University of Washington
Associate Vice President and Chief Information Security Officer
Seattle, WA
Jan 23, 2025
Full-time
Full Job Description

About UW-IT and the CISO Role:

As part of the UW community, you have a unique opportunity to impact lives locally, regionally, and globally. At UW, we honor diverse experiences, perspectives, and identities, working together to build inclusive, equitable environments that advance teaching, research, and health. University of Washington Information Technology (UW-IT) is the University's central IT organization, providing essential services to support UW Bothell, UW Tacoma, UW Seattle, UW Medicine, and global research. The Associate Vice President for Information Security and Chief Information Security Officer (CISO) reports to the UW Chief Information Officer (CIO) and leads a trusted, innovative security, privacy and identity program in support of the confidentiality, integrity and availability of institutional information.

Core Responsibilities:

As AVP and CISO, you will join and contribute to an executive leadership team focused on trust, commitment, accountability, and results. Your role will be essential in strengthening and shaping this cohesive leadership team to effectively address the complex security challenges of a major research institution. You will also play a key role in fostering a culture that reflects UW-IT's core values of being invested, compassionate, and a team player, ensuring these principles guide our leadership and drive our collective success.

Combining strategic vision and technical expertise, you will drive UW-IT’s security, privacy, and identity initiatives, promoting diversity, equity, and inclusion throughout these efforts. The CISO will ensure security solutions are inclusive and accessible, considering the impact on historically marginalized communities.

The CISO leads a comprehensive program that supports decentralized units within UW’s federated structure, empowering them to assess and mitigate cyber risks. This includes implementing enterprise-wide security and privacy services, conducting threat analysis, and maintaining compliance with relevant laws and regulations. Working closely with UW leaders, the CISO develops and aligns the University’s information security and privacy strategy, oversees security policy, technology risk management, threat intelligence, and delivers security and privacy training. This position is also a key leader in incident response, partnering with federal and local law enforcement agencies, supporting the UW Facility Security Officer (FSO), and shared initiatives with UW Medicine.

As UW matures and strengthens its information security and privacy posture, the CISO will engage stakeholders to lead strategic transformation in security service delivery, realign services, optimize workforce capabilities, and support Enterprise Risk Management (ERM).  These efforts are integral to support the evolving goals of UW-IT and the University’s new technology strategic plan.

Position Complexities:

In this role, the CISO will navigate the unique complexities of a shared governance environment within a major research university, balancing the security of diverse and highly technical systems with the University's commitment to openness in knowledge sharing. Successfully integrating and securing these systems across a complex network, while protecting the University's assets, the privacy of its constituents and enabling its mission-driven operations, is essential.

To achieve this, the CISO must demonstrate strong political acumen and the ability to influence and collaborate with leaders in specialized areas like research, health, education, and cloud and network security. This role requires a unique skill set that blends strategic insight, policy development, technical security expertise, and operational leadership. Success will depend on the CISO’s ability to align stakeholders with a cohesive strategy, manage compliance with state and federal laws, and balance competing interests and priorities to secure and integrate the University's technology platforms effectively.

Position Responsibilities:

The CISO role demands strategic vision, operational expertise, and the ability to navigate the complexities of a large, dynamic educational institution.  Significant priorities for the CISO include:

  • Contribute actively to the Executive Leadership Team (ELT), fostering a collaborative, supportive, and transparent environment aligned with the team's values and the University's missions.
  • Develop and maintain strong, collaborative relationships with key external stakeholders, including University leadership, academic and administrative units, and external partners, to ensure alignment and support for UW's security and privacy goals.
  • Lead, inspire, and mentor a team of 50 information security, privacy and identity management professionals, managing a $10 million annual budget to advance UW’s security objectives.
  • Develop and oversee a comprehensive risk management program, including threat intelligence, vulnerability analysis, risk assessment, and actionable guidance for university leadership.
  • Establish and promote a strong security awareness and education program to foster a culture of security and best practices across the University.

Leadership, Strategy, and Program Development (40%):

  • Guide UW governance, operational councils, and committees on information security, ensuring cohesive and well-informed decision-making.Monitor security and privacy trends, keeping leadership updated on emerging risks and potential impacts.
  • Serve as a trusted advisor to University leaders, supporting the development, implementation, and maintenance of effective information security strategies.
  • Establish close partnership with the vice president for Risk and Compliance Services and the university’s Privacy Officer to support joint operations.
  • Identify and engage with UW departments to establish a comprehensive security and privacy infrastructure and define essential program elements.
  • Oversee the creation, refinement, and enforcement of security and privacy policies, standards, and guidelines, ensuring alignment with federal, state, and contractual requirements.
  • Supervise the monitoring and reporting of security and privacy activities, ensuring compliance with internal standards and audit requirements.
  • Advocate for infrastructure investments that strengthen security and privacy capabilities.
  • Provide oversight of staff, including performance evaluations, professional development planning, hiring, and, if needed, disciplinary actions.
  • Share functional and technical expertise to support security and privacy initiatives across the organization.
  • Collaborate with partners to design and implement enterprise-wide security solutions, such as asset management, endpoint protection, data-loss prevention, and patch management.
  • Establish and enforce technical and operational standards across UW’s security and privacy landscape, ensuring compliance with all regulatory requirements.

 
Security Operations (35%)

  • Partner with key departments (e.g., UW Medicine Compliance, UW-IT, Purchasing) and stakeholders to develop, implement, and maintain a robust IT Vendor Risk Management Program.
  • Oversee the investigation of security and privacy incidents and manage associated remediation, disciplinary and/or legal actions as needed.
  • Track and drive the resolution of all UW-IT cybersecurity audit findings.
  • Monitor industry and external landscapes for emerging threats, providing strategic guidance to executive and business leaders on appropriate responses.
  • Collaborate with information security and privacy leaders across UW campuses to align efforts and ensure cohesive program implementation.
  • Work closely with other UW-IT leaders to execute and manage the delivery of enterprise-wide security and privacy services and capabilities.

External Relationships and Other Duties (25%)

  • Cultivate and maintain strategic relationships with external partners, including other universities, industry leaders, government, and law enforcement agencies, to foster collaboration and knowledge sharing in information security.
  • Represent the University of Washington at conferences and industry events to showcase its security initiatives and stay current on trends, best practices, and emerging technologies.
  • Collaborate with Washington state universities to develop joint strategies, share resources, and address shared information security challenges.
  • Engage with professional organizations and information security communities to contribute to field-wide discussions and stay at the forefront of advancements.
  • Perform other duties as assigned.

 
Supervisory Responsibilities:

Provide day-to-day oversight for team members, fostering a supportive environment that values accountability towards shared goals. Conduct annual performance reviews, incorporating personalized development plans and gathering input from colleagues who work directly and indirectly with team members. Lead efforts to interview and hire the right talent, ensuring alignment with team values and competencies. Demonstrate strong leadership by setting clear expectations and holding individuals accountable. Coaching staff on areas for improvement, addressing performance issues with clarity and compassion, and recommending disciplinary actions when necessary. Effective supervision in this role requires a balance of high emotional intelligence, clear communication, and a commitment to developing a high-performing, resilient team.

Requirements:

  • Bachelor’s degree in computer science, cybersecurity, business administration or equivalent experience.
  • 10+ years of progressively responsible information security leadership, with substantial hands-on technical experience.
  • 5+ years in a senior role, successfully managing and mentoring security teams in collaborative, highly complex, highly regulated and decentralized environments.
  • Proven ability to craft and implement security strategies that align with organizational goals and cross-functional needs.
  • Strong leadership and team-building skills, with a focus on developing resilient, high-impact teams.
  • Excellent communication skills for explaining technical concepts to non-technical stakeholders and influencing across functions.
  • Experience in budget management and vendor and service provider partnerships.

Desired:

  • Master’s degree in a relevant field.
  • Relevant industry certification in security (e.g., CISSP, CISM, CISA, CRISC, and CHPS). 
  • Project Management Professional (PMP). 
  • Experience leading technology and security teams in a decentralized organization emphasizing enabling research and development activities.

Other comments:
A satisfactory outcome from a criminal history verification may be required prior to hire.
This is an essential position and is required to report to work remotely when UW suspends operations.

Candidate Evaluation Criteria

The following criteria will be used to evaluate candidates.  Applicants are encouraged to address in their cover letters and resumes how their experience aligns with the criteria.

Criteria

Description

Security Strategy

Demonstrates understanding of higher education security challenges including unique considerations for research conduct and diverse research data protections.

Proven experience implementing enterprise or institution wide security frameworks that balance risk with operational flexibility.

Awareness or demonstrated experience in identity and access management strategies for diverse user populations.

Track record of developing effective security awareness programs in highly decentralized environment.

Security Operations

Experience managing large scale security operations, preferably in a complex, decentralized organization.

Coordinated or participated in establishing and maintaining capabilities for 24x7 monitoring and incident response capabilities.

Developed and maintained effective incident response plans.

Coordinated response to a significant security incident including engagement with various stakeholders including legal, communications, executive leadership and law enforcement.

Organizational Leadership

Led efforts to transition team skill sets to align with significant product, service or technology changes. 

Develops and implements programs to further diversity, equity and inclusion.

Implemented methods to improve career planning and align professional development strategies with employee goals and organizational needs.

Demonstrated experience in developing strategies to assess, promote, and maintain organizational health.

Leading Change

Incorporates their organization’s values in all aspects of their teams’ work.

Demonstrates and helps instills in others leadership qualities such as personal responsibility, peer accountability, and collaboration.

Welcomes and manages conflict professionally and compassionately.

Built consensus for significant change or decision requiring extensive stakeholder consultation and engagement.

Industry Knowledge

Experience working and implementing change in a complex organization with an emphasis on technology or education and research activities.

Possesses deep knowledge of regulatory compliance requirements including FERPA, HIPAA, GDPR and federal research grant requirements.

To Apply

UW-IT has retained Next Generation Leadership Partners to assist with this search. Inquiries and nominations may be made in confidence by contacting Next Generation’s Phil Goldstein phil@nextgenpartnersllc.com. Applicants should use this link to submit a resume and cover letter.  For full consideration, applications should be received by February 24th.

Conditions of Employment

The target compensation range for this position is $260,000 to $300,000.

This position functions within a hybrid work environment where the Executive Leadership Team works onsite T/W/Th weekly.

Applicants considered for this position will be required to disclose if they are the subject of any substantiated findings or current investigations related to sexual misconduct at their current employment and past employment. Disclosure is required under Washington state law.

Committed to attracting and retaining a diverse staff, the University of Washington will honor your experiences, perspectives and unique identity. Together, our community strives to create and maintain working and learning environments that are inclusive, equitable and welcoming.

 As a UW employee, you will enjoy generous benefits and work/life programs. For a complete description of our benefits for this position, please visit our website, click here.

The University of Washington is a leader in environmental stewardship & sustainability, and committed to becoming climate neutral.

The University of Washington is an equal opportunity, affirmative action employer. All qualified applicants will receive consideration without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, age, protected veteran or disabled status, or genetic information.

To request disability accommodation in the application process, contact the Disability Services Office at 206-543-6450 / 206-543-6452 (tty) or dso@uw.edu.


recblid szowymf4yczi8t7zp9l310xdktnzbo

PDN-9e093aa3-19c5-4859-9a17-cb258a95c240

Job Information
Job Category:
Other
Spotlight Employer
Related jobs
Field Technician (Gallup, NM)
Source Global, PBC
Job Title: Field Technician (Gallup, NM)Report To: Senior Field TechnicianROLE PROFILESOURCE is looking for a Field Technician (Gallup, NM) to join our team. This role will report to the Director of G...
Jan 23, 2025
Gallup, NM
AUTOMATION COORDINATOR
COUNTY OF CHESTERFIELD
Automation Coordinator Utilities Hiring Range: $83,239 - $112,372 Deadline: 11:59 p.m. Feb. 16, 2025 Chesterfield County Government is seeking an Automation Coordinator to Lead Utilities' automation s...
Jan 23, 2025
Chesterfield, VA
Principal Plant Operator – Maintenance Utilities Deadline: 11:59 p.m. February 16, 2025 Chesterfield County Government is seeking a Principal Plant Operator to perform all maintenance aspec...
Jan 23, 2025
Chesterfield, VA
©2025 Lean in Latinas.
Powered by TalentAlly.
Apply for this job
Associate Vice President and Chief Information Security Officer
University of Washington
Seattle, WA
Jan 23, 2025
Full-time
Your Information
First Name *
Last Name *
Email Address *
Zip Code *
Password *
Confirm Password *
Create your Profile from your Resume
By clicking the Apply button, you agree to the terms of use and privacy policy.
Continue to Apply

University of Washington would like you to finish the application on their website.

Ace your interview with
AI-powered interview practice

Get comfortable talking to hiring managers, receive personalized feedback on areas for improvement, sharpen your ability to answer the most common questions, and build confidence in formulating strong responses on the spot. Click the button below to begin your three free virtual interviews!