University Of Texas

Senior Secure Research Systems Engineer

Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 5-7 years of experience implementing NIST SP 800-171, SP 800-53, FIPS 140, and DISA STIG compliance standards.
  • Bachelor's degree in Computer Science, Engineering, Information Technology or equivalent experience.
  • 3+ years of experience in secure hybrid environments such as CUI, NIST, ITAR.
  • 3+ years of infrastructure engineering experience, including computer and virtualization technologies.
  • 5+ years of server administration expertise in Linux and Windows environments.

Responsibilities

  • Configure and maintain secure cloud infrastructure and SIEM tooling according to set compliance standards.
  • Administer and support a university-wide infrastructure environment for controlled unclassified information (CUI) research.
  • Conduct security operations and respond to incidents across multiple research environments.
  • Design security policies and controls based on compliance frameworks and best practices for CUI.
  • Collaborate with various stakeholders to establish compliant secure research environments.
  • Engage in risk assessments and maintain risk registers corresponding to NIST controls.

Benefits

  • Flexible work arrangements including remote work within the United States.
  • Life/work balance with a typical 40-hour work week and limited travel requirements.
  • Opportunities for professional growth in a higher education environment.
Full Job Description
Job Posting Title:
Senior Secure Research Systems Engineer
----

Hiring Department:
Enterprise Technology - Campus Solutions
----

Position Open To:
All Applicants
----

Weekly Scheduled Hours:
40
----

FLSA Status:
Exempt from FLSA
----

Earliest Start Date:
Immediately
----

Position Duration:
Expected to Continue
----

Location:
AUSTIN, TX
----

Job Details:

General Notes

Flexible work arrangements are available for this position, including the ability to work remotely within the United States. We would strongly prefer a candidate located in the greater Austin area as travel to campus for occasional in-person events, training, team meetings, activities, etc., will be required.

This position provides life/work balance with typically a 40-hour work week and travel limited to training (e.g., conferences/courses).

Purpose

The Senior Secure Research Systems Engineer will lead secure research computing initiatives at UT Austin across various projects, playing an essential role in the implementation, security, and maintenance of the university's Controlled Unclassified Information (CUI) research environment. This position demands proficiency in applying security engineering principles and countermeasures within federally regulated environments, encompassing both on-premises and cloud infrastructure. The engineer will work in collaboration with multiple infrastructure, networking, and security teams to design compliant technical architectures, enforce federal security controls, resolve issues, and support the university's research compliance objectives.

Responsibilities
Infrastructure Management & Endpoint Security:
  • Configure and maintain secure cloud infrastructure (GovCloud/GCC High), endpoint management, and SIEM tooling in alignment with CRSP-approved platform decisions. Coordinate with ISO to ensure security monitoring integrations - including log forwarding to ISO-managed platforms - are functional and maintained.
  • Maintain a university wide infrastructure environment, associated resources, and provide support for research involving controlled unclassified information (CUI).
  • Administer Linux and Windows servers, endpoints and other IT assets.
  • Conduct security operations, monitor events, and respond to incidents across multiple enclaves.


Security & Compliance Implementation:
  • Design and maintain the technical implementation of security standards, policies, procedures and controls based on CUI best practices, compliance frameworks, and audit findings.
  • Support processes to bring projects into compliance with Cybersecurity Maturity Model Compliance (CMMC) 2.0 requirements.
  • Implement and enforce technical controls under NIST (SP) 800-171 or NIST (SP) 800-53 or FIPS 140-2 controls, including encryption, access controls, logging, and endpoint protection.
  • Design and manage cryptographic mechanisms for data at rest, data in transit, digital signatures, and message integrity (HMAC, TLS, IPSEC).
  • Provide artifacts for Department of Defense audits.


Program Coordination:
  • Collaborate with restricted research teams (researchers, faculty and staff) to establish secure research computing and laboratory environments in compliance with federal CUI regulations.
  • Partner with the CRSP Director and Deputy Director to manage POA&Ms, SSPs, and technical remediation planning.
  • Document technical processes and collect required artifacts for CUI assessments.


Risk Assessment & Compliance Monitoring:
  • Engage in ongoing risk assessment across the college research environment and develop risk registers aligned to NIST controls.
  • Evaluate new and existing technologies for compliance with information governance controls (e.g., access, authentication, encryption, logging, retention).


Perform other related functions as assigned.

Required Qualifications
  • Demonstrable implementation experience with NIST SP 800-171, NIST SP 800-53, FIPS 140- and DISA STIG
  • Bachelor's degree in Computer Science, Engineering, Information Technology, or a related field, or equivalent experience (HS diploma + extensive experience and certifications will be considered)
  • 3+ years of professional experience working in highly secure compliant hybrid environments such as CUI, NIST, ITAR.
  • 3+ years of experience infrastructure engineering, including computer, storage, AD, and virtualization technologies.
  • 3+ years expert experience in the IAAS cloud service model (Azure, AWS, or Google Cloud) or hybrid environments.
  • 5+ years of experience in server administration with Linux (Ubuntu, RedHat) and Windows.
  • Demonstrable proficiency with scripting, automation and configuration management, using automation framework tools (e.g., Ansible, Terraform, Chef, Puppet, CloudFormation).
  • Deep understanding of related networking concepts like SDNs, VRFs, DNS, switch, network routing, and access control methods (ACLs, firewalls, security policies) and IPSEC.
  • Able to architect and fortify research endeavors expertly
  • Excellent problem-solving skills and an ability to adapt to rapidly changing technologies
  • Work on-site and well under pressure with crucial timelines and accountability
  • Demonstrated ability to handle multiple tasks and projects simultaneously
  • Excellent oral and written communication skills, with a demonstrated ability to translate complex technical concepts for non-technical audiences including investigators, faculty, and research staff
  • Ability to collaborate with cross-functional teams to design and implement solutions
  • Ability to communicate effectively with investigators and research teams - explaining compliance requirements, system constraints, and onboarding processes in accessible, non-technical terms
  • Demonstrated proficiency in technical writing and the production of compliance artifacts, including System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), and Technology Control Plans (TCPs)


Equivalent combination of relevant education and experience may be substituted as appropriate.

Preferred Qualifications
  • Articulate and collaborative with the ability to make things happen
  • Comprehensive understanding and appreciation of leading-edge research and security requirements
  • Security clearances may be needed for some work
  • Professional certifications such as CISSP, CISM, GIAC, CEH, Security+, or Microsoft Certified: Security Operations Analyst.
  • DevSecOps Cloud certifications such as Microsoft AZ-500, AZ-305, SC-100, AWS Security Specialty, or (ISC)² CCSP
  • Experience with advanced troubleshooting tools (e.g., Splunk)
  • VMWare experience (vSphere, VSAN, NSXT, vRealize/Aria and/or Tanzu)
  • Experience with AWS Elastic Load Balancing (ALB, NLB), VPC networking, Route 53, and Azure Load Balancer, Application Gateway, Traffic Manager, and Virtual Networks (VNet)
  • Experience with containerization (Docker, Kubernetes)
  • Experience with Git version control systems and branching strategies
  • Working knowledge of ITIL processes, specifically Incident Management, Change Management, Problem Management


Salary Range

$120,000 + depending on qualifications

Working Conditions
  • May work around standard office conditions
  • Repetitive use of a keyboard at a workstation
  • Use of manual dexterity
  • Work performed on concurrent multiple projects under pressure of rigid deadlines or time limitations


Work Shift

Monday - Friday, flexible between 7am-6pm; Occasional nights or weekends required on a pre-determined schedule

Required Materials
  • Resume/CV
  • 3 work references with their contact information; at least one reference should be from a supervisor
  • Letter of interest


Important for applicants who are NOT current university employees or contingent workers: You will be prompted to submit your resume the first time you apply, then you will be provided an option to upload a new Resume for subsequent applications. Any additional Required Materials (letter of interest, references, etc.) will be uploaded in the Application Questions section; you will be able to multi-select additional files. Before submitting your online job application, ensure that ALL Required Materials have been uploaded. Once your job application has been submitted, you cannot make changes.

Important for Current university employees and contingent workers: As a current university employee or contingent worker, you MUST apply within Workday by searching for Find UT Jobs. If you are a current University employee, log-in to Workday, navigate to your Worker Profile, click the Career link in the left hand navigation menu and then update the sections in your Professional Profile before you apply. This information will be pulled in to your application. The application is one page and you will be prompted to upload your resume. In addition, you must respond to the application questions presented to upload any additional Required Materials (letter of interest, references, etc.) that were noted above.

Employment Eligibility:
Regular staff who have been employed in their current position for the last six continuous months are eligible for openings being recruited for through University-Wide or Open Recruiting, to include both promotional opportunities and lateral transfers. Staff who are promotion/transfer eligible may apply for positions without supervisor approval.

Retirement Plan Eligibility:
The retirement plan for this position is Teacher Retirement System of Texas (TRS), subject to the position being at least 20 hours per week and at least 135 days in length.

Background Checks:

A criminal history background check will be required for finalist(s) under consideration for this position.

----

About University Of Texas

The University of Texas at Austin is a public research university located in Austin, Texas. It was founded in 1883 and is the flagship institution of the University of Texas System. The university offers over 170 undergraduate and graduate degree programs across 13 colleges and schools. It is known for its strong academic programs in business, engineering, law, and natural sciences. The university has a diverse student body and is committed to providing a high-quality education to all students. It has a strong research program and is a member of the Association of American Universities.
Learn more about University Of Texas
Size
24,000 employees
Industry
Founded
1881

Similar Jobs

More Jobs at University Of Texas

More Information Technology Jobs

Find similar Senior Secure Research Systems Engineer jobs: