"Data Security Analyst"

Data Security Analyst

The Data Security Analyst will play a critical role in advancing the University of Utah's research security and IT compliance posture. This position will lead the development, implementation, and continuous improvement of institutional cybersecurity policies and procedures aligned with federal frameworks such as CMMC, NIST 800-171, and Controlled Unclassified Information (CUI) requirements. The Analyst will ensure that IT administrators and research personnel understand and implement secure practices, and that institutional systems meet evolving compliance obligations. This role requires a strategic thinker with strong collaboration skills, technical understanding, and a commitment to fostering a culture of security and compliance across the university.

About the VPR

The Vice President for Research (VPR) Office at the University of Utah is a dynamic hub for innovation and discovery. As an R1 institution recognized for very high research activity, the University of Utah leads groundbreaking research that impacts both local and global communities. The VPR Office collaborates with researchers, drives interdisciplinary initiatives, and fosters a culture of discovery.

About the University of Utah

Located in Salt Lake City, the U is the flagship institution of the State of Utah's system of higher education, home to arts and museum venues and a member of the Big 12 Conference. Skiing and snowboarding opportunities are a short distance from campus, and opportunities to pursue activities from biking to hiking to fishing abound. Salt Lake City is home to the Utah Symphony and Opera, Ballet West, professional sports teams, and a wide range of other cultural and recreational activities.

Responsibilities

• Develop and maintain cybersecurity policies, procedures, and standards aligned with CMMC, NIST 800-171, FedRamp and other federal frameworks.
• Translate regulatory and contractual requirements into actionable internal controls and operational practices.
• Oversee implementation of policies across IT systems and research environments; conduct reviews and audits to ensure alignment.
• Identify and remediate compliance gaps in collaboration with IT and research teams.
• Review system security plans, data handling workflows, and access controls for compliance with CUI requirements.
• Provide training and outreach to institutional stakeholders on cybersecurity compliance obligations.
• Maintain documentation of compliance reviews, implementation evidence, and corrective actions.
• Support institutional initiatives related to research security, secure collaboration environments, and audit readiness.
• Stay current on federal cybersecurity regulations and participate in professional development.

This job description is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to the job. Work Environment and Level of Frequency typically required Nearly Continuously: Office environment.

Physical Requirements and Level of Frequency that may be required Nearly Continuously: Sitting, hearing, listening, talking. Often: Repetitive hand motion (such as typing), walking. Seldom: Bending, reaching overhead.

Minimum Qualifications

Requires a bachelor's degree in area of specialty, or equivalency (one year of education can be substituted for two years of related work experience); and 2-4 years of experience in the field or in a related area.

Applicants must demonstrate the potential ability to perform the essential functions of the job as outlined in the position description.

Preferences

• 3+ years of experience in cybersecurity compliance, research security, or IT governance.
• Experience with CMMC, NIST 800-171, DFARS, or similar frameworks.
• Familiarity with Controlled Unclassified Information (CUI) and federal research security requirements.
• Comprehensive understanding of State and Federal data security regulations and policies (e.g., NIST 800-171, NIST 800-53, ISO 2700 Rev2, FedRamp GDPR etc..) as well as expertise in the implementation of responsive compliance practices.

Special Instructions

Requisition Number: PRN42848B

Full Time or Part Time? Full Time

Work Schedule Summary: Monday - Friday (8am - 5pm)

Department: 00639 - VP for Research

Location: Campus

Pay Rate Range: $80,000 - $100,000

Close Date: 11/18/2026

Open Until Filled:

To apply, visit https://utah.peopleadmin.com/postings/187347