Department

BSD ISO - Blue Team

Job Summary

With partnership and collaboration from leaders and stakeholders, implement and operate security controls to minimize risk to physical and logical assets of the Biological Sciences Division (BSD) at the University of Chicago and continue to improve efficiencies for the management of all the BSD Information Security program elements consistently to ensure the confidentiality and integrity of BSD sensitive information. The Cyber Defense Security Architect deploys security defense technology, manages existing security infrastructure, and responds to cybersecurity incidents with a proactive approach.

Responsibilities

• Automate Windows, Linux, and macOS patch management programs to ensure timely and effective mitigation.

• Monitor organizational assets and security defenses for cybersecurity risks, including proactive identification, assessment, and mitigation.

• Lead and champion business process analyses and recommends process and infrastructure improvements.

• Lead and manage the unit’s vulnerability management program, overseeing vulnerability assessment, remediation efforts, and ongoing improvement of security posture.

• Conduct scheduled and ad hoc security audits, run vulnerability scans, and ensure rigorous compliance with institutional security policies and regulatory requirements.

• Analyze log data, using a SIEM, performing traffic and data flow analysis to detect cyber-attacks and suspicious activities.

• Lead incident response operations, including recovering from security incidents using a standard workflow that limits damage, reduces recovery time, and minimizes cost.

• Deploy, configure, and manage security infrastructure (Ex, Lock Path, Rapid 7, Qradar, BigFix, and CrowdStrike).

• Lead and coordinate escalations and follow-ups to ensure timely and successful resolution of issues.

• Facilitate post-incident reviews and lessons learned for security incidents and root cause analysis for operational deficiencies with security infrastructure (e.g., system outages, etc.).

• Develop, maintain and enhance the incident response playbook, standard operating procedures, and documentation to ensure operational readiness and resilience across all security functions.

• Lead, foster, and facilitate cross-departmental and cross-enterprise collaboration to resolve complex challenges, ensuring timely and effective communication between stakeholders.

• Serve as a trusted advisor in proactively identifying opportunities to streamline operations and enhance efficiency through systems.

• Partner with unit and BSD leadership to lead and support transformational projects as needed.

• With a deep appreciation for the BSD mission, vision, values, and culture, provides excellent service to clients, enabling them to advance mission critical activities and focus on their core work and outcomes.

• Uses depth and breadth of IT expertise to develop and implement security and compliance policies, guidelines, and safe practices for university-wide computing and networking systems.

• Leads teams to conduct in-depth information technology risk assessments; makes recommendations and designs improvements to IT security procedures.

• Solves complex problems relating to user security needs and supports the implementation of procedures to accommodate them. Ensures that user community understands and adheres to necessary procedures to maintain security.

• Performs other related work as needed.

Minimum Qualifications

Education:

Minimum requirements include a college or university degree in related field.

Work Experience:

Minimum requirements include knowledge and skills developed through 7+ years of work experience in a related job discipline.

Certifications:

Certified Information Systems Security Professional (CISSP) - International Information System Security Certification Consortium, SANS GIAC Certification - Global Information Assurance Certification

---

Preferred Qualifications

Education:

• Bachelor of Science in a related field such as Computer Science, Information Science, and Security is strongly preferred.

Experience:

• A minimum of four years of experience in Information Technology is strongly preferred.

• Advanced experience utilizing one or more of the following technologies: CrowdStrike, Qradar, Rapid7, BigFix, and JAMF.

• Advanced experience in handling incidents and responding to cyber threats.

​Preferred Competencies

• Ability to respond to changing priorities and operate effectively in a dynamic, demand-based environment, requiring extreme flexibility and responsiveness.

• Ability to weigh business needs against security concerns.

• Ability to conceptualize a course of action and to organize for the successful completion of that action is critical, often under tight deadlines.

• Ability to present information consistently and concisely.

• Ability to communicate in a personally effective and socially appropriate manner.

• Advanced knowledge in performing server and application administration.

• Advanced knowledge of data communication concepts and network/software configuration management.

• Advanced experience providing customer service.

• Ability to communicate in writing.

• Ability to communicate orally.

• Ability to condense complicated issues into simple summaries that can be understood by a variety of constituents.

• Ability to create and deliver presentations.

• Ability to develop and manage interpersonal relationships.

• Ability to exercise absolute discretion regarding confidential matters.

• Ability to follow written and/or verbal instructions.

• Ability to give directions.

• Ability to handle sensitive matters with tact and discretion.

• Ability to handle stressful situations.

• Ability to learn and develop skills.

• Ability to maintain a high level of alertness.

• Ability to pay attention to detail.

• Ability to perform multiple tasks simultaneously.

• Ability to prioritize work and meet deadlines.

• Ability to react effectively, quickly, calmly, and rationally during conflicts and emergencies.

• Ability to train or teach others.

• Ability to work effectively and collegially with little supervision or as a member of a team.

• Ability to work independently.

• Ability to work with frequent interruptions.

• Ability to work with people from diverse cultures and backgrounds.

• Active listening skills.

• Critical thinking skills.

• Decision-making skills.

• Editing and proofreading skills.

• Independent motivation.

• Interpersonal skills.

• Organizational skills.

• Planning skills.

• Problem-solving skills.

• Quantitative and analytical skills.

• Reasoning skills.

• Time management skills.

Working Conditions

• Office Environment.

Application Documents

• Resume (required)

• Cover Letter (preferred)

The University of Chicago uses AI-assisted tools to streamline and augment some recruitment processes; however, AI is not used to make hiring decisions.

When applying, the document(s) MUST be uploaded via the My Experience page, in the section titled Application Documents of the application.

Job Family

Information Technology

Role Impact

Individual Contributor

Scheduled Weekly Hours

40

Drug Test Required

No

Health Screen Required

No

Motor Vehicle Record Inquiry Required

No

Pay Rate Type

Salary

​
FLSA Status

Exempt

​
Pay Range

$130,000.00 - $170,000.00

The included pay rate or range represents the University’s good faith estimate of the possible compensation offer for this role at the time of posting.

Benefits Eligible

Yes

The University of Chicago offers a wide range of benefits programs and resources for eligible employees, including health, retirement, and paid time off. Information about the benefit offerings can be found in theBenefits Guidebook.