Director of Research Information Security Strategy

Department:

Information Security Administration

-----

Information Security Engineering and Operations

Position Title:

Director of Research Information Security Strategy

Job Family Group:

Professional Staff

Job Description Summary:

The Director of Research Information Security Strategfy reports to the Chief Information Security Officer, while collaborating closely with IT Governance and Research Leadership to ensure project milestones are appropriately prioritized and met.

The Director provides strategic leadership in aligning research technology initiatives with the university’s broader information security and risk management goals. This position acts as a key advisor and liaison between research teams and IT services (KITS), ensuring that all technology integration solutions are both compliant and supportive of the university's research mission. The Director will drive initiatives to enhance research-related cybersecurity and risk governance, while also facilitating clear communication between technical teams and researchers. This role requires a professional with a deep understanding of both IT infrastructure and information security principles, coupled with excellent communication and relationship-building skills. This individual will work closely with researchers to understand their unique needs, translate those needs into technical requirements, and collaborate with the KITS teams to develop solutions that are secure, compliant, and effective.

This position requires being on-site three or more days a week and does not have any direct reports.

Job Description:

Job Responsibilities:

Consultation & Communication:

• Engage with university researchers to understand their specific technology onboarding needs including the IT and IS needs for deployment.
• Clearly and effectively communicate the technical and security needs of emerging researcher technologies to KITS teams
• Act as a primary contact of communication with technology vendors to collect all necessary documentation to support a full, robust risk analysis and integration discussion with the Information Security, Systems Integration, Software Support, Hardware Support, Customer Support, Networking, and other KITS teams as needed.
• Work directly with vendors to describe any technology limitations that may emerge from the proposed integration solution.
• Serve as the primary point of contact between researchers and KITS teams for projects, ensuring both sides are aligned on expectations and requirements.
• Coordinate with Enterprise Project Management as needed to ensure project alignment.

Solution Development & Implementation:

• Collaborate with KITS teams to design and implement solutions that meet the researchers' needs while adhering to regulations, state and university policies, industry best practices, and compliance requirements.
• Evaluate existing IT and security solutions and propose enhancements or alternatives that better align with the needs of the research community.
• Drive technology deployment solutions to completion addressing challenges timely which would otherwise lead to a failure of deployment.

Translation of Technical Solutions:

• Translate complex IT and security solutions into language that is understandable for non-technical individuals.
• Ensure researchers are fully aware of any limitations, boundaries, or requirements associated with the implemented solutions.

Relationship Building & Management:

• Foster strong, positive relationships with researchers and KITS personnel
• Act as a trusted advisor and advocate for researchers within the KITS teams.
• Facilitate open lines of communication to ensure ongoing alignment and satisfaction among all stakeholders.

Training & Support:

• Provide ongoing training and support to researchers on the use of IT systems which support compliant and desirable solutions.
• Develop and deliver workshops or informational sessions tailored to the research community’s needs.
• Responsible for coordinating rounding tours with researchers for routine technology health checks, documenting findings and working with KITS teams to appropriately route workstreams for follow up and implementation.

Compliance & Risk Management:

• Ensure that all IT solutions comply with policies, as well as applicable regulatory and legal requirements including data security and retention policies.
• Assist researchers in understanding and adhering to information security protocols to protect sensitive data and research outputs.  This may require developing or implementing strategies which are responsive to a variety of types of data and policy standards.

Continuous Improvement:

• Gather feedback from researchers on the effectiveness of IT and security solutions, and work with KITS teams to make necessary adjustments
• Stay up to date with the latest trends and advancements in IT and IS, particularly as they relate to academic research.
• Stay up to date with emerging technologies across the life science research domains.
• Participate in the development of a long-term security roadmap for research-related IT systems.

This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. It is only a summary of the typical functions of the job, not an exhaustive list of all possible job responsibilities, tasks, duties, and assignments. Furthermore, job duties, responsibilities and activities may change at any time with or without notice. 

Required Qualifications:

Education:

• Bachelor’s degree in information technology, computer science, or a related field OR bachelor’s degree in biology or related science with lab experience and demonstrated knowledge of computer science or information technology

Work Experience:

• 10+ years of combined experience in information technology (IT), information security (IS) and highly technical research laboratory roles
• Background in IT infrastructure and information security, with a focus on compliance, risk management, or technology integration
• Proven experience in project management and cross-functional multidisciplinary collaboration
• Experience with IS Risk Management (ISRM)
• 3+ years in a leadership role within research or IT disciplines
• Experience leading cross-functional teams, driving strategic initiatives.
• Experience managing multiple projects with varying timelines, stakeholders, and information streams simultaneously.

Preferred Qualifications:

Education:

• Master’s degree in information technology, computer science, or other scientific field
• ITIL, PMP, Security+, CISA, SSCP, CISSP, CISM, CRISC or other relevant certifications

Work Experience:

• 3+ years in an academic research environment
• Proven track record of deploying various types of research technologies in a secure, compliant fashion.
• Experience with relevant regulations and standards (e.g., NIST 800-53 & 171, HIPAA, NSPM-33)
• Research laboratory experience including primary data collection, analysis, sharing and dissemination including high performance computing across a variety of technology platforms.
• Experience using with research methodologies, data analysis tools, and laboratory information management systems (LIMS)

Skills:

• Problem solving and organizational skills.
• Interpersonal and communication skills.
• Time and project management skills.

Required Documents:

• Resume/CV
• Cover Letter

If selected as a final candidate for this position, you may be required to complete the Association of American of Universities Representations and Warranties document and sign a release of records that will allow the University of Kansas Medical Center to conduct a further background check with former employers.  A copy of the Representations and Warranties document can be found here.

Comprehensive Benefits Package:

Coverage begins on day one for health, dental, and vision insurance and includes health expense accounts with generous employer contributions if the employee participates in a qualifying health plan. Employer-paid life insurance, long-term disability insurance, and various additional voluntary insurance plans are available. Paid time off, including vacation and sick, begins accruing upon hire, plus ten paid holidays. One paid discretionary day is available after six months of employment, and paid time off for bereavement, jury duty, military service, and parental leave is available after 12 months of employment. A retirement program with a generous employer contribution and additional voluntary retirement programs (457 or 403b) are available. https://www.kumc.edu/human-resources/benefits.html

Employee Type:

Regular

Time Type:

Full time

Rate Type:

Salary

Compensation Statement:

The pay range listed for this position is determined by our compensation program using market data and salary benchmarking. A combination of factors is considered in making compensation decisions including, but not limited to, education, experience and training, qualifications relative to the requirements of the position, and funding. At the University of Kansas Medical Center, a reasonable estimate for the starting pay range will be the minimum to midpoint of the posted range, taking into account the combination of factors listed above. 

Pay Range:

$96,000.00 - $152,000.00

Minimum

$96,000.00

Midpoint

$124,000.00

Maximum

$152,000.00