Job Summary:

Responsible for supporting day-to-day information security governance risk and compliance activities and assigned projects. Major functions include information security risk management, security policy development and enforcement, 3rd party vendor management and incident response assistance. Assist with the development and delivery of risk assessments. Assist with the development, monitoring, and enforcement of policy and standards. Provide support for information security projects and research compliance.

Essential Duties:

Governance, Risk and Compliance (GRC) – Assist with the development and implementation of risk assessments, risk mitigation tracking and reporting of residual risk. Developing and implementing policies and standards that ensure compliance with applicable state and federal requirements. Assist with policy exception management. Provide risk consulting and/or training to institution stakeholders, make recommendations on remediation of risks and assist business owners with information security risk assessments and risk response. Perform risk assessments on new software, software renewals and 3rd party software. Assist with the information security administrator work group, and other security governance activities. Assist with metrics for the Information Security Program. Assist CISO with reports due the state and UT System. Projects and Research Support: Assist with the development of requirements for, and take part in, information security and institutional technology projects. Provide security consulting and support to institutional departments on security related issues and inquiries. Provide support for research in the development and review of data management plans and technology control plans. Assist research with security compliance requirements. Security Controls & testing: Assisting with establishing security controls requirements for UTA in accordance with applicable laws. Perform security control gap assessments and audits of security controls as needed. Perform periodic testing of institutional information resources and supporting security infrastructure to ensure security controls are in place and effective. Incident Response: Assist with the management of the Incident Response Plan. Assist with security incidents and investigations as needed. Assist with cybersecurity incident tabletop exercises. Security Awareness: Support the development and implementation of security awareness training programs. Performs other duties as assigned.

Required Qualifications:

Bachelor's degree. Two (2) years of experience in one or more of the following: networks, databases, information security, application security, endpoint security, IT audit or risk management. Knowledge and practical experience with security frameworks, e.g. NIST 800 series, NIST CSF, ISO 20001, CIS Top 20, CMMC.

Preferred Qualifications:

Certifications related to the duties and responsibilities specified, including but not limited to: Security +, CISSP, CISM, CRISC, and/or CISA. Experience in the protection of research data and intellectual property, implementing NIST 171 controls and/or familiarity with CMMC a plus. Technical knowledge of operating systems, defense-in-depth concepts, networks, security related technologies, and security configurations. Working knowledge of Microsoft Windows, Linux/UNIX systems, firewalls, TCP/IP, VPN, DNS, access management, encryption, configuration management, vulnerability scanning, and application security best practices. Knowledgeable of current advances in all areas of information technology concerning vulnerabilities, security breaches or malicious attacks. Experience in the implementation of GRC strategies. Knowledge regarding risk management practices and GRC concepts and automation tools. Experience in higher education and/or Experience in Texas State government.

Special Instructions:

Applicants must include in their online resume the following information: 1) Employment history: name of company, period employed (from month/year to month/year), job title, summary of job duties and 2) Education: school name, degree type, and major.

EEO Statement:

UTA is an Equal Opportunity/Affirmative Action institution. Minorities, women, veterans and persons with disabilities are encouraged to apply. Additionally, the University prohibits discrimination in employment on the basis of sexual orientation. A criminal background check will be conducted on finalists. The UTA is a tobacco free campus.

Open Until Filled: No

Location: Ft. Worth