Contact OIS

Office of Information Security

Dan Jones, Assistant Vice President and Chief Information Security Officer (CISO)
Phone: 303-735-6637

Sarah Braun, Assistant Information Security Officer
Phone: 303-860-5616

Leonid Balaban, IT Security Analyst
Phone: 303-860-5678

Group email address:

Information Security Officers

Campus Information Security Officers (ISOs) serve in a variety of technical and non-technical roles for a specific University campus. The ISOs shall:

  1. Provide day-to-day Program management for their campus, advise Organizational Units on IT security issues, and assist the CISO with Program reviews and reporting.
  2. Assist Organizational Units with evaluating risks to University information and the CISO with risk management reporting.
  3. Assist with the preparation, approval, and maintenance of campus-specific IT security policies, procedures, and guidelines as appropriate.
  4. Provide guidance on implementation of unit-specific IT security policies, procedures, and guidelines as appropriate.
  5. Establish and manage an IT security awareness and education program for campus IT resource users and provide guidance to Organizational Units on supplementing program events with unit-specific training.
  6. When IT security incidents affect a single campus, lead investigations, coordinate with and issue timely reports to the Chancellor or designee, affected campus units, CISO, Legal, and others as appropriate.


Name Campus Phone Number Email Address  
Dan Jones CU-Boulder 303-735-6637  
Sean Clark CU-Denver 303-724-0486  
Thomas Conley UCCS 719-255-3211  
Brad Judy System 303-860-4293  

Security Advisory Committee

The Security Advisory Committee (SAC) provides oversight of and support for the IT Security Program and is composed of members representing a cross section of the University community. SAC members are appointed by the President or designee.

  1. Advise, inform, and coordinate with the CISO as appropriate to promote and support the Program and to ensure that Program requirements reflect and support the functional requirements, external requirements, and the mission of the University.
  2. Advise the President and the CISO as appropriate to ensure that University-wide IT security policies, procedures, and guidelines reflect and support the functional requirements, external requirements, and the mission of the University.
  3. In collaboration with the CISO advise the University President and Chancellors on risk management decisions and Program direction to ensure alignment with University objectives.


Title  Name Email Address  
Vice President, Employee and Information Services Kathy Nesbitt  
Senior Vice Chancellor and Chief Financial Officer, CU - Boulder Kelly Fox  Kelly.Fox@Colorado.EDU  
Alternate representative to Senior Vice Chancellor and Chief Financial Officer - Vice Chancellor for Infrastructure and Safety, CU - Boulder David Kang  

Associate Vice Chancellor for Budget and Finance, Denver/AMC

Jennifer Sobanet  
Senior Executive Vice Chancellor for Administration & Finance, UCCS Susan Szpyrka  
Associate Vice President, Business Operations, System Administration Geoff Barsch  
Director Computing Services, UCCS Kirk Moore  
Associate Vice Chancellor for Information Technology, CU-Boulder Larry Levine  

Associate Vice President and Chief Information Officer, UIS

Scott Munson  
Assistant Vice Chancellor for Information Technology Services, Denver/AMC Russell Poole  
Legal Counsel Erica Weston  
Assistant Vice President and Chief Information Security Officer/CU-Boulder Information Security Officer Dan Jones  
CU-Denver and Anschutz Medical Campus (AMC) Information Security Officer Sean Clark  
UCCS Information Security Officer  Thomas Conley  
System Information Security Officer  Brad Judy  
Director Internal Audit (Ex-offico member)  Kevin Sisemore  
Alternate representative to Director of Internal Audit - Senior IT Audit Manager Jim Dillon  

Chief Information Officer/Chief Technology Officer


1. The CIO/CTO is an individual designated by the Chancellor on each campus with oversight authority for all IT operations on that campus. These individuals have the authority to enforce the requirements of University and campus policies for information security.

2. Authorize new IT operations, shut down IT operations that are out of compliance with policy, or transfer management of those operations to a department or service provider with the requisite capabilities.

Contact information:

Name Campus Email Address  
Larry Levine CU-Boulder  
Russell Poole CU-Denver and AMC  
Scott Munson System Administration