A cover letter is required for consideration for this position and should be attached as the first page of your resume. Applications without cover letters will not be considered. The cover letter should address your specific interest in the position and outline skills and experience that directly relate to this position.
The University of Michigan Office of the Vice President for Research (OVPR) seeks a Research Information Security Manager to assist the Assistant Director, Research Information Security in supporting the Research Information Security Oversight (RISO) program. The RISO program encompasses compliance with the federal Controlled Unclassified Information (CUI) program and National Industrial Security Program (NISP). The position requires working knowledge of CUI, the National Industrial Security Program Operating Manual (NISPOM), applicable National Institute of Standards and Technology (NIST) compliance requirements, and the ability to effectively manage competing high priority tasks with minimal supervision.
This is a hybrid work environment involving one day per month in the office and the ability to engage in additional in-person events such as Defense Counterintelligence and Security Agency (DCSA) meetings, facility walk throughs, training, or other occurrences. The applicant would therefore optimally live within a reasonable commuting distance.
Key responsibilities include but are not limited to the following:
Research Information Security
In coordination with university units (Information & Infrastructure Assurance [IIA], Information Technology Services [ITS], Advanced Research Computing [ARC], Office of Sponsored Projects [ORSP]) and Schools/Colleges support a comprehensive program for research projects requiring information security controls, including compliance with CUI requirements in federal contracts.
In collaboration with ORSP review research agreements that include enhanced security requirement clauses to determine if they apply to the sponsored project.
Assist ORSP Project Representatives to get clarification from the sponsor and/or negotiate the contract clauses when necessary.
Work with the Principal Investigator (PI), school/college representatives, IIA, and unit IT to develop the appropriate security plan and provide ongoing management.
Maintain accurate records of all contract security reviews and related documentation.
Serve as a resource and liaison to faculty and administrators for the RISO program and other security compliance requirements.
In collaboration with compliance offices, conduct ongoing monitoring of sponsored programs to ensured continued compliance with security requirements.
Provide CUI and similar training to affected U-M personnel.
Monitor changes in CUI and similar security requirements affecting U-M training, policies, and procedures and take necessary action to keep them current.
Assist with the U-M planning effort to develop and deploy CUI services across the U-M research community.
Enter and maintain information in the Supplier Performance Risk System (SPRS) and similar sites as needed.
Maintain and manage applicable RISO program security records for U-M and affected personnel, affiliates, and subcontractors in accordance with CUI and other agency security requirements.
Draft documents to include business process guidelines, standard operating procedures, compliance assessments, self-inspections, approval letters, agendas, and correspondences.
Draft and implement RISO management plans and policies.
Maintain and update RISO websites.
Complete online and in-person security training as needed.
Travel and attend security conferences, seminars, and meetings as needed.
NISPOM
Execute security officer duties and responsibilities in the National Industrial Security System (NISS), Defense Information System for Security (DISS), National Background Investigation Services (NBIS), Secure Web Fingerprint Transmission (SWFT), and similar sites as necessary.
Initiate, review, approve and maintain U-M employee security clearance applications and subsequent adjudications.
Facilitate initial, recurring, and annual security trainings, briefings, debriefings, and indoctrinations of affected U-M personnel.
Act as the U-M counterintelligence and threat analyst to identify potential security threats, brief U-M Key Management Personnel (KMP), assist in threat mitigation efforts, and serve as the U-M primary point of contact with Federal counterintelligence and threat analysts.
Inform and coordinate U-M NISPOM status with the Facility Clearance Executive Committee (FCL-EC), Senior Management Official (SMO), and KMP
Manage classified materials in accordance with the NISPOM and through coordination with Federal agencies.
Facilitate the U-M Insider Threat Program (ITP) and Working Group (ITPWG).
Administer U-M NISPOM visit authorizations and classified meeting requirements.
Manage the U-M NISPOM foreign travel program.
Maintain required documentation, participate in, and conduct annual NISPOM self-inspections and resolve findings.
Prepare for, participate in, and respond to annual security reviews.
Facilitate establishment and operation of NISPOM open storage areas and sensitive compartmented information facilities (SCIF) as needed and in accordance with Federal standards and requirements.
Facility Security Officer Training and Certification
The incumbent will complete Facility Security Officer (FSO) and Insider Threat training and certification and act as a liaison between the University and the government to ensure the University's employees understand and comply with government security requirements to handle classified information.
Have or qualify for and maintain U.S. classified security clearance.
Working knowledge and experience with information security policies, controls, and practices.
Ability to analyze, interpret and explain complex statutes, regulations, policies, and the terms and conditions of grants, cooperative agreements, contracts, and subcontracts.
Bachelor's degree or equivalent combination of education and experience.
Outstanding attention to detail and excellent organizational skills.
Demonstrated ability to navigate complex web-based systems.
Experience handling highly sensitive information with a demonstrated ability to use sound judgment and diplomacy.
Strong working knowledge of applications such as Microsoft Word, Excel, Power Point, Google workspace and Adobe Creative Suite.
Ability to make sound decisions and employ effective problem-solving techniques.
Excellent interpersonal skills, including strong active listening skills, highly developed emotional intelligence, ability to work well as a team member, and a positive attitude.
Ability to work independently, prioritize work and multitask in a time sensitive, high volume work environment.
A commitment to personal and professional integrity, and a strong sense of accountability.
Several years of previous administrative and management experience.
Three or more years of previous NISPOM and CUI management experience.
Experience with university research, research compliance or administration.
Advanced degree
Successful completion of federal FSO training
Familiarity with the Cybersecurity Maturity Model Certification (CMMC) program
The University of Michigan conducts background checks on all job candidates upon acceptance of a contingent offer and may use a third party administrator to conduct background checks. Background checks are performed in compliance with the Fair Credit Reporting Act.
The University of Michigan is an equal opportunity/affirmative action employer.
A great university is made so by its faculty and staff, and Michigan is recognized as one of the best universities to work for in the country. The Michigan culture is known for engaging faculty and staff in all facets of the university to create a workplace that is vibrant and stimulating.For two consecutive years, the Chronicle of Higher Education has placed U-M in its "Great Colleges to Work For" survey. In particular, the university earns high marks for strong relations between faculty and administrators, a collaborative system of governance, strong pay and benefits, and a healthy work/life balance.