Overview
On Site
Full Time
Skills
FLSA
Recruiting
Information Security
SAP GRC
IT Program Management
Higher Education
Science
NIST SP 800 Series
HIPAA
Collaboration
Research
Legal
Data Security
SIPRNet
Cloud Computing
Communication
Documentation
FOCUS
Regulatory Compliance
Reporting
Management
Job Details
Title: Research Information Security Compliance Program Manager
Agency: VP DIGITAL TRANSFORMATION & TECHNOLOGY
Location: Norfolk, VA
FLSA: Exempt
Hiring Range:
Full Time or Part Time: Full Time
Additional Detail
Job Description:
The chief objective of the Research Information Security Compliance Program Manager is to oversee and coordinate research IT compliance across the university and manage a research security program. This position ensures that all research IT environments-including those handling Controlled Unclassified Information (CUI), compliance with CMMC, SIPRNet/Classified Cloud/MUSA, HIPAA, and NIH data-meet federal, sponsor, and institutional standards. The Program Manager leads efforts to manage regulatory requirements such as NSPM-33, the CHIPS and Science Act, and NIH data security plans, working collaboratively with research, compliance, and IT teams to maintain a secure and compliant research IT landscape. Activities are aligned with university security policies and will also inform the broader University Information Security Office Governance, Risk, and Compliance (GRC) program and risk register.
Minimum Qualifications:
Considerable knowledge of IT compliance or research IT program management, preferably in higher education or regulated research environments.
Demonstrated expertise with federal and sponsor research compliance frameworks, including but not limited to NSPM-33, CHIPS and Science Act, CMMC (Levels 1 & 2), NIST SP 800-171/53, HIPAA, and NIH data security requirements.
Strong understanding of CUI, classified/unclassified hybrid environments, and the management of regulated data within research IT systems.
Proven ability to collaborate effectively across departments, including research administration, IT, compliance, legal, and academic units.
Experience reviewing and managing Data Use Agreements (DUAs), Data Security Plans (DSPs), and related documentation.
Familiarity with SIPRNet, classified cloud, MUSA, and requirements for secure operation and compliance.
Excellent organizational, communication, and documentation skills, with a focus on regulatory evidence, risk tracking, and compliance reporting.
Ability to manage multiple projects and competing priorities in a complex, regulated environment.
Additional Considerations:
Agency: VP DIGITAL TRANSFORMATION & TECHNOLOGY
Location: Norfolk, VA
FLSA: Exempt
Hiring Range:
Full Time or Part Time: Full Time
Additional Detail
Job Description:
The chief objective of the Research Information Security Compliance Program Manager is to oversee and coordinate research IT compliance across the university and manage a research security program. This position ensures that all research IT environments-including those handling Controlled Unclassified Information (CUI), compliance with CMMC, SIPRNet/Classified Cloud/MUSA, HIPAA, and NIH data-meet federal, sponsor, and institutional standards. The Program Manager leads efforts to manage regulatory requirements such as NSPM-33, the CHIPS and Science Act, and NIH data security plans, working collaboratively with research, compliance, and IT teams to maintain a secure and compliant research IT landscape. Activities are aligned with university security policies and will also inform the broader University Information Security Office Governance, Risk, and Compliance (GRC) program and risk register.
Minimum Qualifications:
Considerable knowledge of IT compliance or research IT program management, preferably in higher education or regulated research environments.
Demonstrated expertise with federal and sponsor research compliance frameworks, including but not limited to NSPM-33, CHIPS and Science Act, CMMC (Levels 1 & 2), NIST SP 800-171/53, HIPAA, and NIH data security requirements.
Strong understanding of CUI, classified/unclassified hybrid environments, and the management of regulated data within research IT systems.
Proven ability to collaborate effectively across departments, including research administration, IT, compliance, legal, and academic units.
Experience reviewing and managing Data Use Agreements (DUAs), Data Security Plans (DSPs), and related documentation.
Familiarity with SIPRNet, classified cloud, MUSA, and requirements for secure operation and compliance.
Excellent organizational, communication, and documentation skills, with a focus on regulatory evidence, risk tracking, and compliance reporting.
Ability to manage multiple projects and competing priorities in a complex, regulated environment.
Additional Considerations:
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.