Fast Facts

The University of Northern Iowa is seeking a Chief Information Security Officer (CISO) to lead and develop its information security program, ensuring alignment with the university's mission while managing risks effectively.

Responsibilities: The CISO will lead the information security office, manage the security and privacy program, assess risks, oversee incident response, and foster a culture of security awareness throughout the university.

Skills: Required skills include expertise in information security, risk management, security governance, incident response, and strong interpersonal and strategic planning abilities.

Qualifications: A Bachelor's degree and at least seven years of relevant experience are required, with a preference for candidates holding a Master's degree and professional security certifications.

Location: The position is located in Cedar Falls, Iowa, and allows for a hybrid work schedule within Iowa.

Compensation: $130000 - $130000 / Annually

The Opportunity

UNI is seeking a Chief Information Security Officer (CISO) who wants to own and shape an ever-evolving institutional information security program. The CISO provides institution-level leadership for this program, reports to the Chief Information Officer, and leads the information security office within the Information Technology (IT) department. This role is responsible for setting direction for information security, managing risk in a way that supports teaching, learning, research, and operations, and building a culture where security is understood as an enabler of the university mission. The CISO works closely with campus partners to balance security, usability, and budget in a regional comprehensive setting where collaboration is essential.

Key Responsibilities

The CISO will:

• Provide institution level leadership for UNI’s information security and privacy program, including strategy, governance, and day to day operations of the information security office.
• Identify and assess information security, privacy, and technology risks and recommend and implement standards, control frameworks, and processes that support teaching, learning, research, and operations in a regional comprehensive university setting.
• Design and maintain a modern security architecture across networks, systems, applications, cloud services, and data platforms, aligned with university policies, Board of Regents expectations, and applicable regulatory and contractual requirements.
• Oversee identity and access management, including account lifecycle, multi factor authentication and authorization, privileged access, and related governance and controls.
• Lead incident monitoring, detection, investigation, and response, including post incident reviews that drive continuous improvement and realistic risk reduction. Significant incidents may occasionally require leadership and coordination outside standard business hours.
• Partner with IT units and campus leaders to embed security and privacy requirements into technology planning, solution design, procurement, and change management, including vendor and third-party technology risk, digital accessibility, and AI related initiatives.
• Develop and champion security awareness and education efforts for the university community and provide consulting support so departments and IT staff can implement secure, practical solutions.
• Lead, coach, and develop a collaborative, customer focused security team and build strong partnerships with IT units, colleges, divisions, and administrative offices.
• Participate in and help lead information security governance processes, manage designated budgets, recommend tools and services, and represent UNI with Regents partners, peer institutions, government entities, auditors, insurers, and relevant professional organizations.

About You

Required Qualifications

• Bachelor’s degree, preferably in information technology, computer science, information systems, cybersecurity, business, or a related field.
• At least seven years of progressive experience in information security, risk management, or closely related IT leadership roles, including experience leading or serving as a primary owner for one or more major components of an enterprise or institutional information security program.
• Demonstrated experience leading information security work that includes most of the following: security governance, risk assessment, incident response, identity and access management, vendor and third-party technology risk, security policy development, and security architecture or design.
• Strong interpersonal communication, relationship building, change leadership, and strategic planning skills.
• Experience working in a complex, decentralized organization and building strong relationships and influence across diverse stakeholders.

Preferred Qualifications

• Master’s degree in a related field.
• Professional security certifications such as CISSP, CISM, CRISC, or equivalent.
• Experience in higher education, public sector, or another complex nonprofit institution.
• Experience with cloud security, vendor and third-party risk management, and budget management.
• Experience partnering on or supporting technology aspects of digital accessibility and responsible AI use, or a clear interest in learning and leading in these areas.
• Experience with network and systems security architecture and analysis and familiarity with regulatory and compliance frameworks such as FERPA, GLBA, HIPAA, PCI DSS, CMMC, or similar standards.

Position Details:

Job Category: Professional and Scientific

Type of Position: Annual

Service Schedule: Calendar Year

This position is eligible for a hybrid schedule. Remote work must be performed within the state of Iowa. Employees who elect remote work must comply with the requirements of our remote work policy and agreement.

Application Instructions: All application materials received by December 10, 2025, will be given full consideration. To apply for this position, please click on “Apply” and complete the Employment Application. The following materials must be attached when applying:

1) Resume

2) Cover Letter

You will be presented with the opportunity to attach multiple documents when completing the application. Before submitting your online job application, ensure that ALL required materials listed above have been uploaded. Once your job application has been submitted, you cannot make changes. If you have questions regarding this application process, please email [email protected] or call 319-273-2422.

UNI is an Equal Opportunity/Affirmative Action employer. The University encourages applications from persons of color, women, individuals living with disabilities, and protected veterans. All qualified applicants will receive consideration for employment without regard to age, color, creed, disability, ethnicity, genetic information, marital status, national origin, political affiliation, pregnancy, race, religion, sex, sexual orientation, veteran or military status, or on any other basis protected by federal and/or state law.

The University offers an excellent benefits package including a vacation plan, employer sponsored retirement plans, health and dental insurance, and life and disability insurance. Benefits package details can be viewed at https://careers.uni.edu/benefits . Application materials received by 12/10/2025 will be given first consideration. For more information or to apply, visit https://careers.uni.edu/ . Criminal and other relevant background checks required. UNI is a tobacco free campus.