Information Security Analyst

Job Summary

The Information Security Analyst is responsible for identifying information security risks, recommending appropriate controls, and promoting compliance with applicable regulatory and contractual requirements. This role supports the University's information security governance, risk, and compliance (GRC) efforts by collaborating with technical teams, auditors, and institutional stakeholders to assess controls, mitigate risk, and strengthen the overall security posture.

The successful candidate will apply sound judgment, strong analytical skills, and effective communication to support compliance initiatives, evaluate risk, and contribute to a culture of security awareness and continuous improvement.

Minimum Education and Experience

Bachelor's degree in computer science, information management, or other relevant field. One (1) year of general work experience in any field. An equivalent combination of education and experience may be considered.

Preferred Education and Experience

Preferred Education and Experience

• Advanced degree in Computer Science, Information Management, Business Administration, Engineering, Education, Library Science, or another relevant field.
• One to three years of relevant experience designing, implementing, and/or auditing information security programs, demonstrating a strong understanding of information security processes, technologies, and best practices
• Experience working in a higher education environment in a role accountable for system security
• Hands-on experience with governance, risk, and compliance (GRC) tools and technologies, such as HECVAT, BitSight, and LogicGate

Other Qualifications

To the extent this position requires the holder to research, work on, or have access to critical infrastructure as defined in Section of the Texas Business and Commerce Code, the ability to maintain the security or integrity of the critical infrastructure is a minimum qualification to be hired and to continue to be employed in the position.

Essential Duties and Responsibilities

Essential Duties

• Generate metrics and reports to convey the status of information security compliance and risks to stakeholders, including but not limited to University leadership, UT System Administration, Texas Department of Information Resources, and insurance providers
• Work closely with OIT, Internal Audit, and schools and departments to understand, assess, and develop plans for achieving compliance and mitigating risk across all aspects of the operational environment
• Support the successful outcome of projects
• Maintain accurate documentation of ISO systems and processes
• Demonstrate understanding of security technologies including, but not limited to, traffic analysis, anti-malware endpoint protection, intrusion detection systems, intrusion prevention systems, and firewalls
• Demonstrate the ability and willingness to learn to keep up with industry trends and best practices
• Maintain the highest levels of ethics and integrity while performing duties, representing ISO and UTD, and handling University data
• Communicate and collaborate effectively with all teammates and stakeholders in written and verbal formats
• Demonstrate professionalism, dependability, and responsibility if approved to work remotely
• Perform other duties as assigned

GRC Role-Specific Duties

• Contribute to information security policies, standards, procedures, and guidelines
• Review exemption requests including compensating controls and tracking of recommendations and expiration
• Contribute to classification of information assets
• Assess compliance with regulations including, but not limited to, Texas Administrative Code 202 (TAC 202), Texas Medical Records Privacy Act, Texas Public Information Act (TPIA), Family Educational Rights and Privacy Act (FERPA), Health Insurance Portability and Accountability Act (HIPAA), FBI's Criminal Justice Information Services (CJIS), GDPR, Gramm–Leach–Bliley Act (GLBA), Digital Millennium Copyright Act (DMCA), and TX-RAMP.
• Understand and perform risk assessments using framework such as NIST 800-53, NIST , University of Texas System 165 (UTS 165), Payment Card Industry Data Security Standard (PCI DSS), Cybersecurity Maturity Model Certification (CMMC), and Higher Education Community Vendor Assessment Toolkit (HECVAT)
• Assess compliance and risks associated with the research enterprise including regulatory and contractual requirements
• Perform evaluation of third-party vendors and cloud-based applications to advise on risks to the University
• Develop responses to risk questionnaires, for example, for obtaining cyber liability insurance or informing Compliance team via quarterly updates

Physical Demands and Working Conditions Physical Activities Working Conditions Additional Information

Please note that visa sponsorship is not available for this role. Must be a U.S. Citizen or Lawful Permanent Resident to meet USCIS eligibility requirements.

Remote Work Notice

A hybrid remote work schedule may be available, with a requirement of at least two days per week in the office. Employees must be located within the Dallas/Fort Worth Metroplex area and have the ability to be on campus for work activities as scheduled and/or with 24-hour notice. Completion and approval of a UT Dallas Remote Work Agreement will be required upon employment, and use of personal computer, internet, and other standard equipment may be required. Remote work arrangements are subject to regular review and re-approval and may be canceled at any time.

What We Can Offer

UT Dallas is an Equal Opportunity Employer. We offer an employee-friendly work environment with a comprehensive benefit package including:

Competitive Salary

Tuition Benefits

Internal Training

Medical insurance – including 100% paid employee medical coverage for full-time employees

Dental Insurance

Vision Insurance

Long and short-term disability

Retirement Plan Options

Paid time off

Paid Holidays

All UT Dallas employees have access to various professional development opportunities, including a membership to Academic Impressions, LinkedIn Learning, and UT Dallas Bright Leaders Program.

Visit for more information.

Special Instructions Summary Important Message

1) All employees serve as a representative of the University and are expected to display respect, civility, professional courtesy, consideration of others and discretion in all interactions with members of the UT Dallas community and the general public.

2) The University of Texas at Dallas is committed to providing an educational, living, and working environment that is welcoming, respectful, and inclusive of all members of the university community. UT Dallas does not discriminate on the basis of race, color, religion, sex (including pregnancy), sexual orientation, gender identity, gender expression, age, national origin, disability, genetic information, or veteran status in its services, programs, activities, employment, and education, including in admission and enrollment. The University is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities. To request reasonable accommodation in the employment application and interview process, contact the ADA Coordinator. For inquiries regarding nondiscrimination policies, contact the Title IX Coordinator.