Chief Information Security Officer

Apply now Job no: 503643 Work type: Regular Full-Time Location: Chicago – 55 East Monroe Street, IL, Remote Capability Area: IT Security

JOB SUMMARY:

Join the leadership team at NORC at the University of Chicago as our Chief Information Security Officer (CISO) in the Information Technology department. As a nationally renowned non-partisan research institute that informs decision-makers around the world, we take information security seriously. 

Guide a highly successful and critical team to new heights of achievement and excellence with your proven leadership skills, vision, and extensive management experience in information security and compliance.   

The Information Security and Compliance team sits within the larger IT department and is responsible for protecting all NORC electronic assets, writing all company security policies, maintaining all NIST 800-53 compliance documentation, and educating the company on security awareness.  

DEPARTMENT: Information Technology

NORC's Information Technology program provides technology services to our staff and clients. Given the critical role technology plays in our day-to-day lives, we are committed to providing professional, high-quality solutions in order to further our collective goal of advancing social science research.​ 

RESPONSIBILITIES: Lead all aspects of information security, compliance, and privacy, including budgeting, operations, staff management and development, strategic partnerships, and business development  Develop short- and long-term vision and strategies to support organizational information security and align them to NORC’s overall strategic goals  Identify and report risks to the organization; develop comprehensive recommendations to manage risk in response to organizational security and privacy threats  Maintain an efficient vulnerability management program that identifies system vulnerabilities, and prioritizes and reports them to the system owners; monitor vendor sites for emergency patches  Guide client security teams on new requirements, threats, and progress on outstanding issues  Cooperate with client and independent third-party auditing teams to provide compliance documentation and evidence to auditors  Review information security in all contracts and data use agreements as a member of the Data Governance Board  Track state and federal legislative, technological, and societal changes in data security and privacy; identify any changes that could have an adverse impact on the collection and protection of respondent data  Liaise across all IT teams on effective designs, processes, and procedures to sufficiently protect NORC’s data and ensure it meets all legal and contractual requirements  Lead all data loss prevention efforts across organizational systems and devices  Organize business continuity testing and reporting across various IT teams; ensure systems are prepared to prevent an extended systems outage  Manage organization-wide security awareness program  Partner with research departments on new technology relating to the collection, processing, and storing of personally identifiable information  Collaborate with system administrators, engineers, and developers to create or update application/system/site policies, procedures, and process guides  Devise and regularly revisit policies and procedures regarding incident response, business continuity planning, data loss prevention, cloud security, and privacy  Oversee organizational system security and compliance requirements.  REQUIRED SKILLS: Bachelor Degree in a related field required, advanced degree preferred  Minimum 10 years of applicable work experience in information security and IT infrastructure  Extensive experience maintaining security in a highly regulated environment  Significant knowledge of the NIST 800-53 security framework or equivalent framework  Proven track record successfully leading a strategic team across all levels of the organization   Exceptional analytic capabilities with competency in advanced problem-solving techniques  Ability to identify organizational risks in a timely manner and prepare appropriate action to minimize risks  Strong record of directing IT infrastructure and security teams and managing multiple projects with competing timelines and resource demands  Expertise in security best practice, privacy regulations, and U.S. Government FISMA and Fedramp compliance   Outstanding collaborative work style with an emphasis on effective communications  Strategic thinker who can simultaneously direct multiple critical projects and strategic initiatives  Familiarity with the technologies used in all aspects of data security, compliance, and privacy.  Previous NORC experience is preferred. SALARY AND BENEFITS:

The pay range for this position is $195,000 - $325,000.  

Open to remote work.   

This position is classified as regular. Regular staff are eligible for NORC’s comprehensive benefits program. Benefits include, but are not limited to:  

Generously subsidized health insurance, effective on the first day of employment 

Dental and vision insurance  

A defined contribution retirement program, along with a separate voluntary 403(b) retirement program  

Group life insurance, long-term and short-term disability insurance 

Benefits that promote work/life balance, including generous paid time off, holidays; paid parental leave, bereavement leave, tuition assistance, and an Employee Assistance Program (EAP). 

 NORC’s Approach to Equity and Transparency  

Pay and benefits transparency helps to reduce wage gaps. As part of our commitment to pay equity and salary transparency, NORC includes a salary range for each job opening along with information about eligible benefit offerings. At NORC, we take a comprehensive approach to setting salary ranges and reviewing raises and promotions, which is overseen by a formal Salary Review Committee (SRC). 

WHAT WE DO:

NORC at the University of Chicago is an objective, non-partisan research institution that delivers reliable data and rigorous analysis to guide critical programmatic, business, and policy decisions. Since 1941, our teams have conducted groundbreaking studies, created and applied innovative methods and tools, and advanced principles of scientific integrity and collaboration. Today, government, corporate, and nonprofit clients around the world partner with us to transform increasingly complex information into useful knowledge.

WHO WE ARE:

For over 80 years, NORC has evolved in many ways, moving the needle with research methods, technical applications and groundbreaking research findings. But our tradition of excellence, passion for innovation, and commitment to collegiality have remained constant components of who we are as a brand, and who each of us is as a member of the NORC team. With world-class benefits, a business casual environment, and an emphasis on continuous learning, NORC is a place where people join for the stellar research and analysis work for which we’re known, and stay for the relationships they form with their colleagues who take pride in the impact their work is making on a global scale.

EEO STATEMENT: 

NORC is an equal opportunity employer. NORC evaluates qualified applicants without regard to race, color, religion, sex, gender, national origin, disability, status as a protected veteran, sexual orientation, and other legally protected characteristics.

#LI-DNI

 

Advertised: July 28, 2025 Central Daylight Time Applications close: August 4, 2025 Central Daylight Time

Back to search results Apply now Refer a friend

Whatsapp Facebook LinkedIn Email App