks and regulatory requirements (e.g. NIST 800-171 and PCI DSS).

• Ability to work effectively with diverse stakeholders across the institution

A criminal background check and education verification is required. In addition to completing a Criminal Justice Information Services (CJIS).

Benefits of Working at Brown:

Information on the Benefits of Working at Brown can be found here.

Recruiting Start Date:

Job Posting Title:

Department:

Grade:

Worker Type:

Worker Sub-Type:

Time Type:

Scheduled Weekly Hours:

Position Work Location:

Submission Guidelines:

Please note that in order to be considered an applicant for any staff position at Brown University you must submit an application form for each position for which you believe you are qualified. Applications are not kept on file for future positions. Please include a cover letter and resume with each position application.

This position is not eligible for visa sponsorship.

Still Have Questions?

If you have any questions you may contact [email protected].

Brown is an E-Verify Employer.

EEO Statement:

Brown University provides equal opportunity and prohibits discrimination, harassment and retaliation based upon a person’s race, color, religion, sex, age, national or ethnic origin, disability, veteran status, sexual orientation, gender identity, gender expression, or any other characteristic protected under applicable law, in the administration of its policies, programs, and activities. The University recognizes and rewards individuals on the basis of qualifications and performance. The University maintains certain affirmative action programs in compliance with applicable law.