Information Security Director
The University of Pennsylvania, the largest private employer in Philadelphia, is a world-renowned leader in education, research, and innovation. This historic, Ivy League school consistently ranks among the top 10 universities in the annual U.S. News & World Report survey. Penn has 12 highly-regarded schools that provide opportunities for undergraduate, graduate and continuing education, all influenced by Penn’s distinctive interdisciplinary approach to scholarship and learning.
Penn offers a unique working environment within the city of Philadelphia. The University is situated on a beautiful urban campus, with easy access to a range of educational, cultural, and recreational activities. With its historical significance and landmarks, lively cultural offerings, and wide variety of atmospheres, Philadelphia is the perfect place to call home for work and play.
The University offers a competitive benefits package that includes excellent healthcare and tuition benefits for employees and their families, generous retirement benefits, a wide variety of professional development opportunities, supportive work and family benefits, a wealth of health and wellness programs and resources, and much more.
Information Systems & Computing (ISC) is the University of Pennsylvania’s central IT organization, providing infrastructure and services upon which Penn’s numerous Schools and Centers build their unique tools and capabilities. ISC’s 270-plus employees work closely with the University’s IT organizations in order to create, deliver and support products and services that help Schools and Centers operate efficiently and effectively. We strive to be easy to work with, and to serve as a trusted advisor to Penn’s IT community, faculty, staff and students in support of an environment of discovery and progress. ISC’s focus on customer service and the high-quality, cost-effective, reliable implementation of modern IT solutions advances the mission of the University, as well as that of each individual School and Center. At Penn, technological freedom and departmental autonomy represent dearly held core values. ISC supports those ideas by providing foundational services and cogent counsel, empowering individuals and departments to employ their distinct strengths in support of their goals. Over the course of nearly three decades, ISC has helped constituents connect and thrive in an ever-changing technology environment. This rich base of experience allows us to respond to client, marketplace and economic needs in order to improve and optimize delivery, ensure the satisfaction of those who depend on our services, and consistently deliver lasting value to the broader University community. https://www.isc.upenn.edu/
Reporting to the CIO and VP for IT, oversee, coordinate, document and monitor the information security program for Information Systems and Computing (ISC), including the development of security standards, policies, guidelines, processes, best practices, and architecture to enhance the security of ISCs information assets. Oversee the development and delivery of security education to ISC staff on security policies and best practices.
Establish, and monitor compliance with, standard security architecture for ISC systems, networks, applications and data in accordance with industry best practices. Coordinate with other members of ISC to develop options and recommend approaches to prevent and respond to security related vulnerabilities and incidents. Handle security incidents following established policies and procedures. Conduct regular risk assessments of ISC digital assets and proactively make recommendations that enhance the effectiveness of ISC’s security and privacy practices. Collaborate with University officials, including the Office of Audit, Compliance and Privacy and the Office of General Counsel, as needed. Work on multiple, complex initiatives as a project leader and subject matter expert. Report on trends, results, and strategies to the Vice President.
Bachelor’s degree in Computer Science, Information Systems, or other related field and a minimum of five years of work experience in IT security or an equivalent combination of education and experience. Must have strong project management skills and excellent verbal and written communication and interpersonal skills. Must be able to work independently, as well as part of a team and effectively lead and collaborate with others.
Penn adheres to a policy that prohibits discrimination on the basis of race, color, sex, sexual orientation, gender identity, religion, creed, national or ethnic origin, citizenship status, age, disability, veteran status, or any other legally protected class.