Research Security & Compliance Analyst

About the Position

The University of Minnesota Supercomputing Institute (MSI) is hiring a Security Analyst, whose working job title will be Research Security & Compliance Analyst (RSCA), to analyze security trends, vulnerabilities, and business needs and to design and implement security solutions.

The person in this position will act as a primary point of contact for answering research technology compliance and data management questions across the campus and will engage not only customers but will act as a bridge across different areas of expertise needed to answer compliance questions. The RSCA will serve as the go-to expert for issues at the nexus of compliance and technology. The individual will develop and coordinate a comprehensive program for improving the research compliance posture and communications related to MSI’s IT services. The RSCA will also be an integral member of the UMN Center of Excellence for HIPAA data and serve on other University-wide committees related to research data compliance.

The successful candidate will have the ability to work within a team and across organizational boundaries and must possess excellent communication skills to work effectively with faculty, staff, students, and research representatives from a variety of diverse backgrounds and will maintain the highest ethical standards. Experience working at the intersection of technology and compliance is strongly desired.

The RSCA will report to the Sr. Associate Director of MSI but will work closely with staff from a variety of offices including: UMN’s Libraries, OVPR’s Research Compliance Office, OIT’s University Information Security Office, AHC’s Health Information and Privacy Compliance Office, and UMN’s Office of Internal Audits.

Successful candidates will be familiar with research workflows and research data lifecycles. They will have excellent communication skills and a strong analytical background. Job tasks will necessitate a high degree of organization and comfort working as part of an interdisciplinary research team on a diverse set of projects. The person in this position is frequently expected to work independently to identify combinations of existing tools to address novel requests, and in some cases develop new tools to bridge gaps in the domain literature.

Common tasks will Include:

  • Designs, develops, and implements security methodology and infrastructure for major University systems.
  • Conducts analysis to ensure that security architecture, designs, plans, controls, processes, standards, policies, and procedures are aligned with University and industry compliance requirements.
  • Conducts forensic analysis for major and/or high-risk security breaches and hijacking. Composes investigation reports and recommends solutions to prevent future instances.
  • Conducts risk assessments to recommend security policies and procedures to mitigate security risk and violation.
  • Serves as the expert on security related regulations. Responds to internal and external security audit requests.
  • Authors, publishes, and maintains security policies, procedures, standards, and guidelines based on industry best practices and compliance requirements.
  • Manages security awareness program.
  • Educates and trains end users and University IT professionals on security topics and industry trends.
  • Functions as team and project lead.
  • Provides procedural and technical guidance to less experienced staff.

Required Qualifications

  • Related BA/BS degree with four years' work experience in the areas related to security system design, implementation, and administration. Unrelated BA/BS and six years' work experience in areas related to security system design, implementation, and administration.
  • Must be able to function as part of an interactive team while demonstrating self-initiative to achieve project’s goals and group’s mission.
  • Excellent oral and written English communication and interpersonal skills.
  • Demonstrated familiarity with research workflows and research data lifecycles.
  • Experience developing and completing IT related projects to serve research goals.
  • Must be able to begin employment within 6 weeks of offer.

Preferred Qualifications

  • Master or PhD Degree in IT related field.
  • Experience with network security design and implementation.
  • Experience with Linux OS security design and implementation.
  • Experience applying security designs to an academic research environment including HPC, cloud computing infrastructure, and petabyte-scale file systems.

To Apply

Applications must be submitted online. The Job ID for this position is 328747.

If you are not a current University of Minnesota employee, please use this link:  Non-employee link.

If you are a current University of Minnesota employee, please use this link: Employee link.

Visit the University of Minnesota Employment site for complete instructions.