[Hiring] Cybersecurity GRC Analyst @University of Texas at Austin

Role Description

This position can be a completely remote opportunity (within most of the United States) and provides life/work balance with typically a 40-hour work week. Flexible work arrangements are available for this position along with a competitive salary and benefits (and an amazing opportunity to make an impact and do good across the planet).

The position resides within the Information Security Office (ISO) and plays a vital role in supporting the governance, risk, and compliance program—particularly in the area of controlled research and CUI (Controlled Unclassified Information) compliance.

• Support and maintain the university’s cybersecurity GRC program, focusing on research computing environments that handle Controlled Unclassified Information (CUI) or other regulated data.
• Coordinate and perform security assessments and risk evaluations of research systems and projects against applicable regulatory frameworks (e.g., NIST 800-171, CMMC, DFARS, ITAR).
• Collaborate with research IT, sponsored programs, legal, and research stakeholders to support secure and compliant research practices across the institution.
• Create, update, and cross-reference controls and documentation across multiple regulatory frameworks to support streamlined and unified GRC practices.
• Develop and maintain System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), and other required compliance documentation for research programs.
• Work with ISO staff to extend enterprise policies and GRC tooling to meet the specialized needs of controlled research.
• Provide consulting and support to researchers and administrators on CUI compliance requirements, secure system design, and data handling best practices.
• Track and manage identified compliance gaps and risks in alignment with risk management strategies and institutional priorities.
• Contribute to broader ISO GRC initiatives such as policy development, compliance reporting, and framework alignment activities.
• Stay up to date on emerging federal compliance regulations and frameworks related to controlled research and incorporate into institutional practices as appropriate.
• Perform other duties as assigned to support the ISO’s cybersecurity and compliance objectives.

Qualifications

• U.S. Citizen, resident, or officially recognized asylee.
• Minimum of 3 years of experience in cybersecurity, audit, compliance, risk management, or GRC, with at least 1 year involving NIST 800-171, DFARS, CUI, or similar compliance frameworks.
• Familiarity with controlled research environments and compliance programs such as CMMC, ITAR, or FISMA.
• Solid understanding of information security principles, IT governance, and technical controls (access management, system hardening, auditing, data protection, etc.).
• Strong analytical, documentation, and project management skills.
• Excellent interpersonal and communication skills to interface with a diverse campus community including researchers, IT staff, and administrators.
• Demonstrated ability to work independently and collaboratively in a fast-paced, distributed team environment.
• Strong synchronous and asynchronous communication skills.
• Self-motivated to learn and share knowledge.
• Relevant education and experience may be substituted as appropriate.

Requirements

• Experience developing or maintaining System Security Plans (SSPs), POA&Ms, or other compliance documentation in research settings.
• Experience with CMMC Level 2 compliance initiatives or pre-assessment support.
• Familiarity with GRC platforms and tools (e.g., IsoraGRC).
• Experience supporting academic or research institutions in regulated environments.
• Knowledge of UT Austin’s research infrastructure, policies, and governance (a plus but not required).

Benefits

• Competitive health benefits (employee premiums covered at 100%, family premiums at 50%).
• Voluntary Vision, Dental, Life, and Disability insurance options.
• Generous paid vacation, sick time, and holidays.
• Teachers Retirement System of Texas, a defined benefit retirement plan, with employer matching funds.
• Additional Voluntary Retirement Programs: Tax Sheltered Annuity 403(b) and a Deferred Compensation program 457(b).
• Flexible spending account options for medical and childcare expenses.
• Robust free training access through LinkedIn Learning plus professional conference opportunities.
• An exclusive incentive pay program.
• A great physical office space should you prefer to work from campus.
• Tuition assistance.
• Expansive employee discount program including athletic tickets.
• Free access to UT Austin's libraries and museums with staff ID card.
• Free rides on all UT Shuttle and Austin CapMetro buses with staff ID card.