Utah Staffing
Data Security Analyst
The Utah Data Coordinating Center (DCC) is seeking a Data Security Analyst to help lead identity and access management (IAM) efforts across the DCC's research infrastructure, with a strong emphasis on a national-level data repository. Reporting to the IT Director, this role is responsible for designing, implementing, and maintaining IAM policies and controls that protect sensitive clinical research systems and data. The analyst will manage account lifecycle workflows, monitor access logs, and ensure alignment with federal cybersecurity frameworks such as NIST SP 800-53. In addition to technical responsibilities, this position will support audit readiness, provide training on secure access practices, and contribute to maturing the DCC's overall security posture. This is an opportunity to take a central role in modernizing access management practices and shaping a forward-looking IAM strategy within a high-impact research environment. The University of Utah offers a comprehensive benefits package including: Excellent health care coverage at affordable rates 14.2% retirement contributions that vest immediately Generous paid leave time 11 paid holidays 50% tuition reduction for employee, spouse, and dependent children Flex spending accounts Free transit on most UTA services Employee discounts on a variety of products and services including cell phones & plans, entertainment, health and fitness, restaurants, retail, and travel Professional development opportunities Additional benefits information is available at www.hr.utah.edu/benefits. Work Environment and Level of Frequency Typically Required: Nearly continuously: Office environment Nearly continuously: Sitting, hearing, listening, talking Often: Repetitive hand motion (such as typing), walking Seldom: Bending, reaching overhead Responsibilities: Identity and Access Management Operations: Administer the full lifecycle of user accounts, including creation, modification, deactivation, and permission assignment. Implement and maintain IAM policies, roles, and access groups aligned with least-privilege and separation-of-duties principles. Configure and support multi-factor authentication (MFA) across systems and user groups. Compliance, Auditing and Monitoring: Monitor and audit access logs to detect anomalies or unauthorized access attempts. Conduct routine access reviews and role recertification campaigns. Support internal and external audits by maintaining documentation and evidence of access controls. Ensure IAM practices align with federal security frameworks such as NIST SP 800-53 and institutional policies. Security Risk Management: Conduct IAM-related risk assessments to identify and remediate access control vulnerabilities. Participate in incident response efforts related to identity misuse or authentication failures. Assist in enforcing data access standards for national or federated systems. Stakeholder Support and Training: Collaborate with IT, HR, research, and data management teams to implement IAM workflows that balance usability and security. Provide training and onboarding for end users and staff related to secure access practices and IAM policies. Contribute to IAM documentation and process guides for internal use and compliance. Continuous Improvement: Stay current with trends in IAM technologies, authentication protocols, and cloud-based access solutions. Evaluate and recommend tools to improve IAM scalability, automation, and monitoring capabilities. Asset Management Support: Support the IT asset management program by helping maintain accurate inventory of user-linked hardware and software assets. Assist with processes that connect device identity to user identity, ensuring alignment between account access and physical asset tracking. This responsibility complements identity and access management by reinforcing accountability, lifecycle oversight, and security posture across both digital and physical resources. Minimum Qualifications: Requires a bachelor's degree in area of specialty or equivalency (one year of education can be substituted for two years of related work experience) and 0-2 years of experience in the field or in a related area. Preferences: We will give preference to candidates with the following qualifications: Experience in Identity and Access Management (IAM): Proven track record managing user identities, access rights, and authentication systems in a complex IT environment. Experience working in environments governed by NIST SP 800-53, including designing, implementing, and managing IAM controls in alignment with federal security and compliance requirements. Experience with National or Federated Data Systems: Familiarity with managing access and security for large-scale, multi-institutional data repositories such as NEMSIS or similar national-level projects. Strong Knowledge of IAM Tools and Technologies: Hands-on experience with IAM platforms (e.g., Okta, AWS IAM Identity Center, Entra ID) and protocols (e.g., SAML, OAuth, LDAP, SCIM). Experience implementing and managing Multi-Factor Authentication (MFA): Demonstrated ability to deploy and support MFA solutions to enhance account security. Proficiency in Access Auditing and Compliance Monitoring: Experience conducting access reviews, analyzing logs, and ensuring compliance with standards such as HIPAA. Strong Communication and Collaboration Skills: Ability to work cross-functionally with IT, HR, and security teams, and to provide training and support to end users on IAM policies and tools. Applicants will be screened according to preferences. Type: Benefited Staff Special Instructions Summary: This position may require the successful completion of a criminal background check and/or drug screen. The University of Utah values candidates who have experience working in settings with students and patients from all backgrounds and possess a strong commitment to improving access to higher education and quality healthcare for historically underrepresented students and patients. All qualified individuals are strongly encouraged to apply. Veterans' preference is extended to qualified applicants, upon request and consistent with University policy and Utah state law. Upon request, reasonable accommodations in the application process will be provided to individuals with disabilities. The University of Utah is an Affirmative Action/Equal Opportunity employer and does not discriminate based upon race, ethnicity, color, religion, national origin, age, disability, sex, sexual orientation, gender, gender identity, gender expression, pregnancy, pregnancy-related conditions, genetic information, or protected veteran's status.
The Utah Data Coordinating Center (DCC) is seeking a Data Security Analyst to help lead identity and access management (IAM) efforts across the DCC's research infrastructure, with a strong emphasis on a national-level data repository. Reporting to the IT Director, this role is responsible for designing, implementing, and maintaining IAM policies and controls that protect sensitive clinical research systems and data. The analyst will manage account lifecycle workflows, monitor access logs, and ensure alignment with federal cybersecurity frameworks such as NIST SP 800-53. In addition to technical responsibilities, this position will support audit readiness, provide training on secure access practices, and contribute to maturing the DCC's overall security posture. This is an opportunity to take a central role in modernizing access management practices and shaping a forward-looking IAM strategy within a high-impact research environment. The University of Utah offers a comprehensive benefits package including: Excellent health care coverage at affordable rates 14.2% retirement contributions that vest immediately Generous paid leave time 11 paid holidays 50% tuition reduction for employee, spouse, and dependent children Flex spending accounts Free transit on most UTA services Employee discounts on a variety of products and services including cell phones & plans, entertainment, health and fitness, restaurants, retail, and travel Professional development opportunities Additional benefits information is available at www.hr.utah.edu/benefits. Work Environment and Level of Frequency Typically Required: Nearly continuously: Office environment Nearly continuously: Sitting, hearing, listening, talking Often: Repetitive hand motion (such as typing), walking Seldom: Bending, reaching overhead Responsibilities: Identity and Access Management Operations: Administer the full lifecycle of user accounts, including creation, modification, deactivation, and permission assignment. Implement and maintain IAM policies, roles, and access groups aligned with least-privilege and separation-of-duties principles. Configure and support multi-factor authentication (MFA) across systems and user groups. Compliance, Auditing and Monitoring: Monitor and audit access logs to detect anomalies or unauthorized access attempts. Conduct routine access reviews and role recertification campaigns. Support internal and external audits by maintaining documentation and evidence of access controls. Ensure IAM practices align with federal security frameworks such as NIST SP 800-53 and institutional policies. Security Risk Management: Conduct IAM-related risk assessments to identify and remediate access control vulnerabilities. Participate in incident response efforts related to identity misuse or authentication failures. Assist in enforcing data access standards for national or federated systems. Stakeholder Support and Training: Collaborate with IT, HR, research, and data management teams to implement IAM workflows that balance usability and security. Provide training and onboarding for end users and staff related to secure access practices and IAM policies. Contribute to IAM documentation and process guides for internal use and compliance. Continuous Improvement: Stay current with trends in IAM technologies, authentication protocols, and cloud-based access solutions. Evaluate and recommend tools to improve IAM scalability, automation, and monitoring capabilities. Asset Management Support: Support the IT asset management program by helping maintain accurate inventory of user-linked hardware and software assets. Assist with processes that connect device identity to user identity, ensuring alignment between account access and physical asset tracking. This responsibility complements identity and access management by reinforcing accountability, lifecycle oversight, and security posture across both digital and physical resources. Minimum Qualifications: Requires a bachelor's degree in area of specialty or equivalency (one year of education can be substituted for two years of related work experience) and 0-2 years of experience in the field or in a related area. Preferences: We will give preference to candidates with the following qualifications: Experience in Identity and Access Management (IAM): Proven track record managing user identities, access rights, and authentication systems in a complex IT environment. Experience working in environments governed by NIST SP 800-53, including designing, implementing, and managing IAM controls in alignment with federal security and compliance requirements. Experience with National or Federated Data Systems: Familiarity with managing access and security for large-scale, multi-institutional data repositories such as NEMSIS or similar national-level projects. Strong Knowledge of IAM Tools and Technologies: Hands-on experience with IAM platforms (e.g., Okta, AWS IAM Identity Center, Entra ID) and protocols (e.g., SAML, OAuth, LDAP, SCIM). Experience implementing and managing Multi-Factor Authentication (MFA): Demonstrated ability to deploy and support MFA solutions to enhance account security. Proficiency in Access Auditing and Compliance Monitoring: Experience conducting access reviews, analyzing logs, and ensuring compliance with standards such as HIPAA. Strong Communication and Collaboration Skills: Ability to work cross-functionally with IT, HR, and security teams, and to provide training and support to end users on IAM policies and tools. Applicants will be screened according to preferences. Type: Benefited Staff Special Instructions Summary: This position may require the successful completion of a criminal background check and/or drug screen. The University of Utah values candidates who have experience working in settings with students and patients from all backgrounds and possess a strong commitment to improving access to higher education and quality healthcare for historically underrepresented students and patients. All qualified individuals are strongly encouraged to apply. Veterans' preference is extended to qualified applicants, upon request and consistent with University policy and Utah state law. Upon request, reasonable accommodations in the application process will be provided to individuals with disabilities. The University of Utah is an Affirmative Action/Equal Opportunity employer and does not discriminate based upon race, ethnicity, color, religion, national origin, age, disability, sex, sexual orientation, gender, gender identity, gender expression, pregnancy, pregnancy-related conditions, genetic information, or protected veteran's status.