Director, Global Risk & Security - 24556BR
Director, Global Risk & Security
Director, Global Risk & Security
Department:
Global Operations
Location/Division:
University of Kansas Lawrence Campus
Work Location Assignment:
On-Site
Reg/Temp:
Regular
Employee Class:
U-Unclassified Professional Staff
Position Overview
The University of Kansas (KU) is the state’s flagship university, an R1 institution and member of the prestigious Association of American Universities (AAU). KU has five campuses including the Lawrence campus, the Edwards Campus in Overland Park, and an Academic Medical Center with branches in Kansas City, Wichita, and Salina. As a distinguished R1 research university, KU offers world-class research programs that advance the health sciences and attract national recognition.
Reporting to the Vice Chancellor for Audit, Risk & Compliance, the Director of Global Risk & Security provides strategic risk identification and assessment to prevent, reduce, or mitigate security and safety risks to university personnel, programs, physical and data assets, and other intellectual property. Specific focus for the position includes security, foreign influence, international travel, and insider threat risks associated with university domestic and international collaboration; sensitive research; and intellectual property protection. The director works collaboratively across the university and its affiliated entities to support the university’s operations while ensuring security standards and programs meet or exceed institutional and regulatory expectations. The incumbent will serve as a central resource and advisor to the chancellor, general counsel, chief risk officer, vice chancellors for research, and other senior leadership concerning security, investigations, and interpreting threat and risk information potentially impacting the university. They will work closely with the university’s empowered official(s) to develop and implement programs to ensure compliance with required protocols, regulations, and laws, including federally-mandated agency program requirements. And they will serve as university’s Insider Threat Program Senior Official (ITPSO) and the primary liaison official with federal law enforcement and security organizations on matters related to national security and export control.
Reporting to the Vice Chancellor for Audit, Risk & Compliance, the Director of Global Risk & Security provides strategic risk identification and assessment to prevent, reduce, or mitigate security and safety risks to university personnel, programs, physical and data assets, and other intellectual property. Specific focus for the position includes security, foreign influence, international travel, and insider threat risks associated with university domestic and international collaboration; sensitive research; and intellectual property protection. The director works collaboratively across the university and its affiliated entities to support the university’s operations while ensuring security standards and programs meet or exceed institutional and regulatory expectations. The incumbent will serve as a central resource and advisor to the chancellor, general counsel, chief risk officer, vice chancellors for research, and other senior leadership concerning security, investigations, and interpreting threat and risk information potentially impacting the university. They will work closely with the university’s empowered official(s) to develop and implement programs to ensure compliance with required protocols, regulations, and laws, including federally-mandated agency program requirements. And they will serve as university’s Insider Threat Program Senior Official (ITPSO) and the primary liaison official with federal law enforcement and security organizations on matters related to national security and export control.
Job Description
50% Global Risk Management & Security
- With the KU Lawrence Campus and KU Medical Center vice chancellors for research, provides leadership in KU’s efforts to address the certification requirement for research security programs in the Implementation Guidance for NSPM-33.
- Working together with the university’s offices of research, international affairs, compliance, and general counsel, facilitates international research and scholarly
- collaborations and activities in compliance with applicable laws, regulations, policies, and guidance (e.g. NSPM-33).
- Facilitates development and execution of comprehensive security plans to ensure classified, export control, insider threat, and controlled unclassified information is afforded proper protection per applicable government standards.
- Supervises the university’s export compliance officer and analyst positions responsible for export control oversight, including the development of training, education and assessment tools, and the implementation of policies and procedures to promote the university’s ongoing compliance with export control laws.
- Works with key risk management, compliance, and security-related functions across the university and its affiliated entities, including IT, information security, public safety, and facilities, to help ensure effective and consistent application of threat and risk assessment approaches for safety and security-related risks.
- Works with the university’s chief compliance officer and chief audit executive to help ensure the effectiveness of compliance programs supporting research security efforts and to assess ‘red flags’ identified in the course of restricted party screening activities.
- Works with HR professionals on all campuses to integrate compliance activities within business processes and to help manage complex employment activities.
- Provides senior leadership, administrators, faculty, staff, and students with guidance and interpretation of regulations, policies, and advisories concerning research security, export controls, and high-risk travel.
- Primary liaison officer with local, state, and federal governmental agencies concerning national security and export control matters.
- Maintains high standards of personal and professional ethics as well as effective working relationships with university administrators and operating personnel. Maintain confidentiality of security matters.
- Serves as the assigned Insider Threat Program Senior Official (ITPSO) for the KU and KUCR NISP in accordance with the NISPOM. Implements and monitors the insider threat program. Responds to and investigates program security infractions and violations. Reports security infractions and violations to the university executive security committee, other appropriate university officials, and government agencies.
- Works with the assigned Facility Security Officer (FSO) for the university in administration of the KU Center for Research’s National Industrial Security Program (NISP). Helps ensure compliance with all National Industrial Security Program Operating Manual (NISPOM), Intelligence Community Directive (ICD) and other counterintelligence (CI) & physical security requirements.
- Receives and maintains necessary clearances and training as required for ITPSO designation.
- Assists in the design of new or existing facilities to ensure the proper security equipment and protocols are included to support KU’s compliance with various state and federal requirements.
- Provides security training and recommendations to contractors and KU personnel to reduce risks that can negatively affect new or existing initiatives.
- Develops and executes technology control operational security plans designed to reduce risks to new or existing initiatives.
- Provides security and investigative support to detect, deter, and reduce risks on complex activities executed by OARC.
- Provides subject matter expertise training and presentations to other universities, state, and federal agencies.
- Participates and demonstrates leadership on security organizations designed to reduce risks to the academic community.
- Other duties as assigned.
Position Requirements
Travel: Less than 25%, in-state—primarily between KU Medical Center and Lawrence campuses
Key Competencies:
Key Competencies:
- Technical Competency: subject-matter expertise in security management and compliance, specifically as it relates to the management of the National Industrial Security Program. Strong understanding of EAR, ITAR and OFAC sanctions and regulations and their applicability to the higher education industry. Involvement in industry and professional associations. Ability to represent the Office of Audit, Risk & Compliance in multiple institutional situations.
- Risk-identification: the ability to identify and assess security risks to university personnel, physical and data assets, and intellectual property while navigating a decentralized control environment. Strong critical thinking and analytical skills to solve problems.
- Leadership Presence and Credibility: the ability to hold the room with senior leaders. Willingness to engage on difficult issues and hold other leaders accountable with transparency and fairness.
- Action Oriented: the ability and desire to act quickly to resolve issues and develop solutions.
- Communication: effective communication skills with internal clients, team members, peers, senior leaders, and government officials.
- Customer and Personal Service: dedication to providing high service levels to internal and external campus stakeholders.
- Utilizing Technology: understanding and expertise with the role technology plays in security management and compliance activities.
- Law and Government: knowledge of laws and the regulatory environment that influence higher education and KU.
- Management: the ability to manage individuals with differing backgrounds and experience with a passion for developing talent and fostering opportunity and growth and in a workplace culture that is inclusive and equitable.
Required Qualifications
- Master’s degree and five (5) years of experience related to research security or national security within a university, government agency, or similarly complex entity; OR bachelor’s degree and seven (7) years of related experience.
- Five (5) years of progressive leadership responsibility and supervisory experience.
- Experience investigating and analyzing threat information and developing comprehensive information security plans.
- Knowledge of government and contract research security policies, procedures, regulations, and legislation as evidenced by application material.
- U.S. citizenship and active TS/SCI security clearance secured within the first six months of hire.
Preferred Qualifications
- Experience as an Insider Threat Program Senior Official (ITPSO), Corporate Facility Security Officer (CFSO), or similar role performing classified leadership, vision strategy for a large government or government-associated agency, non-government organization, or research university.
- Demonstrated knowledge of the particular risk considerations of a large sponsored-research enterprise.
- Effective interpersonal skills and ability to build relationships and foster trust with a diverse range of stakeholders, including university leadership, faculty, staff, and scholars.
- Demonstrated ability to work independently or in a team setting, with diverse individuals.
- Effective verbal and written communication as evidence by application material and interview process.
Additional Candidate Instructions
In addition to the online application, the following documents are required to be considered for this position:
Application review begins Monday, March 27, 2023. For consideration apply no later than Friday, April 7, 2023.
- A cover letter addressing how required and preferred qualifications are met.
- Resume or curriculum vitae.
- Contact information for three professional references.
Application review begins Monday, March 27, 2023. For consideration apply no later than Friday, April 7, 2023.
Contact Information to Applicants
Advertised Salary Range
Starting at $150,000
Work Schedule
8:00 am to 5:00 pm, Mon-Fri
Application Review Begins
27-Mar-2023
Anticipated Start Date
01-May-2023