IT Research Security Architect
University of Louisville
Louisville, KY
Job posting number: #7295528 (Ref:R106042)
Posted: November 26, 2024
Job Description
Department:
Location:
Belknap CampusTime Type:
Full timeWorker Type:
RegularJob Req ID:
R106042Minimum Requirements:
Bachelor's degree in Cyber or Information Security, Information Systems Management, Business or related discipline and six (6) years of related work experience with an emphasis in formation security, compliance, government or related area.Knowledge of security frameworks and federal, state or industry security regulations including NIST 800-171/CUI. Experience with Risk Management, security plan development, and incident response, Proficiency in using security tools and technologies. Experience in conducting security audits and assessments. Knowledge of technical infrastructure, networks, databases and systems in relation to IT Security and IT Risk. Grade 10 (Salaried)
Position Description:
The research computing-focused Research Security Architect, in collaboration with the CISO, ISO, University Legal, and the EVPRI’s office, will play a pivotal role in ensuring the security and compliance of the University’s research computing environments. This position will be responsible for planning and implementing a comprehensive research information security program at the University of Louisville by developing, documenting, and maintaining security measures that meet internal and external regulatory requirements and protect sensitive research data. The ideal candidate will have a strong background in information security, a thorough understanding of regulatory frameworks, and experience in a research computing environment.
ESSENTIAL DUTIES AND RESPONSIBILITIES
Ensure that research computing environments comply with all relevant regulatory requirements, including but not limited to HIPAA, FERPA, FISMA, CUI, CMMC, DFARS, ITAR.
Develop and maintain documentation related to compliance policies, procedures, standards, baselines, and guidelines. Ensure that all policies and procedures align with both internal and external security standards and regulatory requirements. Understand and communicate information security legislation, contractual obligations, regulations and university policies, standards and procedures. Offer insight, participate in and lead projects, task forces or work with constituents to assess or develop relevant policies, standards and procedures.
Regularly review and update policies and procedures to adapt to new regulations and emerging threats.
Plan and conduct regular audits and compliance assessments to identify compliance gaps and develop plans for corrective actions.
In collaboration with ITS Research Computing and the EVPRI’s office, determine information security requirements for research computing projects and assess the feasibility of implementing them.
Conduct risk and technical assessments to identify potential security threats and vulnerabilities within research computing environments.
Monitor and analyze security incidents and develop response plans to address them effectively.
Develop and deliver training programs to educate researchers and staff about information security best practices and regulatory requirements.
Promote a culture of security awareness within the research community.
Stay current with the latest security trends, technologies, and regulatory changes. Develop comprehensive plans to ensure ITS has the capability to implement future requirements.
Serve as project manager/lead on research computing security projects.
PREFERRED QUALIFICATIONS
Professional certifications such as CISSP, CISM, CISA, or CRISC are highly desirable.
Experience with NIST’s CSF applied to a research computing environment is highly desirable.
HIPAA, GLBA, FERPA, FISMA, CMMC, DFARS, PCI-DSS, and/or ITAR compliance experience.
Experience with cloud security in Azure and AWS.
Knowledge of security frameworks and federal, state or industry security regulations including NIST 800-171/CUI.
Experience with risk management, security plan development, and incident response.
Proficiency in using security tools and technologies.
Experience in conducting security audits and assessments.
Compensation will be commensurate to candidate experience.
Equal Employment Opportunity
The University of Louisville is an equal opportunity, affirmative action employer, and is committed to providing employment opportunities to all qualified applicants without regard torace, sex, age, color, national origin, ethnicity, creed, religion, disability, genetic information, sexual orientation, gender, gender identity and expression, marital status, pregnancy, or veteran status. If you are unable to use our online application process due to an impairment or disability, please contact the Employment team atemployment@louisville.eduor 502.852.6258.
Assistance and Accommodations
Computers are available for application submission at the Human Resources Department located at 215 Central Avenue, Ste 205 - Louisville, Kentucky 40208.
If you require assistance or accommodation with our online application process, please contact us by email atemployment@louisville.eduor by phone 502-852-6258.
Equal Employment Opportunity The University of Louisville is an equal opportunity, affirmative action employer, and is committed to providing employment opportunities to all qualified applicants without regard to race, sex, age, color, national origin, ethnicity, creed, religion, disability, genetic information, sexual orientation, gender, gender identity and expression, marital status, pregnancy, or veteran status. If you are unable to use our online application process due to an impairment or disability, please contact the Employment team at [email protected] or 502.852.6258. Assistance and Accommodations Computers are available for application submission at the Human Resources Department located at 215 Central Avenue, Ste 205 - Louisville, Kentucky 40208. If you require assistance or accommodation with our online application process, please contact us by email at [email protected] or by phone 502-852-6258. About the University of Louisville In 2023, the University of Louisville celebrates its quasquibicentennial, the 225th anniversary of the 1798 beginnings of higher education in Louisville. One of the nation’s first city-owned, public universities, UofL today is a vital ecosystem that creates thriving futures for students, our community and society. As one of only 79 universities in the United States to earn recognition by the Carnegie Foundation as both a Research 1 and a Community Engaged university, we impact lives in areas of student success and research and innovation, while our dynamic connection with our local and global communities provides unparalleled opportunities for students and citizens both. The university serves as an engine that powers Metro Louisville and the commonwealth and as a classroom for UofL’s more than 23,000 students, who benefit from partnerships with top employers and a wide range of community service opportunities. To learn more, visit louisville.edu. The University of Louisville is a public university in Louisville, Kentucky. It is a member of the Kentucky state university system.