Data Security Analyst

Announcement

Details

Open Date
07/22/2025

Requisition Number
PRN42625B

Job Title
Data Security Analyst

Working Title
Data Security Analyst/Tech Support

Job Grade
F

FLSA Code
Computer Employee

Patient Sensitive Job Code?
No

Standard Hours per Week
40

Full Time or Part Time?
Full Time

Shift
Day

Work Schedule Summary

Monday-Friday; 8:30 am - 5:00 pm

VP Area
U of U Health - Academics

Department
02228 - Data Coordinating Center

Location
Campus

City
Salt Lake City, UT

Type of Recruitment
External Posting

Pay Rate Range
47600 to 84249

Close Date
10/22/2025

Priority Review Date (Note - Posting may close at any time)

Job Summary

The Utah Data Coordinating Center (DCC) is seeking a Data Security Analyst to help lead identity and access management (IAM) efforts across the DCC's research infrastructure, with a strong emphasis on a national-level data repository. Reporting to the IT Director, this role is responsible for designing, implementing, and maintaining IAM policies and controls that protect sensitive clinical research systems and data. The analyst will manage account lifecycle workflows, monitor access logs, and ensure alignment with federal cybersecurity frameworks such as NIST SP 800-53. In addition to technical responsibilities, this position will support audit readiness, provide training on secure access practices, and contribute to maturing the DCC's overall security posture. This is an opportunity to take a central role in modernizing access management practices and shaping a forward-looking IAM strategy within a high-impact research environment.

The University of Utah offers a comprehensive benefits package including:

• Excellent health care coverage at affordable rates
• 14.2% retirement contributions that vest immediately
• Generous paid leave time
• 11 paid Holidays
• 50% tuition reduction for employee, spouse, and dependent children
• Flex spending accounts
• Free transit on most UTA services
• Employee discounts on a variety of products and services including cell phones & plans, entertainment, health and fitness, restaurants, retail, and travel
• Professional development opportunities

Additional benefits information is available at ;/strong>

Work Environment and Level of Frequency typically required
Nearly Continuously: Office environment.
Physical Requirements and Level of Frequency that may be required
Nearly Continuously: Sitting, hearing, listening, talking.
Often: Repetitive hand motion (such as typing), walking.
Seldom: Bending, reaching overhead.

Responsibilities

As a Data Security Analyst, your responsibilities will include:

Identity and Access Management Operations

• Administer the full lifecycle of user accounts, including creation, modification, deactivation, and permission assignment.
• Implement and maintain IAM policies, roles, and access groups aligned with least-privilege and separation-of-duties principles.
• Configure and support multi-factor authentication (MFA) across systems and user groups.

Compliance, Auditing and Monitoring

• Monitor and audit access logs to detect anomalies or unauthorized access attempts.
• Conduct routine access reviews and role recertification campaigns.
• Support internal and external audits by maintaining documentation and evidence of access controls.
• Ensure IAM practices align with federal security frameworks such as NIST SP 800-53 and institutional policies.

Security Risk Management

• Conduct IAM-related risk assessments to identify and remediate access control vulnerabilities.
• Participate in incident response efforts related to identity misuse or authentication failures.
• Assist in enforcing data access standards for national or federated systems.

Stakeholder Support and Training

• Collaborate with IT, HR, research, and data management teams to implement IAM workflows that balance usability and security.
• Provide training and onboarding for end users and staff related to secure access practices and IAM policies.
• Contribute to IAM documentation and process guides for internal use and compliance.

Continuous Improvement

• Stay current with trends in IAM technologies, authentication protocols, and cloud-based access solutions.
• Evaluate and recommend tools to improve IAM scalability, automation, and monitoring capabilities.

Asset Management Support

• Support the IT asset management program by helping maintain accurate inventory of user-linked hardware and software assets.
• Assist with processes that connect device identity to user identity, ensuring alignment between account access and physical asset tracking.
• This responsibility complements identity and access management by reinforcing accountability, lifecycle oversight, and security posture across both digital and physical resources.

This job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to the job.

Minimum Qualifications

Requires a bachelor's degree in area of specialty or equivalency (one year of education can be substituted for two years of related work experience) and 0-2 years of experience in the field or in a related area.

Applicants must demonstrate the potential ability to perform the essential functions of the job as outlined in the position description.

Preferences

We will give preference to candidates with the following qualifications:

• Experience in Identity and Access Management (IAM): Proven track record managing user identities, access rights, and authentication systems in a complex IT environment.
• Experience working in environments governed by NIST SP 800-53, including designing, implementing, and managing IAM controls in alignment with federal security and compliance requirements.
• Experience with National or Federated Data Systems: Familiarity with managing access and security for large-scale, multi-institutional data repositories such as NEMSIS or similar national-level projects.
• Strong Knowledge of IAM Tools and Technologies: Hands-on experience with IAM platforms (e.g., Okta, AWS IAM Identity Center, Entra ID) and protocols (e.g., SAML, OAuth, LDAP, SCIM)
• Experience implementing and managing Multi-Factor Authentication (MFA): Demonstrated ability to deploy and support MFA solutions to enhance account security.
• Proficiency in Access Auditing and Compliance Monitoring: Experience conducting access reviews, analyzing logs, and ensuring compliance with standards such as HIPAA.
• Strong Communication and Collaboration Skills: Ability to work cross-functionally with IT, HR, and security teams, and to provide training and support to end users on IAM policies and tools.

Applicants will be screened according to preferences.

Type
Benefited Staff

Special Instructions Summary

Additional Information

The University is a participating employer with Utah Retirement Systems ("URS"). Eligible new hires with prior URS service, may elect to enroll in URS if they make the election before they become eligible for retirement (usually the first day of work). Contact Human Resources at for information. Individuals who previously retired and are receiving monthly retirement benefits from URS are subject to URS' post-retirement rules and restrictions. Please contact Utah Retirement Systems at or or University Human Resource Management at if you have questions regarding the post-retirement rules.
This position may require the successful completion of a criminal background check and/or drug screen.

The University of Utah values candidates who have experience working in settings with students and patients from all backgrounds and possess a strong commitment to improving access to higher education and quality healthcare for historically underrepresented students and patients.

All qualified individuals are strongly encouraged to apply. Veterans' preference is extended to qualified applicants, upon request and consistent with University policy and Utah state law. Upon request, reasonable accommodations in the application process will be provided to individuals with disabilities.
The University of Utah is an Affirmative Action/Equal Opportunity employer and does not discriminate based upon race, ethnicity, color, religion, national origin, age, disability, sex, sexual orientation, gender, gender identity, gender expression, pregnancy, pregnancy-related conditions, genetic information, or protected veteran's status. The University does not discriminate on the basis of sex in the education program or activity that it operates, as required by Title IX and 34 CFR part 106. The requirement not to discriminate in education programs or activities extends to admission and employment. Inquiries about the application of Title IX and its regulations may be referred to the Title IX Coordinator, to the Department of Education, Office for Civil Rights, or both.
To request a reasonable accommodation for a disability or if you or someone you know has experienced discrimination or sexual misconduct including sexual harassment, you may contact the Director/Title IX Coordinator in the Office of Equal Opportunity and Affirmative Action (OEO/AA). More information, including the Director/Title IX Coordinator's office address, electronic mail address, and telephone number can be located at: ;br>Online reports may be submitted at oeo.utah.edu

This report includes statistics about criminal offenses, hate crimes, arrests and referrals for disciplinary action, and Violence Against Women Act offenses. They also provide information about safety and security-related services offered by the University of Utah. A paper copy can be obtained by request at the Department of Public Safety located at 1658 East 500 South.