Jobs UNIVERSITY OF COLORADO BOULDER

Vision:

• OIT will be valued by campus as a strategic, inclusive and innovative partner in advancing learning and discovery in order to enable CU Boulder to be an outstanding public university.

Mission:

• OIT enables campus priorities by providing high-value IT services and solutions.

Values:

• Trust, as a foundation for how we engage with one another and with campus partners, along with
• Curiosity in how to better support the campus and our partner’s while
• Encouraging empowerment and authentic engagement among ourselves and
• Celebrating a culture that promotes a sense of belonging while acknowledging that each person is unique and valued.

Strategy:

• OIT will advance learning and discovery by delivering high-value reliable IT services and solutions that:
• Provide a fluid and adaptable academic and student experience
• Enable research competitiveness and
• Deliver core infrastructure and enterprise IT services for business efficiency.

Strategic Research Enablement & Integration:

• Serve as a strategic integrator between researchers, compliance offices, and technical implementers, ensuring mutual understanding and alignment, effectuating cross-unit decision making and to help educate on the current infrastructure to guide future grant and research opportunities.
• Lead efforts to adopt and extend the Trusted CI Framework, grounding CU Boulder’s practices in evidence-based, researcher-driven cybersecurity solutions.
• Provide information security subject matter expertise informing planning efforts around classified environments.
• Through an IT Security lens, serve as a trusted partner, problem-solver, and proactive strategic advisor to faculty and research teams, championing adoption and communication, ensuring researchers, faculty and staff understand the tools, frameworks, and expectations for secure research.
• Promote a culture of compliance that values clarity, accountability, and thoughtful, leadership-supported risk management.
• Provide information security guidance for CU Boulder’s grant and contract review process to guide and facilitate alignment of supporting systems and platforms with business needs and security requirements.

Coordinate Systems and Service Evolution:

• Work in partnership with OIT and Research Computing service owners (e.g., CMMC compliant enclave, supercomputer, peta-scale storage, and secure computing environments) to identify gaps, prioritize enhancements, and promote adoption.
• Bring a technical understanding of system architecture and ITIL principles to translate compliance needs into actionable service roadmaps, without direct operational ownership.

Advance Research Cybersecurity and Risk Mitigation:

• Work proactively and collaboratively with Export Control, Ethics & Compliance, Contracts & Grants, and peers within the Office of Information Technology Security to sustain and enhance compliance with NIST 800-171, CMMC, DFARS, and other federal mandates impacting university researchers.

• Visa sponsorship is not available for this position.
• This position is in a hybrid work situation. This role will work on-campus to meet with researchers, provide consultation in labs, and assist with business needs, and will have the opportunity for some remote work as well.
• Due to the requirement to access export-controlled data and information, only U.S. citizens, lawful permanent residents (green cards), or other protected individuals (i.e., persons designated as an asylee, refugee, or a temporary resident under amnesty provisions) may apply.

The annual salary for this full-time position is $110,000 - $130,000.

• Bachelor’s degree (or equivalent experience) from an accredited institution in information technology, computer science, law or related field. A combination of education and/or experience as described below can be substituted for the degree on a year for year basis.
• 5+ years of experience in cybersecurity, research compliance, or risk management within higher education, government, or research settings.
• Demonstrated ability to collaborate across technical, administrative, and academic communities.
• Deep understanding of research data lifecycles, cybersecurity frameworks, and compliance standards.

• Ability to be a visibly involved leader with strong relationship skills, a reputation for visibility, integrity, and high ethical standards, who will rigorously uphold quality standards earning the trust of individuals within and outside the university.
• An open-minded and multi-dimensional approach to problem-solving.
• Ability to comprehend complex technical information in research proposals and agreements.
• Ability to organize work effectively, conceptualize and prioritize objectives, and exercise independent judgment based on an understanding of university policies and activities.
• Proficient interpersonal and communication skills demonstrated by effective interactions and clear articulation of organizational goals.
• Track record of establishing relationships quickly and effectively across a broad constituency; a high degree of ease, sensitivity, and flexibility in working with partners across organizational lines.
• Ability to bring parties with disparate views toward mutually beneficial outcomes.
• Demonstrated proficiency in communicating complex regulations and policies.
• Experience analyzing dynamic contracts, legal documents, and policies, including intellectual property.
• Ability to evaluate internal controls and understand organizational risk, implementing appropriate policies or procedures to ensure compliance.
• Passion for service excellence, including research and operational integrity.
• Ability to collect and analyze data, develop performance indicators and benchmarks, identify trends, and implement changes to achieve operational effectiveness.
• Solid understanding of higher education or research organization policies, practices and procedures, including reporting standard methodologies.

• PHD (or equivalent experience) in information technology, computer science, or a related subject area.
• Experience with federal research compliance regimes (e.g., Export Controls, FISMA, CMMC, IRB).
• Familiarity with ITIL and enterprise system architecture.
• Familiarity with the Trusted CI Framework.
• Demonstrated national-level presence within the research communities.
• Ability to acquire a US Government security clearance.