Senior Security Engineer

The University of Arizona Global Campus is seeking a highly skilled and experienced Senior Security Engineer to join our remote team. In this role, they will lead efforts to enhance and maintain the security of our information technology systems and infrastructure while also managing compliance with regulatory requirements and industry best practices. The Senior Security Engineer will collaborate closely with IT teams, compliance experts, and stakeholders to safeguard the university's digital assets and ensure adherence to IT compliance standards.

Candidates working anywhere in the U.S. may be considered for a remote assignment.

Outstanding UA benefits include health, dental, and vision insurance plans; life insurance and disability programs; paid vacation, sick leave, and holidays; UA/ASU/NAU tuition reduction for the employee and qualified family members; retirement plans; access to UA recreation and cultural activities; and more!

The University of Arizona has been recognized for our innovative work-life programs. For more information about working at the University of Arizona and relocations services, please click here.

Duties & Responsibilities

Information Security Management and Compliance

• Develop, implement, and maintain information security architectures and solutions to protect the UAGC's IT infrastructure.
• Evaluate and manage system security across the institution, including monitoring, documenting, and reporting changes to ensure compliance with HIPAA, FERPA, PCI, and other relevant regulations.
• Investigate and respond to potential security incidents, coordinating with relevant teams to mitigate risks and ensure timely resolution.
• Conduct, manage, and review regular vulnerability scans and logs, assigning remediation tasks and following up to completion.
• Monitor the external threat environment, advising relevant stakeholders on appropriate courses of action to mitigate risks.
• Ensure that information security concerns are integrated into the college's business strategies, requirements, and projects, supporting the alignment of IT initiatives with overall institutional goals.

Risk Assessment and Management

• Conduct comprehensive risk assessments and analyze business impacts and exposure based on emerging security threats, vulnerabilities, and risks.
• Develop and execute corrective action plans (CAP), ensuring alignment with the college's strategic goals and regulatory requirements.
• Provide continuous monitoring of the information security program, creating and updating CAPs and managing progress to completion as needed.
• Establish metrics and a reporting framework to measure the efficiency, effectiveness, and maturity level of the security program.
• Prepare and present detailed reports on the status of the information security program to senior leadership, including an annual enterprise risk assessment.

Collaboration and Stakeholder Engagement

• Serve as the primary information security liaison with the Information Security Office, the University Privacy Program Office, and other regulatory bodies.
• Collaborate with UITS ISO, the HIPAA Privacy Office, and other regulatory entities as the primary liaison during any actual or potential information security events.
• Act as a security expert in application development, database design, and network security, collaborating with teams to ensure security measures are integrated into all projects.
• Participate in the development of data management plans for researchers, ensuring information security and HIPAA compliance.
• Ensure effective communication and collaboration between UAGC's and relevant stakeholders on matters related to information security, compliance, and risk management.

Training and Awareness

• Develop and execute the security education and communication strategy for the UAGC's including advocating and enforcing participation in HIPAA Privacy and Information Security Awareness programs.
• Conduct regular training sessions for staff and faculty on information security, compliance, and risk management best practices.
• Advocate and enforce information security training activities for the HIPAA Privacy and Information Security Awareness programs.

Continuous Improvement and Innovation

• Research, design, and advocate for the adoption of new technologies that enhance UAGC's information security posture.
• Stay informed of current trends, news, and developments in information technology related to HIPAA compliance, vulnerabilities, security breaches, and malicious attacks.
• Periodically review UAGC's security control set, overseeing the introduction and implementation of new security tools and platforms as necessary.
• Prepare and maintain comprehensive documentation for all security-related activities, ensuring it meets regulatory requirements and is accessible to relevant stakeholders.
• Provide leadership and guidance on information security topics, including the development of business continuity and disaster recovery plans.

Knowledge, Skills, Abilities

• Strong knowledge of cybersecurity frameworks, standards, and regulatory requirements.
• Expertise in security architecture design and implementation.
• Proficiency in incident response, threat detection, and vulnerability management.
• Strong analytical and problem-solving skills.
• Excellent written and verbal communication skills.
• Ability to work both independently and collaboratively in a remote team environment.
• Knowledge of NIST, ISO 27001, HIPAA, FERPA, GDPR, and PCI-DSS.

• Bachelor's Degree AND Minimum of 8 years of relevant work experience.

OR

• Equivalent combination of education and work experience.

FLSA Exempt

Full Time/Part Time Full Time

Number of Hours Worked per Week 40

Job FTE 1.0

Work Calendar Fiscal

Job Category Information Technology

Benefits Eligible Yes - Full Benefits

Rate of Pay $99,901 - $129,871

Compensation Type salary at 1.0 full-time equivalency (FTE)

Grade 12

Compensation Guidance The Rate of Pay Field represents the University of Arizona's good faith and reasonable estimate of the range of possible compensation at the time of posting. The University considers several factors when extending an offer, including but not limited to, the role and associated responsibilities, a candidate's work experience, education/training, key skills, and internal equity.

The Grade Range represent a full range of career compensation growth over time. The university offers compensation growth opportunities within its career architecture. To learn more about compensation, please review our Applicant Compensation Guide and our Total Rewards Calculator.

The grade range for this position is $99,901-$159,847. Each unit typically sets starting pay between the minimum and midpoint upon hire as reflected in the Rate of Pay field above.

Career Stream and Level PC4

Job Family Information Security

Job Function Information Technology

Type of criminal background check required: Fingerprint criminal background check (security sensitive due to title or department)

Number of Vacancies 1

Target Hire Date

Expected End Date

Contact Information for Candidates uits-jobs@arizona.edu

Open Date 5/1/2025

Open Until Filled Yes

Documents Needed to Apply Resume and Cover Letter

Special Instructions to Applicant The application window is anticipated to close on 05/11/2025.

Notice of Availability of the Annual Security and Fire Safety Report In compliance with the Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act (Clery Act), each year the University of Arizona releases an Annual Security Report (ASR) for each of the University's campuses.Thesereports disclose information including Clery crime statistics for the previous three calendar years and policies, procedures, and programs the University uses to keep students and employees safe, including how to report crimes or other emergencies and resources for crime victims. As a campus with residential housing facilities, the Main Campus ASR also includes a combined Annual Fire Safety report with information on fire statistics and fire safety systems, policies, and procedures.
Paper copies of the Reports can be obtained by contacting the University Compliance Office at cleryact@arizona.edu.