Principal Research Security Architect

Job Title
Principal Research Security Architect

Requisition Number
RE53295

Working Title
Associate Director of Research Cyber Technology & Compliance

Department Name
40135:SECURE

Work Location
Lexington, KY

Grade Level
51

Salary Range
$93,954-159,744/year

Type of Position
Staff

Position Time Status
Full-Time

Required Education

MA

Click here for more information about equivalencies:
https://hr.uky.edu/employment/working-uk/equivalencies

Required Related Experience

10 yrs

Required License/Registration/Certification

CISSP, CISM, CMMC Registered Practitioner (RP), or CRISC.

Physical Requirements

Sitting at computer for long periods of time, and repetitive motions.

Shift

Monday-Friday; 8:00 a.m.- 5:00 p.m.

Job Summary

The University of Kentucky is establishing a new position to safeguard its expanding research computing infrastructure. As our research programs grow in scale and complexity, so do the regulatory demands surrounding our infrastructure. The Associate Director of Research Cyber Technology & Compliance will provide strategic leadership at the intersection of advanced data architecture, regulatory compliance, and cybersecurity. This role will lead the design of secure infrastructures for sensitive data, ranging from HIPAA-regulated medical datasets to DOD data while ensuring strict adherence to federal standards including NIST 800-171, NIST 800-053, CMMC, and export controls.

Skills / Knowledge / Abilities

Audit & Framework Expertise: Demonstrated success in leading organizations through rigorous external audits, such as NYSE requirements, SOX, SOC 1 & 2, or extensive federal assessments.

Academic & Medical Insight: Significant prior experience working within a university system, specifically with oversight of healthcare/medical data compliance (HIPAA) and academic security architecture.

Enterprise Architecture: A strong background in security architecture (with a track record of designing and implementing complex enterprise projects (100+ projects preferred).

Hybrid Compliance Fluency: The ability to navigate the nuance between NIST 800-171/CMMC (defense research) and HIPAA (medical research).

Multi-stakeholder Leadership: The ability to operate and interact with faculty and information systems, understanding the distinct cultures of both.

Does this position have supervisory responsibilities?
Yes

Preferred Education/Experience

10+ years of experience in IT security, compliance, or research technology leadership.

Deadline to Apply
03/17/2026

Our University Community

We value the well-being of each of our employees and are dedicated to creating a healthy place for everyone to work, learn and live. In the interest of maintaining a safe and healthy environment for our students, employees, patients and visitors, the University of Kentucky is a Tobacco & Drug Free campus.

The University follows both the federal and state Constitutions as well as all applicable federal and state laws on nondiscrimination. The University provides equal opportunities for qualified persons in all aspects of institutional operations and does not discriminate on the basis of race, color, national origin, ethnic origin, religion, creed, age, physical or mental disability, veteran status, uniformed service, political belief, sex, sexual orientation, gender identity, gender expression, pregnancy, marital status, genetic information or social or economic status.

Any candidate offered a position may be required to pass pre-employment screenings as mandated by University of Kentucky Human Resources. These screenings may include a national background check and/or drug screen.