Manager IT (Research Technology Cybersecurity Program)

Position Details

Requisition Number S385P Home Org Name VP for Research Division Name VP for Research and Economic Dev Position Title Manager IT (Research Technology Cybersecurity Program) Job Class Code MA04 Appointment Status Full-time Part-time FTE Limited Term No Limited Term Length Job Summary

As a member of the Office of the Vice President for Research & Economic Development ( OVPRED ), and working closely with the Office of Information Technology’s ( OIT ) Cybersecurity team, this position will be responsible for providing cybersecurity management of multiple programs including Controlled Unclassified Information ( CUI ) management, Cybersecurity Maturity Model Certification ( CMMC ), Research Electronic Data Capture System (REDCap), and Electronic Research Administration. The Research Technology Cybersecurity Manager will be responsible for the planning, engineering, development, implementation, and compliance monitoring for Auburn University’s unclassified research systems and programs. Serves as the principle advisor on all technical matters relating to the security posture of the information systems processing unclassified research information up to and including CUI and PHI . Under minimal supervision, serves as the principal cyber security manager ensuring that research programs meet and maintain a required level of security and any certifications in accordance with applicable framework, to include CMMC . The Manager position will coordinate the development of University cybersecurity standards, guidelines and procedures based on a recognized framework of best practices and in support of the Auburn University IT policies and procedures.

Essential Functions

The Research Technology Cybersecurity Manager will oversee the OVPRED security program to ensure compliance with federal security regulations, as well as contractual agreements regarding the protection of data up to and including controlled unclassified information ( CUI ) and protected health information ( PHI ). The manager will assist senior level administrators, faculty, staff and students with guidance and interpretation of federal government regulations and policies concerning CUI and PHI .

The Research Technology Cybersecurity Manager will develop, maintain, coordinate, and communicate policies, procedures, and practices governing the usage, maintenance, and security research information systems within the university. Partner with government agencies to obtain rulings, interpretations, and acceptable deviations for compliance with regulations.

This position is responsible for:
i.The preparation and maintenance of System Security Plans ( SSP ) to accurately reflect the installation and security provisions of the unclassified research information systems thereby assuring Auburn obtains and maintains CMMC certification.

ii.The development and maintenance of Plan of Action and Milestones ( POA &M) used to identify information system weaknesses, mitigating actions, resources, and timelines for corrective actions.

iii.Implementation of an effective information system security education, training, and awareness program to ensure compliance with government regulations.

iv.Conducting technical security control assessments and baseline validations to identify vulnerabilities and correct deficiencies as part of a continuous monitoring program.

v.Ensuring audit records are collected and analyzed in accordance with the System Security Plans.

vi.Assisting with the design of secure networks and determine best practice methods based on requirements.

Education Level Bachelor's degree from an accredited institution Field of Study

Business Administration, Management, Engineering, Computer Science, Information Technology, or a related field.

Years of Experience 5 Area of Experience

Experience developing, maintaining, and overseeing an information system security program and policies within a complex organization.

Requirements for Additional Job Levels
Education Level Field of Study Years of Experience When a candidate has the required education, but lacks the required experience, they may normally apply additional appropriate education toward the experience requirement, at a rate of one (1) year relevant education per year of required experience Area of Experience Requirements for Additional Job Levels
Minimum Skills and Abilities Minimum Technology Skills Minimum License and Certifications
Desired Qualifications

I. Experience developing, maintaining, and overseeing an information system security program and policies within a complex organization.

II. Familiarity with Cybersecurity Maturity Model Certification ( CMMC ) guidelines

III. Familiarity with HIPAA Security Rule and Privacy Rule guidelines

IV. Working knowledge of information system technology and cybersecurity principles to include vulnerability scanning, Security Information and Event Management ( SIEM ) tools and processes, network security principles, authentication and authorization, and incident response

V. Industry accepted information security-oriented certifications (Security+, SSCP, CISSP, etc.)

VI. Experience in the application of Risk Management Frameworks as described in National Institute of Standards and Technology ( NIST ) Special Publication (SP) 800-37, and NIST Security and Privacy Controls as described in SP 800-171 and SP 800-53a.

Salary Grade 37 Salary Range $68,700 - $114,500 Job Category Executive/Director/Management Working Hours if Non-Traditional List any hazardous conditions or physical demands required by this position Posting Date 08/13/2020 Closing Date EEO Statement

AUBURN UNIVERSITY IS AN AFFIRMATIVE ACTION / EQUAL OPPORTUNITY EMPLOYER . It is our policy to provide equal employment opportunities for all individuals without regard to race, sex, religion, color, national origin, age, disability, protected veteran status, genetic information, sexual orientation, gender identity, or any other classification protected by applicable law.

Special Instructions to Applicants

Please utilize the attachment feature at the online employment site to attach the following: cover letter, resume and contact information of at least three professional references. Only applicants who submit all the requested information will be considered for review.
Auburn residents overwhelmingly rate the city as a great place to live, work and raise children, but don’t just take their word for it. Forbes has consistently ranked Auburn on its lists for Best Places to Retire and Best Small Places for Business and Careers. Auburn City Schools have consistently been ranked among the top public school systems in the state and nation.
Auburn University is committed to providing a comprehensive employee benefits package that attracts and retains talent to further the University’s mission and contributes to the personal and financial well-being of employees and their families. Employee Benefits include: Health Insurance, Dental Insurance, Vision Care, Cancer Insurance, Life Insurance/Personal Accident Coverage, Disability Group & Supplemental Plans, Flexible Spending Account Plan, and Mandatory and Voluntary Retirement Plans, Auburn University Federal Credit Union, Bookstore Discounts, Tiger Perks discounts on dining, shopping and entertainment, Travel Assistance (Domestic and International), and Educational Improvements for Employees and Dependents.

Quick Link for Internal Postings Documents Needed to Apply
Required Documents
  1. Resume
  2. Cover Letter
Optional DocumentsSupplemental Questions

Required fields are indicated with an asterisk (*).

  1. How were you made aware of this opportunity?
    • AU Employment website
    • Employment websites (Indeed, HigherEd Jobs, etc.)
    • Veterans Assistance Services
    • Disability Assistance Services
    • Newspaper
    • Professional Journal
    • Listserv
    • HR email
    • Social Media
    • State Employment Service
    • Walk-in
    • Other
  2. Please select the answer that best describes your current employment relationship with Auburn University.
    • Not a current Auburn employee
    • Current Auburn employee in position less than one year
    • Current Auburn employee in position more than one year
  3. Do you have a Bachelor's degree or higher from an accredited institution in Business Administration, Management, Engineering, Computer Science, Information Technology, or a related field?
    • Yes
    • No
  4. How many years of experience do you have in this type of position?
    • 0-1
    • 1-3
    • 3-5
    • 5-7
    • 7+