IT Research Security Architect

Department:Location:Belknap CampusTime Type:Full timeWorker Type:RegularJob Req ID:R106042Minimum Requirements:Bachelor's degree in Cyber or Information Security, Information Systems Management, Business or related discipline and six (6) years of related work experience with an emphasis in formation security, compliance, government or related area.Knowledge of security frameworks and federal, state or industry security regulations including NIST 800-171/CUI. Experience with Risk Management, security plan development, and incident response, Proficiency in using security tools and technologies. Experience in conducting security audits and assessments. Knowledge of technical infrastructure, networks, databases and systems in relation to IT Security and IT Risk. Grade 10 (Salaried)Position Description:The research computing-focused Research Security Architect, in collaboration with the CISO, ISO, University Legal, and the EVPRI’s office, will play a pivotal role in ensuring the security and compliance of the University’s research computing environments. This position will be responsible for planning and implementing a comprehensive research information security program at the University of Louisville by developing, documenting, and maintaining security measures that meet internal and external regulatory requirements and protect sensitive research data. The ideal candidate will have a strong background in information security, a thorough understanding of regulatory frameworks, and experience in a research computing environment.Essential Duties And Responsibilities• Ensure that research computing environments comply with all relevant regulatory requirements, including but not limited to HIPAA, FERPA, FISMA, CUI, CMMC, DFARS, ITAR.• Develop and maintain documentation related to compliance policies, procedures, standards, baselines, and guidelines. Ensure that all policies and procedures align with both internal and external security standards and regulatory requirements. Understand and communicate information security legislation, contractual obligations, regulations and university policies, standards and procedures. Offer insight, participate in and lead projects, task forces or work with constituents to assess or develop relevant policies, standards and procedures.• Regularly review and update policies and procedures to adapt to new regulations and emerging threats.• Plan and conduct regular audits and compliance assessments to identify compliance gaps and develop plans for corrective actions.• In collaboration with ITS Research Computing and the EVPRI’s office, determine information security requirements for research computing projects and assess the feasibility of implementing them.• Conduct risk and technical assessments to identify potential security threats and vulnerabilities within research computing environments.• Monitor and analyze security incidents and develop response plans to address them effectively.• Develop and deliver training programs to educate researchers and staff about information security best practices and regulatory requirements.• Promote a culture of security awareness within the research community.• Stay current with the latest security trends, technologies, and regulatory changes. Develop comprehensive plans to ensure ITS has the capability to implement future requirements.• Serve as project manager/lead on research computing security projects.Preferred Qualifications• Professional certifications such as CISSP, CISM, CISA, or CRISC are highly desirable.• Experience with NIST’s CSF applied to a research computing environment is highly desirable.• HIPAA, GLBA, FERPA, FISMA, CMMC, DFARS, PCI-DSS, and/or ITAR compliance experience.• Experience with cloud security in Azure and AWS.• Knowledge of security frameworks and federal, state or industry security regulations including NIST 800-171/CUI.• Experience with risk management, security plan development, and incident response.• Proficiency in using security tools and technologies.• Experience in conducting security audits and assessments.Compensation Will Be Commensurate To Candidate Experience.Equal Employment OpportunityThe University of Louisville is an equal opportunity, affirmative action employer, and is committed to providing employment opportunities to all qualified applicants without regard to race, sex, age, color, national origin, ethnicity, creed, religion, disability, genetic information, sexual orientation, gender, gender identity and expression, marital status, pregnancy, or veteran status. If you are unable to use our online application process due to an impairment or disability, please contact the Employment team at employment@louisville.edu or 502.852.6258.Assistance and AccommodationsComputers are available for application submission at the Human Resources Department located at 215 Central Avenue, Ste 205 - Louisville, Kentucky 40208.If you require assistance or accommodation with our online application process, please contact us by email at employment@louisville.edu or by phone 502-852-6258.