Information Security Compliance Analyst

Information Security Compliance Analyst

Hiring Department: Applied Research Laboratories

Position Open To: All Applicants

Weekly Scheduled

Hours:

40

FLSA Status: Exempt

Earliest

Start Date:

Immediately

Location: PICKLE RESEARCH CAMPUS

Scale ARL:

UT's compliance program to accommodate the growing and evolving needs of the organization and its many customers by supporting the Information Security Compliance Manager and Information System Security Managers in carrying out the review of Laboratory classified information systems.

• Ensure classified systems follow government and ARL regulations while meeting program demands and operating in an accredited state.
• Assist in daily IT governance, risk management, and compliance functions.
• Oversee compliance assurance for daily administration of information security measures in compliance with NISPOM, DAAPM/DAAG, JSIG, DISA, and other relevant system security requirements including RMF.
• Assist in ensuring that classified information systems meet RMF requirements for National Security computing environments as defined by NIST 800-series, DSCA Assessment and Authorization Process Manual, JSIG, and other governing bodies. Conduct continuous monitoring reviews and self‑assessments to ensure compliance.
• Update and maintain system‑level Plan of Action and Milestones (POA&M) through compliance checks, STIG and SCAP reviews, and Nessus scanning.
• Draft detailed reports of compliance and self‑inspection outcomes for upper management review.
• Perform other related functions as assigned.

• HS/GED.
• Seven years of related experience with a minimum of 2 years of relevant cybersecurity experience, including compliance assessment and planning through the STIG and POA&M process.
• Hold a current Security+ or IAM/IAT equivalent level certification.
• Two or more years of experience working with the RMF, DAAPM/DAAG, NISPOM, JSIG or other equivalent security frameworks.

• Bachelor's in Computer Science, Cyber Security, or related field.
• Previous experience as an Auditor, ISSO, ISSE, Security Architect, or Information Security Analyst.
• Held cybersecurity positions in classified DoD environments for more than four years.
• Four or more years of experience working with Linux environments.
• Eligibility for immediate access to classified information at the appropriate level.
• Experience with vulnerability/compliance scanning tools (ACAS/Nessus, Retina, MBSA, SCAP).
• Experience with implementation of STIG/SRG compliance configurations.

$67,128 - $88,914+/negotiable depending on qualifications

• Standard office conditions.
• Repetitive use of keyboard at a workstation.
• Manual dexterity required.
• Possible weekend, evening, and holiday work.
• Possible interstate/intrastate travel.

• 100% employer‑paid basic medical coverage.
• Retirement contributions.
• Paid vacation and sick time.
• Paid holidays.

• Resume/CV.
• Three work references with contact information; at least one from a supervisor.
• Letter of interest.

The University of Texas at Austin is an equal opportunity/affirmative action employer and complies with all applicable federal and state laws regarding nondiscrimination and affirmative action. The University is committed to a policy of equal opportunity for all persons and does not discriminate on the basis of race, color, national origin, age, marital status, sex, sexual orientation, gender identity, gender expression, disability, religion, or veteran status in employment, educational programs and activities, and admissions.