As a member of the Office of the Vice President for Research & Economic Development (OVPRED), and working closely with the Office of Information Technology’s (OIT) Cybersecurity team, this position will be responsible for providing cybersecurity management of multiple programs including Controlled Unclassified Information (CUI) management, Cybersecurity Maturity Model Certification (CMMC), Research Electronic Data Capture System (REDCap), and Electronic Research Administration. The Research Technology Cybersecurity Manager will be responsible for the planning, engineering, development, implementation, and compliance monitoring for Auburn University’s unclassified research systems and programs. Serves as the principle advisor on all technical matters relating to the security posture of the information systems processing unclassified research information up to and including CUI and PHI. Under minimal supervision, serves as the principal cyber security manager ensuring that research programs meet and maintain a required level of security and any certifications in accordance with applicable framework, to include CMMC. The Manager position will coordinate the development of University cybersecurity standards, guidelines and procedures based on a recognized framework of best practices and in support of the Auburn University IT policies and procedures.
The Research Technology Cybersecurity Manager will oversee the OVPRED security program to ensure compliance with federal security regulations, as well as contractual agreements regarding the protection of data up to and including controlled unclassified information (CUI) and protected health information (PHI). The manager will assist senior level administrators, faculty, staff and students with guidance and interpretation of federal government regulations and policies concerning CUI and PHI.
The Research Technology Cybersecurity Manager will develop, maintain, coordinate, and communicate policies, procedures, and practices governing the usage, maintenance, and security research information systems within the university. Partner with government agencies to obtain rulings, interpretations, and acceptable deviations for compliance with regulations.
This position is responsible for:
i.The preparation and maintenance of System Security Plans (SSP) to accurately reflect the installation and security provisions of the unclassified research information systems thereby assuring Auburn obtains and maintains CMMC certification.
ii.The development and maintenance of Plan of Action and Milestones (POA&M) used to identify information system weaknesses, mitigating actions, resources, and timelines for corrective actions.
iii.Implementation of an effective information system security education, training, and awareness program to ensure compliance with government regulations.
iv.Conducting technical security control assessments and baseline validations to identify vulnerabilities and correct deficiencies as part of a continuous monitoring program.
v.Ensuring audit records are collected and analyzed in accordance with the System Security Plans.
vi.Assisting with the design of secure networks and determine best practice methods based on requirements.