Senior Secure Research Systems Engineer

About The Position

Requirements

• Demonstrable implementation experience with NIST SP 800-171, NIST SP 800-53, FIPS 140- and DISA STIG
• Bachelor's degree in Computer Science, Engineering, Information Technology, or a related field, or equivalent experience (HS diploma + extensive experience and certifications will be considered)
• 3+ years of professional experience working in highly secure compliant hybrid environments such as CUI, NIST, ITAR.
• 3+ years of experience infrastructure engineering, including computer, storage, AD, and virtualization technologies.
• 3+ years expert experience in the IAAS cloud service model (Azure, AWS, or Google Cloud) or hybrid environments.
• 5+ years of experience in server administration with Linux (Ubuntu, RedHat) and Windows.
• Demonstrable proficiency with scripting, automation and configuration management, using automation framework tools (e.g., Ansible, Terraform, Chef, Puppet, CloudFormation).
• Deep understanding of related networking concepts like SDNs, VRFs, DNS, switch, network routing, and access control methods (ACLs, firewalls, security policies) and IPSEC.
• Able to architect and fortify research endeavors expertly
• Excellent problem-solving skills and an ability to adapt to rapidly changing technologies
• Work on-site and well under pressure with crucial timelines and accountability
• Demonstrated ability to handle multiple tasks and projects simultaneously
• Excellent oral and written communication skills, with a demonstrated ability to translate complex technical concepts for non-technical audiences including investigators, faculty, and research staff
• Ability to collaborate with cross-functional teams to design and implement solutions
• Ability to communicate effectively with investigators and research teams — explaining compliance requirements, system constraints, and onboarding processes in accessible, non-technical terms
• Demonstrated proficiency in technical writing and the production of compliance artifacts, including System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), and Technology Control Plans (TCPs)
• Equivalent combination of relevant education and experience may be substituted as appropriate.
• Must be authorized to work in the United States on a full-time basis for any employer without sponsorship.
• This position requires you to maintain internet service and a mobile phone with voice and data plans to be used when required for work.

Nice To Haves

• Articulate and collaborative with the ability to make things happen
• Comprehensive understanding and appreciation of leading-edge research and security requirements
• Security clearances may be needed for some work
• Professional certifications such as CISSP, CISM, GIAC, CEH, Security+, or Microsoft Certified: Security Operations Analyst.
• DevSecOps Cloud certifications such as Microsoft AZ-500, AZ-305, SC-100, AWS Security Specialty, or (ISC)² CCSP
• Experience with advanced troubleshooting tools (e.g., Splunk)
• VMWare experience (vSphere, VSAN, NSXT, vRealize/Aria and/or Tanzu)
• Experience with AWS Elastic Load Balancing (ALB, NLB), VPC networking, Route 53, and Azure Load Balancer, Application Gateway, Traffic Manager, and Virtual Networks (VNet)
• Experience with containerization (Docker, Kubernetes)
• Experience with Git version control systems and branching strategies
• Working knowledge of ITIL processes, specifically Incident Management, Change Management, Problem Management

Responsibilities

• Configure and maintain secure cloud infrastructure (GovCloud/GCC High), endpoint management, and SIEM tooling in alignment with CRSP-approved platform decisions.
• Coordinate with ISO to ensure security monitoring integrations — including log forwarding to ISO-managed platforms — are functional and maintained.
• Maintain a university wide infrastructure environment, associated resources, and provide support for research involving controlled unclassified information (CUI).
• Administer Linux and Windows servers, endpoints and other IT assets.
• Conduct security operations, monitor events, and respond to incidents across multiple enclaves.
• Design and maintain the technical implementation of security standards, policies, procedures and controls based on CUI best practices, compliance frameworks, and audit findings.
• Support processes to bring projects into compliance with Cybersecurity Maturity Model Compliance (CMMC) 2.0 requirements.
• Implement and enforce technical controls under NIST (SP) 800-171 or NIST (SP) 800-53 or FIPS 140-2 controls, including encryption, access controls, logging, and endpoint protection.
• Design and manage cryptographic mechanisms for data at rest, data in transit, digital signatures, and message integrity (HMAC, TLS, IPSEC).
• Provide artifacts for Department of Defense audits.
• Collaborate with restricted research teams (researchers, faculty and staff) to establish secure research computing and laboratory environments in compliance with federal CUI regulations.
• Partner with the CRSP Director and Deputy Director to manage POA&Ms, SSPs, and technical remediation planning.
• Document technical processes and collect required artifacts for CUI assessments.
• Engage in ongoing risk assessment across the college research environment and develop risk registers aligned to NIST controls.
• Evaluate new and existing technologies for compliance with information governance controls (e.g., access, authentication, encryption, logging, retention).
• Perform other related functions as assigned.

Benefits

• Competitive health benefits (Employee premiums covered at 100%, family premiums at 50%)
• Vision, Dental, Life, and Disability insurance options
• Paid vacation, sick leave, and holidays
• Teachers Retirement System of Texas (a defined benefit retirement plan)
• Additional Voluntary Retirement Programs: Tax Sheltered Annuity 403(b) and a Deferred Compensation program 457(b)
• Flexible spending account options for medical and childcare expenses
• Training and conference opportunities
• Tuition assistance
• Athletic ticket discounts
• Access to UT Austin's libraries and museums
• Free rides on all UT Shuttle and Capital metro buses with staff ID card