Director, Information Security

Director, Information Security

Office of Information Technology

Brown University

The Director of Information Security in the Office of Information Technology (OIT) is a senior leadership role within Brown University’s Information Security Group (ISG). Reporting to the Chief Information Security Officer (CISO), the Director provides strategic and operational oversight for three critical pillars of the University’s cybersecurity program:
Security Engineering, Security Operations, and Information Compliance & Risk.

Responsibilities:

• Provide operational continuity in the absence of the CISO.
• Translate institutional vision into actionable plans, ensuring that Brown’s digital assets are protected through robust engineering.
• Manage security incidents with precision.
• Maintain a rigorous posture regarding IT risk and regulatory compliance.
• Liaise between technical practitioners, university leadership, and administrative departments, including the Office of General Counsel and Brown Risk, Audit, and Compliance teams.
• Foster a culture of continuous improvement and proactive risk management.
• Respond promptly to alerts and provide backup support when alerted.
• Occasional travel to the Providence, RI campus for on‑site leadership meetings or incident management.

• Bachelor’s degree required.
• 10+ years of combined IT and IT security experience, with at least 3 years in a significant leadership role.
• Proven management experience providing strategic oversight and mentorship to multidisciplinary technical teams.
• Experience with security operations, incident response, and security engineering.
• Knowledge of privacy regulations such as GDPR, CCPA, FERPA, HIPAA preferred.
• Industry certifications such as CISSP, CISM, CISA, or equivalent preferred.
• Experience with vulnerability management and security architecture.
• Experience with cloud security (Azure, GCP, AWS) preferred.

• Strong leadership and team‑building skills.
• Ability to manage multiple priorities in a dynamic environment.
• Excellent verbal and written communication skills.
• Strong analytical and problem‑solving abilities.
• Knowledge of compliance frameworks and regulatory requirements (NIST 800‑171 and PCI DSS).
• Ability to work effectively with diverse stakeholders across the institution.

A criminal background check and education verification is required.

Information on the benefits can be found on the Brown University website.

Brown University provides equal opportunity and prohibits discrimination, harassment, and retaliation based upon a person’s race, color, religion, sex, age, national or ethnic origin, disability, veteran status, sexual orientation, gender identity, gender expression, or any other characteristic protected under applicable law, in the administration of its policies, programs, and activities. The University recognizes and rewards individuals on the basis of qualifications and performance.

The University maintains certain affirmative action programs in compliance with applicable law.