• Information Security Architects

    University of Utah (Salt Lake City, UT)


    Details

     

    **Open Date** 11/13/2025

    **Requisition Number** PRN43583B

    **Job Title** Information Security Architects

    **Working Title** Information Security Architects

    **Career Progression Track** P00

    **Track Level** P4 - Advanced, P3 - Career, P2 - Developing

    **FLSA Code** Computer Employee

    **Patient Sensitive Job Code?** No

    **Standard Hours per Week** 40

    **Full Time or Part Time?** Full Time

    **Shift** Day

     

    Work Schedule Summary

     

    Full-time, 40 hours per week. Monday – Friday.

     

    Mostly remote work option available, with occasional on-campus meetings required at the University of Utah in Salt Lake City.

     

    This position may require occasional travel.

     

    **VP Area** U of U Health - Academics

    **Department** 02228 - Data Coordinating Center

    **Location** Campus

    **City** Salt Lake City, UT

    **Type of Recruitment** External Posting

    **Pay Rate Range** 61,599 to 123,274

    **Close Date** 02/13/2026

     

    Priority Review Date (Note - Posting may close at any time)

    Job Summary

    This position is in the Utah Data Coordinating Center. Join the Utah DCC where we harness the power of collaboration, to advance science, move society, and benefit humanity. We offer opportunities to work with high functioning, cutting-edge teams that study, understand, and improve multi-site research. Autonomy, creativity, and critical thinking skills are strongly encouraged.

     

    This Information Security Architect position is responsible for ensuring the secure operation of assigned information systems by implementing and maintaining a comprehensive risk management framework. This role involves developing security documentation, conducting continuous monitoring, and responding to incidents to protect systems and data from unauthorized access or compromise. It includes safeguarding sensitive information—such as personally identifiable data and blinded and unblinded study data—whose exposure could adversely affect organizational operations or compromise research. This position requires alignment with federal cybersecurity standards and policies, and close collaboration with internal stakeholders to ensure compliance and maintain a strong security posture across moderate-impact systems.

     

    The Utah DCC offers a career ladder for Information Security Architects and provides growth and professional development opportunities.

     

    To learn more about the Utah DCC visit**http://uofuhealth.org/UtahDCC**

     

    Work Environment and Level of Frequency typically required

     

    Often: Office environment

     

    Seldom: Outdoor environment, extreme cold, extreme heat, noise (there is sufficient noise to cause you to shout in order to be heard above the noise level), atmospheric conditions (conditions that affect the respiratory system, such as fumes, odors, dusts, mists, gases, or poor ventilation) and close quarters

     

    Physical Requirements and Level of Frequency that may be required

     

    Nearly continuously: Repetitive hand motion (such as typing), hearing, listening, talking, walking

     

    Often: Sitting, bending, twisting

     

    Seldom: Repetitive foot motion, climbing, kneeling, squatting, crawling, balancing, reaching overhead, pulling, pushing

    The University of Utah offers a comprehensive benefits package including:

    + Excellent**health care coverage**at affordable rates

    + **14.2% retirement contributions**that vest immediately

    + Generous**paid leave time**

    + **11 paid Holidays**

    + **50% tuition reduction**for employee, spouse, and dependent children

    + **Flex spending accounts**

    + **Free transit**on most UTA services

    + Employee discounts on a variety of products and services including cell phones & plans, entertainment, health and fitness, restaurants, retail, and travel

    + Professional development opportunities

     

    Learn more about the great benefits of working for University of Utah: benefits.utah.edu

     

    This is posted as open-rank and may be filled at any of the listed job levels.

    Responsibilities

    Design framework of the information systems security infrastructure, setting the vision for cybersecurity systems. Act as technical expert and assess potential systems and process vulnerabilities to determine security infrastructure requirements. Develop policies and procedures to prevent unauthorized access. Educate and communicate security requirements and procedures to users and new employees. Recommend and implement changes to enhance systems security and prevent unauthorized access. Research security trends, new methods, and techniques used in unauthorized access of data to preemptively eliminate the possibility of system breach. Provide guidance and direction on best practices for the protection of information. Ensure compliance with regulations and privacy laws. May oversee internal or external systems security (e.g., cloud services).

    Essential Functions

    + **System Authorization & Documentation** : Guide systems through the Risk Management Framework ( RMF ) process to achieve and maintain Authorization to Operate ( ATO ). Develop and maintain security documentation including System Security Plans (SSPs), Contingency Plans (CPs), and Plans of Action and Milestones ( POA &Ms).

    + **Security Control Implementation** : Collaborate with technical teams to implement and manage security controls based on applicable standards and frameworks.

    + **Risk Management & Assessment** : Conduct regular risk assessments, evaluate security controls, and recommend mitigation strategies to protect the confidentiality, integrity, and availability of information systems.

    + **Continuous Monitoring** : Execute monitoring plans by reviewing system logs, conducting vulnerability scans, and tracking remediation efforts to maintain system security posture.

    + **Incident Response** : Detect, report, and respond to security incidents. Coordinate with response teams to contain threats and remediate breaches.

    + **Audit & Compliance Support** : Prepare documentation and artifacts to support internal and external audits. Ensure systems comply with relevant security policies, regulations, and standards.

    + **Policy Development & Training** : Assist in developing and updating security policies and procedures. Provide training and guidance to promote security awareness and best practices.

    + **Stakeholder Coordination** : Serve as the primary point of contact for security matters, collaborating with system owners, administrators, auditors, and other stakeholders to address compliance and drive security initiatives.

     

    The department may choose to hire at any of the below job levels and associated pay rates based on their business need and budget.

     

    Information Security Architect, II

     

    Requires moderate skill set and proficiency in discipline. Conduct work assignments of increasing complexity, under moderate supervision with some latitude for independent judgment.

     

    This is a Developing-level position in the General Professional track.

     

    I **nformation Security Architect, III**

     

    Considered highly skilled and proficient in discipline. Conduct complex, important work under minimal supervision and with wide latitude for independent judgment.

     

    This is a Career-Level position in the General Professional track.

     

    Information Security Architect, IV

     

    Recognized as subject matter expert and advanced individual contributor professional. Requires specialized skill set. Conduct highly complex work, unsupervised and with extensive latitude for independent judgment.

     

    This is an Expert-Level position in the General Professional track.

    Minimum Qualifications

    **EQUIVALENCY STATEMENT :** 1 year of higher education can be substituted for 1 year of directly related work experience (Example: bachelor’s degree = 4 years of directly related work experience).

    Department may hire employee at one of the following job levels:

    **Information Security Architect, II:** Requires a bachelor’s (or equivalency) + 4 years or a master’s (or equivalency) + 2 years of directly related work experience.

    **Information Security Architect, III :** Requires a bachelor’s (or equivalency) + 6 years or a master’s (or equivalency) + 4 years of directly related work experience.

    **Information Security Architect, IV:** Requires a bachelor’s (or equivalency) + 8 years or a master’s (or equivalency) + 6 years of directly related work experience.

     

    Preferences

     

    + Demonstrated experience applying the NIST Risk Management Framework ( RMF ) and implementing NIST SP 800-53 security controls.

    + Holds one or more relevant security certifications such as CISSP , CISM , Security+, or equivalent.

    + Proven ability to develop and maintain security documentation including System Security Plans (SSPs), POA &Ms, and ATO packages.

    + Skilled in conducting vulnerability assessments and using tools like Nessus or Qualys to identify and remediate risks.

    + Hands-on experience detecting, reporting, and responding to cybersecurity incidents.

    + Familiarity with preparing audit documentation and supporting compliance with federal cybersecurity standards.

    + Knowledge of securing cloud environments such as AWS , Azure, or Google Cloud Platform.

    + Strong written and verbal communication skills, with the ability to explain technical concepts to non-technical stakeholders.

    + Experience collaborating with cross-functional teams including system owners, administrators, and auditors.

    + Ability to develop security policies and deliver training to promote cybersecurity awareness and best practices.

     

    Applicants will be screened according to preferences.

     

    **Type** Benefited Staff

     

    Special Instructions Summary

     

    Additional Information

     

    _The University of Utah values candidates who have experience working in settings with students from diverse backgrounds and possess a strong commitment to improving access to higher education for historically underrepresented students._

     

    _Individuals from historically underrepresented groups, such as minorities, women, qualified persons with disabilities and protected veterans are encouraged to apply. Veterans’ preference is extended to qualified applicants, upon request and consistent with University policy and Utah state law. Upon request, reasonable accommodations in the application process will be provided to individuals with disabilities._

     

    _The University of Utah is an Affirmative Action/Equal Opportunity employer and does not discriminate based upon race, ethnicity, color, religion, national origin, age, disability, sex, sexual orientation, gender, gender identity, gender expression, pregnancy, pregnancy-related conditions, genetic information, or protected veteran’s status. The University does not discriminate on the basis of sex in the education program or activity that it operates, as required by Title IX and 34 CFR part 106. The requirement not to discriminate in education programs or activities extends to admission and employment. Inquiries about the application of Title IX and its regulations may be referred to the Title IX Coordinator, to the Department of Education, Office for Civil Rights, or both._

     

    _To request a reasonable accommodation for a disability or if you or someone you know has experienced discrimination or sexual misconduct including sexual harassment, you may contact the Director/Title IX Coordinator in the Office of Equal Opportunity and Affirmative Action:_

     

    _Director/ Title IX Coordinator_

     

    _Office of Equal Opportunity and Affirmative Action ( OEO /AA)_

     

    _383 University Street, Level 1 OEO Suite_

     

    _Salt Lake City, UT 84112_

     

    _801-581-8365_

     

    [email protected]_

     

    _Online reports may be submitted at_ **oeo.utah.edu**

    _For more information:_

    https://www.utah.edu/nondiscrimination/

    _To inquire about this posting, email:_

    [email protected]

     

    _or call 801-581-2300._

     

    _The University is a participating employer with Utah Retirement Systems (“URS”). Eligible new hires with prior URS service, may elect to enroll in URS if they make the election before they become eligible for retirement (usually the first day of work). Contact Human Resources at (801) 581-7447 for information. Individuals who previously retired and are receiving monthly retirement benefits from URS are subject to URS’ post-retirement rules and restrictions. Please contact Utah Retirement Systems at (801) 366-7770 or (800) 695-4877 or University Human Resource Management at (801) 581-7447 if you have questions regarding the post-retirement rules._

     

    _This position may require the successful completion of a criminal background check and/or drug screen._

     

    _https://safety.utah.edu/safetyreport This report includes statistics about criminal offenses, hate crimes, arrests and referrals for disciplinary action, and Violence Against Women Act offenses. They also provide information about safety and security-related services offered by the University of Utah. A paper copy can be obtained by request at the Department of Public Safety located at 1658 East 500 South._