Skip to main content

Information Security Office

The Information Security Office (ISO) mission is to enable the University to conduct its business securely while achieving regulatory compliance, data security and privacy, and the associated requirements in identity and access management. It provides leadership and coordination in developing policies, standards, and access controls for the safeguarding of University information assets; raises the University community’s awareness of information security issues; promotes safe computing; and develops strategies for authentication and authorization services.

The Information Security Office’s primary responsibilities include:

ISO services are listed in the Northwestern IT Service Catalog under “Security.”

Brandon Grill

Senior Director, Technology Planning and Security


Areas within the Information Security Office reporting to the Senior Director, Technology Planning and Security, include:

Information Security Operations and Engineering

Nowell Arnold

Associate Director, Information Security and Deputy Chief Information Security Officer


Information Security Operations and Engineering maintains a strategic approach to ensuring the confidentiality, integrity, and availability of Northwestern’s information resources and actively engages schools and departments in implementation. Additionally, this group provides managed security services, risk assessments of third-party applications and systems, and maintenance and support of security applications and architecture across Northwestern. Information Security Operations and Engineering also supports University schools and departments on key IT security efforts and assists in incident response.

Identity and Access Management

Myndi Brown

Manager, Identity Services


The Identity and Access Management (IAM) team provides identity and access services to people and systems, enabling identity-based authentication and authorization for information technology systems at Northwestern. The team is responsible for the development, testing, and dissemination of architectures, software, and practices in the areas of identity and access management at Northwestern, and provides methods and technology to securely log on to University systems, including account management, authentication (including Multi-factor Authentication), directory services, and identity federation.
Back to top