Director of Information Security

Current Employees: If you are currently employed at any of the Universities of Wisconsin log in to Workday to apply through the internal application process.

Position Title:

Job Category:

Employment Type:

Job Profile:

Job Duties:

POSITION SUMMARY:

The Director of Information Security is a full-time leadership role jointly serving UW-River Falls and UW-Superior. This position develops and directs strategic plans for information technology security programs to ensure effective use of resources in delivering administrative research outreach and instructional IT services. Under the general direction of the CIO at UW-River Falls with input from UW-Superiors CIO the Director is responsible for implementing and managing comprehensive security initiatives including policy development regulatory compliance risk mitigation incident response and business continuity. This role is expected to operate equally across both campuses with on-site presence required for security incidents and key activities. While the position is split 50/50 UW-River Falls serves as the home campus and its employment policies apply. Hybrid work flexibility is available and occasional after-hours response may be required.

RESPONSIBILITIES:

• Develop and direct strategic IT planning initiatives for information security across UW-River Falls and UW-Superior ensuring alignment with institutional goals and effective use of financial administrative and staffing resources

• Establish and maintain a framework for IT policy development that engages stakeholders and supports compliance with institutional state and federal regulations

• Exercises supervisory authority including hiring transferring suspending promoting managing conduct and performance discharging assigning rewarding disciplining and/or approving hours worked of at least 2.0 full-time equivalent (FTE) employees

• May develop and audit the unit budget and/or financials

• Serves as a liaison representing the interests of the unit to research propose and implement IT policies that address legal regulatory and operational needs and communicate their impact to internal and external campus stakeholders

• Frequently assists the divisions IT director in advising institutional or divisional leadership on information technology operations and business models

• Develop maintain and oversee the implementation of a comprehensive IT Security Plan that aligns with campus and Universities of Wisconsin strategic initiatives. This includes leading the dissemination of IT policies consulting with departments to ensure compliance and supporting mitigation efforts where needed to uphold institutional security standards and regulatory requirements.

• Define operational controls and benchmarks to measure and report compliance with internal and external IT security policies

• Monitor and address violations of IT security policies providing metrics and support for audits assessments and compliance reviews

• Stay current on applicable laws and regulations (e.g. FERPA HIPAA GDPR GLBA PCI WI Statute 134.98) and lead or assist in developing institutional compliance strategies

• Ensure PCI compliance in collaboration with campus business offices participating in audits and reviews

• Develop and maintain an IT Security Plan aligned with campus and Universities of Wisconsin strategic initiatives

• Define technical security standards for campus IT systems and oversee their implementation and compliance.

• Create and manage a comprehensive IT security awareness and training program including metrics for effectiveness and regulatory compliance.

• Implement risk assessment frameworks to guide leadership in evaluating and mitigating IT security risks.

• Develop test and maintain disaster recovery and business continuity plans including periodic assessments and reporting.

• Participate in relevant working groups and committees to stay informed on best practices in IT security and continuity planning.

• Design and lead IT security incident response processes including stakeholder engagement and team coordination.

• Detect and assess security incidents through monitoring and coordinate response planning with system owners and subject matter experts.

• Execute incident response plans and communicate actions and outcomes to campus leadership.

• Coordinate responses to external information requests including legal law enforcement and abuse-related inquiries.

Key Job Responsibilities:

• Developsoperating policies and procedures to comply with regulations institutional policies andunit objectives

• Directs strategic information technology planning initiatives and establishes objectives for IT functional department(s) unit(s) or program(s) to ensure appropriate use of financial administrative staffing resources in alignment with the strategic plan

• Mayperform manager functions

• Frequently assists the divisions IT director inadvisinginstitutional or divisional leadership on information technology operations and business models

• May develop and audit the unit budget and/or financials

• Servesas aliaisonrepresenting the interestsof the unit to internal and external stakeholders

• Exercises supervisory authority including hiring transferring suspending promoting managing conduct and performance discharging assigning rewarding disciplining and/or approving hours worked of at least 2.0 full-time equivalent (FTE) employees

Department:

Technology Services

Required Qualifications

• Must pass and maintain a Wisconsin DOJ CJIS fingerprinted background check within six months of hire.

• Bachelors degree in information security computer science MIS business or a related field.

• Minimum of 3 years of progressively responsible experience in IT policy security or governance preferably in higher education.

• Strong knowledge of networking and security technologies (e.g. firewalls VPNs intrusion detection/prevention).

• Familiarity with security frameworks such as NIST ISO/IEC 27001 InCommon Assurance OWASP and COBIT.

• Deep understanding of data and security regulations relevant to higher education including FERPA HIPAA PCI GLBA GDPR CJIS and WI Statute 134.98.

• Experience leading Information Security Incident Response Teams and coordinating multi-disciplinary responses.

• Ability to collaborate with IT and OT teams across campuses providing governance and setting strategic priorities.

• Skilled in leading audit and compliance teams ensuring coordinated and risk-aware responses.

• Proficient in implementing organizational change using IT project management principles.

• Strong leadership in forming and guiding cross-functional teams through process and organizational change.

• Ability to build effective partnerships across diverse departments and business units.

• Capable of articulating strategy and presenting plans to executive leadership.

• Effective in managing competing priorities and maintaining focus under pressure.

• Self-directed with the ability to balance priorities across two institutions reduce redundancy and report activities clearly.

• Up-to-date knowledge of current information security risks and threats in higher education.

Preferred Qualifications:

• Five or more years of progressive experience in IT policy security or governance ideally in higher education.

• Information security certification preferred (e.g. CISSP CISM GSEC).

• Hands-on technical background in software development system administration or network management.

• Experience in organizational management and business analysis including financial and HR decision-making.

• Direct experience with compliance and policy related to FERPA HIPAA PCI GLBA and similar regulations.

• Proven ability to conduct independent technical investigations and produce detailed reports and presentations.

• Familiarity with Wisconsin Open Records law and coordination with legal counsel on subpoenas and data requests.

• Knowledge of system logging monitoring tools and dashboard/report development for various audiences.

• Strong understanding of disaster recovery business continuity and preparedness strategies.

• Experience with IT governance and service management frameworks such as MOF or ITILv3.

How to Apply:

Applicants are required to apply online. UWRF will not consider paper emailed or faxed applications. Applicants are required to provide:

• Resume

• Letter of interest specifying qualifications and experience (cover letter)

Initial review of applications will begin upon receipt. For full consideration applicants should submit all required materials on or before November 2 2025.

Employees receive excellent benefits including exceptionally low-cost comprehensive health dental and vision benefits; employer match of Wisconsin Retirement System contributions of 6.95%; an attractive amount of paid leave per year in addition to paid sick leave. To learn more about our benefits go to:
Falls does not offer H-1B or other work authorization visa sponsorship for this position. Candidates must be legally authorized to work in the United States at the time of hire and maintain work authorization throughout the employment term. If you have questions regarding this please contact Human Resources at .

Contact Information:

Inquiries should be addressed to:
James Williams

Search Chair

Confidentiality of Applicant Materials

The Universities of Wisconsin will not reveal the identities of applicants who request confidentiality in writing except that the identity of the final candidates may be released. See Wis. Stat. sec. 19.36(7).

Title IX Notice

As required by Title IX and federal regulations UW-River Falls does not discriminate on the basis of sex in its education programs or activities including in admission and employment. Questions about the application of Title IX may be referred to UWRFs Title IX Coordinator at; the Department of Educations Office for Civil Rights; or both. For more information please see Background Check and Reference Check Policy

Employment will require a criminal background check. It will also require you your most recent employer and all previous Universities of Wisconsin institutions and State of Wisconsin agency employers from the past seven (7) years to answer questions regarding sexual violence and sexual harassment per Universities of Wisconsin Administrative Policy 1275.

Annual Security and Fire Safety Report (Clery Act)

The Annual Security and Fire Safety Report which includes statistics about reported crimes and information about campus security policies can be viewed at call University Police at for a paper copy.

Reasonable Accommodations

UW-River Falls provides reasonable accommodations for applicants and employees with disabilities. Employment opportunities will not be denied because of the need to make reasonable accommodations for a qualified individual with a disability. If you need assistance or an accommodation in applying because of a disability contact or .

Academic Freedom & Freedom of Expression

The University is committed to academic freedom and freedom of expression and provides all members of the University community the broadest possible latitude to explore ideas and to speak write listen challenge and learn pursuant to Regent Policy Document 4-21 Commitment to Academic Freedom and Freedom of Expression.

UW is an Equal Opportunity Employer
Qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin age pregnancy disability status as a protected veteran or any other bases protected by applicable federal or State law and UW System policies. We are committed to building a workforce that represents a variety of backgrounds perspectives and skills and encourage all qualified individuals to apply.