Principal Research Security Architect

University of Kentucky

Equal Employment Opportunity/M/F/disability/protected veteran status.

• Job Title: Principal Research Security Architect
• Requisition Number: RE53295
• Working Title: Associate Director of Research Cyber Technology & Compliance
• Department Name: 40135:
  
  SECURE
• Work Location: Lexington, KY
• Grade Level: 51
• Salary Range: $93,/year
• Type of Position: Staff
• Position Time Status: Full-Time
• Required
  
  Education:
  
  MA
• Required Related
  
  Experience:
  
  10 yrs
• Required License/Registration/Certification: CISSP, CISM, CMMC Registered Practitioner (RP), or CRISC
• Physical Requirements: Sitting at computer for long periods of time, and repetitive motions.
• Shift: Monday-Friday; 8:00 a.m.
  
  - 5:00 p.m.
• Final date to receive applications: 03/17/2026

The University of Kentucky is establishing a new position to safeguard its expanding research computing infrastructure. As our research programs grow in scale and complexity, so do the regulatory demands surrounding our infrastructure. The Associate Director of Research Cyber Technology & Compliance will provide strategic leadership at the intersection of advanced data architecture, regulatory compliance, and cybersecurity. This role will lead the design of secure infrastructures for sensitive data, ranging from HIPAA‑regulated medical datasets to DOD data while ensuring strict adherence to federal standards including NIST 800‑171, NIST 800‑053, CMMC, and export controls.

• Audit & Framework Expertise: Demonstrated success in leading organizations through rigorous external audits, such as NYSE requirements, SOX, SOC 1 & 2, or extensive federal assessments.
• Academic & Medical Insight: Significant prior experience working within a university system, specifically with oversight of healthcare/medical data compliance (HIPAA) and academic security architecture.
• Enterprise Architecture: A strong background in security architecture (with a track record of designing and implementing complex enterprise projects—100+ projects preferred).
• Hybrid Compliance Fluency: The ability to navigate the nuance between NIST 800‑171/CMMC (defense research) and HIPAA (medical research).
• Multi-stakeholder Leadership: The ability to operate and interact with faculty and information systems, understanding the distinct cultures of both.

Does this position have supervisory responsibilities? Yes

Preferred Education/

Experience:

10+ years of experience in IT security, compliance, or research technology leadership.

We value the well‑being of each of our employees and are dedicated to creating a healthy place for everyone to work, learn and live. In the interest of maintaining a safe and healthy environment for our students, employees, patients and visitors, the University of Kentucky is a Tobacco & Drug Free campus. The University follows both the federal and state Constitutions as well as all applicable federal and state laws on nondiscrimination.

The University provides equal opportunities for qualified persons in all aspects of institutional operations and does not discriminate on the basis of race, color, national origin, ethnic origin, religion, creed, age, physical or mental disability, veteran status, uniformed service, political belief, sex, sexual orientation, gender identity, gender expression, pregnancy, marital status, genetic information or social or economic status. Any candidate offered a position may be required to pass pre‑employment screenings as mandated by University of Kentucky Human Resources.

These screenings may include a national background check and/or drug screen.

Required Documents:

Optional Documents:

Equal employment opportunity, including veterans and individuals with disabilities.

PI