Cybersecurity GRC Analyst

Overview Job Posting Title: Cybersecurity GRC Analyst Department: Information Security Office Location: AUSTIN, TX (This position can be a completely remote opportunity within most of the United States) • Weekly Hours: 40 • FLSA Status: Exempt Purpose: The Cybersecurity GRC Analyst will focus on the development, maintenance, and execution of governance, risk, and compliance activities that support the university’s Controlled Research Program, including programs operating under NIST 800-171, DFARS, ITAR, and CMMC requirements. Responsibilities Support and maintain the university’s cybersecurity GRC program, focusing on research computing environments that handle Controlled Unclassified Information (CUI) or other regulated data. Coordinate and perform security assessments and risk evaluations of research systems and projects against applicable regulatory frameworks (e.g., NIST 800-171, CMMC, DFARS, ITAR). Collaborate with research IT, sponsored programs, legal, and research stakeholders to support secure and compliant research practices across the institution. Create, update, and cross-reference controls and documentation across multiple regulatory frameworks to support streamlined and unified GRC practices. Develop and maintain System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), and other required compliance documentation for research programs. Work with ISO staff to extend enterprise policies and GRC tooling to meet the specialized needs of controlled research. Provide consulting and support to researchers and administrators on CUI compliance requirements, secure system design, and data handling best practices. Track and manage identified compliance gaps and risks in alignment with risk management strategies and institutional priorities. Contribute to broader ISO GRC initiatives such as policy development, compliance reporting, and framework alignment activities. Stay up to date on emerging federal compliance regulations and frameworks related to controlled research and incorporate into institutional practices as appropriate. Perform other duties as assigned to support the ISO’s cybersecurity and compliance objectives. Qualifications Required: U.S. Citizen, resident, or officially recognized asylee. Applicant selected will be subject to government security investigation and must meet eligibility requirements for access to classified information at the level appropriate to the project requirements of the position. Minimum of 3 years of experience in cybersecurity, audit, compliance, risk management, or GRC, with at least 1 year involving NIST 800-171, DFARS, CUI, or similar compliance frameworks. Familiarity with controlled research environments and compliance programs such as CMMC, ITAR, or FISMA. Solid understanding of information security principles, IT governance, and technical controls (access management, system hardening, auditing, data protection, etc.). Strong analytical, documentation, and project management skills. Excellent interpersonal and communication skills to interface with a diverse campus community including researchers, IT staff, and administrators. Demonstrated ability to work independently and collaboratively in a fast-paced, distributed team environment with strong written and verbal communication. Self-motivated to learn and share knowledge. Relevant education and experience may be substituted as appropriate. Preferred: Experience developing or maintaining SSPs/POA&Ms or other compliance documentation in research settings; experience with CMMC Level 2; familiarity with GRC platforms/tools (e.g., IsoraGRC); experience in academic or research institutions; knowledge of UT Austin policies and governance is a plus. Salary Salary Range: $125,000+ depending on qualifications. Working Conditions May work around standard office conditions. Repetitive use of a keyboard at a workstation. Use of manual dexterity. This position can be a completely remote opportunity (within most of the United States) and provides life/work balance with typically a 40-hour work week. Required Materials Resume/CV • 3 work references with their contact information (at least one reference from a supervisor) • Letter of interest. Equal Opportunity and Other Required Notices The University of Texas at Austin is an Equal Opportunity/ affirmative action employer. The university does not discriminate on the basis of race, color, national origin, age, marital status, sex, sexual orientation, gender identity, gender expression, disability, religion, or veteran status in employment, educational programs and activities, and admissions. The university may require background checks and other employment eligibility verifications as part of the hiring process. Employment eligibility at UT Austin includes verification under E-Verify where applicable. The university is tobacco-free on campus. For more information, see the UT Austin Human Resources and Compliance pages. #J-18808-Ljbffr University of Texas