Director of Cybersecurity Governance Risk and Compliance, Texas Institute for Electronics

Job Posting Title: Director of Cybersecurity Governance Risk and Compliance, Texas Institute for Electronics

Hiring Department:
Cockrell School of Engineering

Position Open To:
All Applicants

Weekly Scheduled Hours:
40

FLSA Status:
Exempt

Earliest Start Date:
Immediately

Position Duration:
Expected to Continue

Location:
PICKLE RESEARCH CAMPUS

Job Details:
Purpose
The Director of Cybersecurity Governance Risk and Compliance will ensure regulatory compliance for the Texas Institute for Electronics (TIE), who is engaging in projects with contractual obligations for information assurance / NIST 800-171 infrastructure. The position will work closely with a variety of units across campus including Export Control, Information Security Office (UTISO), ITS Campus Solutions, Defense Research Advancement (DRA), and TIE to implement processes for ensuring restricted research is conducted in compliance with relevant regulations.

Responsibilities

1. Implement a program to provide infrastructure, resources, and support for research involving controlled unclassified information (CUI).
2. Collaborate with UT’s and the Cockrell School of Engineering’s information technology personnel, researchers, and UT’s Defense Research Advancement office to establish secure research computing and laboratory environments that comply with federal requirements for protecting CUI.
3. Develop information resources and deliver training to assist researchers with understanding the requirements for working with CUI and implementing those requirements, as needed, for their sponsored research.
4. Consult with Principal Investigators (PI) in pre-award or post-award review of information technology security and privacy controls compliance requirements.
5. Develop and manage security standards, guidelines, policies, procedures, processes and controls based on best practices, compliance frameworks (for example Supplier Performance Risk System NIST assessments), and audit findings.
6. Perform ongoing monitoring of research projects and environments to ensure continued compliance with security requirements.
7. Assess, evaluate, and make recommendations regarding the adequacy of the cybersecurity controls for TIE’s environment and business objectives.
8. Develop plans and tracking for non-compliance with applicable controls, POA&Ms, and monitor remediation progress against agreed upon timelines.
9. Engage in ongoing risk assessment within the TIE research environment, develop risk registers aligned to NIST controls, and implement risk mitigation controls in collaboration with University/Engineering IT, TIE units, and researchers.
10. Evaluate new and existing technologies for compliance with information governance controls (e.g., access, authentication, encryption, logging, retention).
11. Perform other duties as assigned.

Required Qualifications

1. Must be a U.S. citizen, resident, or officially recognized asylee.
2. Bachelor’s degree and a minimum of 3 years of experience in a restricted research environment, information security policies, controls, and practices; cybersecurity; or governance, risk, and compliance (GRC). Relevant education and experience may be substituted as appropriate.
3. Familiarity with NIST 800-171 (CUI), ITAR, DFARS compliance frameworks and/or related controls.
4. Ability to analyze, interpret and explain complex regulations, statutes, policies, terms and conditions of grants, cooperative agreements, contracts, and subcontracts.
5. Demonstrated proficiency operating with a high degree of independence executing with excellent follow-through for assigned tasks, while also knowing when to stop, ask questions, and seek input from the team or management.
6. Demonstrated ability to manage and execute numerous parallel activities in a fast-paced, dynamic team environment.
7. Exceptional written and verbal communication skills with all levels of a complex organization.
8. Self-motivated to learn and share knowledge.

Preferred Qualifications

1. Demonstrated ability to implement and ensure compliance of infrastructure for common security and privacy frameworks and regulation (e.g., NIST 800-53, NIST 800-171, CIS, HIPAA, DFARS/CUI, HECVAT)
2. Experience with university research, research compliance or administration
3. Experience in risk management and intelligence analysis
4. Project management experience

Salary Range
$140,000 + depending on qualifications

Working Conditions

1. May work around standard office conditions
2. Repetitive use of a keyboard at a workstation
3. Use of manual dexterity (ex: using a mouse)

Required Materials

1. Resume/CV
2. 3 work references with their contact information; at least one reference should be from a supervisor
3. Letter of interest

Important for applicants who are NOT current university employees or contingent workers:
You will be prompted to submit your resume the first time you apply, then you will be provided an option to upload a new Resume for subsequent applications. Any additional Required Materials (letter of interest, references, etc.) will be uploaded in the Application Questions section; you will be able to multi-select additional files. Before submitting your online job application, ensure that ALL Required Materials have been uploaded. Once your job application has been submitted, you cannot make changes.

Important for Current university employees and contingent workers:
As a current university employee or contingent worker, you MUST apply within Workday by searching for Find UT Jobs. If you are a current University employee, log in to Workday, navigate to your Worker Profile, click the Career link in the left-hand navigation menu and then update the sections in your Professional Profile before you apply. This information will be pulled into your application. The application is one page, and you will be prompted to upload your resume. In addition, you must respond to the application questions presented to upload any additional Required Materials (letter of interest, references, etc.) that were noted above.

Employment Eligibility:
Regular staff who have been employed in their current position for the last six continuous months are eligible for openings being recruited for through University-Wide or Open Recruiting, to include both promotional opportunities and lateral transfers. Staff who are promotion/transfer eligible may apply for positions without supervisor approval.

Background Checks:
A criminal history background check will be required for finalist(s) under consideration for this position.

Equal Opportunity Employer:
The University of Texas at Austin, as an equal opportunity/affirmative action employer, complies with all applicable federal and state laws regarding nondiscrimination and affirmative action. The University is committed to a policy of equal opportunity for all persons and does not discriminate on the basis of race, color, national origin, age, marital status, sex, sexual orientation, gender identity, gender expression, disability, religion, or veteran status in employment, educational programs and activities, and admissions.#J-18808-Ljbffr