Creighton University · 4 hours ago
Director of Information Security
Omaha, NE
Full-time
Onsite
Director/Executive
10+ years expCreighton University is seeking a Director of Information Security to lead their information security initiatives. This role involves developing a comprehensive risk management program, collaborating with campus leaders, and ensuring compliance with cybersecurity regulations.
Higher Education
Responsibilities
Defines and executes the university’s multi-year information security strategy and roadmap
Establishes governance structures, policies, standards, and risk management frameworks aligned with NIST and regulatory requirements
Presents security posture, roadmap progress, and risk trends to Sr. Director of Infrastructure & Operations
Develop institutional risk models that reflect academic, clinical, and research environments
Leads the design and engineering of technical controls, including SIEM, SOAR, EDR, logging pipelines, MFA, vulnerability management, email security, and administrative privilege management
Ensures alignment with enterprise infrastructure, networking, cloud operations, and data governance teams
Ensures cybersecurity compliance for HIPAA-aligned clinics, academic research, financial systems, and federal reporting requirements
Leads security components of internal and external audits
Creates institutional documentation, controls matrices, and evidence packages aligned with regulatory frameworks and accreditation needs
Develops institution-wide security training, awareness campaigns, and behavior-based education programs
Builds strong relationships with colleges, schools, and clinical programs to support secure and compliant environments
Encourages a campus culture of shared responsibility for cybersecurity
Leads security engineering, risk, compliance, and incident response teams
Develops staff skillsets in threat detection, architecture, identity governance, cloud security, and compliance
Fosters a culture of transparency, continuous improvement, and operational rigor
Leads enterprise vulnerability identification, prioritization, and remediation workflows across servers, endpoints, networks, and cloud services
Establishes risk-based SLAs, reporting dashboards, and remediation playbooks
Partners with system owners, infrastructure engineering, and academic/clinical environments to implement secure baselines and configuration standards
Qualification
Required
Bachelor's Degree in Information Security and/or equivalent experience
Ten years or more experience as an Information Security Officer or lead IT Security engineer role, developing and administering an information security program
Demonstrated experience advising and collaborating with senior management
Ability to work in a team/collaborative environment with a broad range of constituencies
Extensive experience leading cybersecurity operations, incident response, and recovery initiatives
Track record of designing, implementing, and advancing a comprehensive information security program aligned with institutional mission and risk posture
Exceptional communication and collaboration skills, with the ability to effectively engage executive leadership, academic stakeholders, and cross-functional IT teams to drive alignment and shared accountability
Demonstrated professional maturity and composure, with the capacity to lead decisively in challenging situations, respond constructively to feedback, and foster a culture of respect, integrity, and steady leadership
Proven ability to lead and facilitate cross-campus advisory councils and governance committees, driving alignment on strategic initiatives and fostering collaborative decision-making
Experienced in building and developing high-performing teams, including talent acquisition, retention, coaching, and mentoring
Skilled in strategic sourcing, vendor partnerships, and managed service oversight, optimizing cost, performance, and compliance across complex technology ecosystems
Adept at prioritizing and deploying talent effectively across multiple initiatives to maximize impact, maintain operational resilience, and achieve institutional objectives
Cultivates strong, trust-based relationships with internal stakeholders and external partners through transparent communication, influence, and a customer-centric leadership approach
CISSP or CISM Required
ITIL Foundation (Required within 6 months)
Preferred
Master's Degree
Working knowledge and experience in policy and regulatory environment of information security, particularly in higher education
Deep understanding of the policy, compliance, and regulatory frameworks governing information security—particularly those impacting academic and research institutions
Company
Creighton University
At Creighton, our Jesuit mission shapes our vision.
5001-10000 employees
H1B Sponsorship
Creighton University has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (21)
2024 (26)
2023 (10)
2022 (17)
2021 (21)
2020 (15)
Funding
Current Stage
Late StageLeadership Team
John R. Stone, MD, PhD
Co-Founder & Co-Executive Director
Russ Pearlman
Vice President of Information Technology, Chief Information Officer
Recent News
Today's Marketplace
2025-10-06
Today's Marketplace
2025-10-01
Today's Marketplace
2025-10-01
Company data provided by crunchbase